diff --git a/po/bg.po b/po/bg.po index 6258aa252c3..ae331a30437 100644 --- a/po/bg.po +++ b/po/bg.po @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2017-10-20 16:16+0200\n" +"POT-Creation-Date: 2018-03-09 12:31+0100\n" "PO-Revision-Date: 2014-12-14 11:44-0500\n" "Last-Translator: Copied by Zanata \n" "Language-Team: Bulgarian (http://www.transifex.com/projects/p/sssd/language/" @@ -497,12 +497,12 @@ msgid "Whether to automatically update the client's DNS entry" msgstr "" #: src/config/SSSDConfig/__init__.py.in:184 -#: src/config/SSSDConfig/__init__.py.in:205 +#: src/config/SSSDConfig/__init__.py.in:206 msgid "The TTL to apply to the client's DNS entry after updating it" msgstr "" #: src/config/SSSDConfig/__init__.py.in:185 -#: src/config/SSSDConfig/__init__.py.in:206 +#: src/config/SSSDConfig/__init__.py.in:207 msgid "The interface whose IP should be used for dynamic DNS updates" msgstr "Интерфейсът, чийто IP да се ползва за динамични DNS обновявания" @@ -546,1114 +546,1128 @@ msgstr "" msgid "How long can cached credentials be used for cached authentication" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:200 +#: src/config/SSSDConfig/__init__.py.in:198 +#, fuzzy +msgid "Whether to automatically create private groups for users" +msgstr "Дали автоматично да се обновява клиентския DNS запис във FreeIPA" + +#: src/config/SSSDConfig/__init__.py.in:201 msgid "IPA domain" msgstr "IPA домейн" -#: src/config/SSSDConfig/__init__.py.in:201 +#: src/config/SSSDConfig/__init__.py.in:202 msgid "IPA server address" msgstr "Адрес на IPA сървър" -#: src/config/SSSDConfig/__init__.py.in:202 +#: src/config/SSSDConfig/__init__.py.in:203 msgid "Address of backup IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:203 +#: src/config/SSSDConfig/__init__.py.in:204 msgid "IPA client hostname" msgstr "Име на хост на IPA клиент" -#: src/config/SSSDConfig/__init__.py.in:204 +#: src/config/SSSDConfig/__init__.py.in:205 msgid "Whether to automatically update the client's DNS entry in FreeIPA" msgstr "Дали автоматично да се обновява клиентския DNS запис във FreeIPA" -#: src/config/SSSDConfig/__init__.py.in:207 +#: src/config/SSSDConfig/__init__.py.in:208 msgid "Search base for HBAC related objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:208 +#: src/config/SSSDConfig/__init__.py.in:209 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:209 +#: src/config/SSSDConfig/__init__.py.in:210 msgid "" "The amount of time in seconds between lookups of the SELinux maps against " "the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:210 +#: src/config/SSSDConfig/__init__.py.in:211 msgid "If set to false, host argument given by PAM will be ignored" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:211 +#: src/config/SSSDConfig/__init__.py.in:212 msgid "The automounter location this IPA client is using" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:212 +#: src/config/SSSDConfig/__init__.py.in:213 msgid "Search base for object containing info about IPA domain" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:213 +#: src/config/SSSDConfig/__init__.py.in:214 msgid "Search base for objects containing info about ID ranges" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:214 -#: src/config/SSSDConfig/__init__.py.in:232 +#: src/config/SSSDConfig/__init__.py.in:215 +#: src/config/SSSDConfig/__init__.py.in:233 msgid "Enable DNS sites - location based service discovery" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:215 +#: src/config/SSSDConfig/__init__.py.in:216 msgid "Search base for view containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:216 +#: src/config/SSSDConfig/__init__.py.in:217 msgid "Objectclass for view containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:217 +#: src/config/SSSDConfig/__init__.py.in:218 msgid "Attribute with the name of the view" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:218 +#: src/config/SSSDConfig/__init__.py.in:219 msgid "Objectclass for override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:219 +#: src/config/SSSDConfig/__init__.py.in:220 msgid "Attribute with the reference to the original object" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:220 +#: src/config/SSSDConfig/__init__.py.in:221 msgid "Objectclass for user override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:221 +#: src/config/SSSDConfig/__init__.py.in:222 msgid "Objectclass for group override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:222 +#: src/config/SSSDConfig/__init__.py.in:223 msgid "Search base for Desktop Profile related objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:223 +#: src/config/SSSDConfig/__init__.py.in:224 msgid "" "The amount of time in seconds between lookups of the Desktop Profile rules " "against the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:224 +#: src/config/SSSDConfig/__init__.py.in:225 msgid "" "The amount of time in minutes between lookups of Desktop Profiles rules " "against the IPA server when the last request did not find any rule" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:227 +#: src/config/SSSDConfig/__init__.py.in:228 msgid "Active Directory domain" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:228 +#: src/config/SSSDConfig/__init__.py.in:229 msgid "Enabled Active Directory domains" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:229 +#: src/config/SSSDConfig/__init__.py.in:230 msgid "Active Directory server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:230 +#: src/config/SSSDConfig/__init__.py.in:231 msgid "Active Directory backup server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:231 +#: src/config/SSSDConfig/__init__.py.in:232 msgid "Active Directory client hostname" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:233 -#: src/config/SSSDConfig/__init__.py.in:419 +#: src/config/SSSDConfig/__init__.py.in:234 +#: src/config/SSSDConfig/__init__.py.in:420 msgid "LDAP filter to determine access privileges" msgstr "LDAP филтър за определяне права на достъп" -#: src/config/SSSDConfig/__init__.py.in:234 +#: src/config/SSSDConfig/__init__.py.in:235 msgid "Whether to use the Global Catalog for lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:235 +#: src/config/SSSDConfig/__init__.py.in:236 msgid "Operation mode for GPO-based access control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:236 +#: src/config/SSSDConfig/__init__.py.in:237 msgid "" "The amount of time between lookups of the GPO policy files against the AD " "server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:237 +#: src/config/SSSDConfig/__init__.py.in:238 msgid "" "PAM service names that map to the GPO (Deny)InteractiveLogonRight policy " "settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:238 +#: src/config/SSSDConfig/__init__.py.in:239 msgid "" "PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight " "policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:239 +#: src/config/SSSDConfig/__init__.py.in:240 msgid "" "PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:240 +#: src/config/SSSDConfig/__init__.py.in:241 msgid "" "PAM service names that map to the GPO (Deny)BatchLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:241 +#: src/config/SSSDConfig/__init__.py.in:242 msgid "" "PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:242 +#: src/config/SSSDConfig/__init__.py.in:243 msgid "PAM service names for which GPO-based access is always granted" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:243 +#: src/config/SSSDConfig/__init__.py.in:244 msgid "PAM service names for which GPO-based access is always denied" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:244 +#: src/config/SSSDConfig/__init__.py.in:245 msgid "" "Default logon right (or permit/deny) to use for unmapped PAM service names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:245 +#: src/config/SSSDConfig/__init__.py.in:246 msgid "a particular site to be used by the client" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:246 +#: src/config/SSSDConfig/__init__.py.in:247 msgid "" "Maximum age in days before the machine account password should be renewed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:247 +#: src/config/SSSDConfig/__init__.py.in:248 msgid "Option for tuning the machine account renewal task" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:250 #: src/config/SSSDConfig/__init__.py.in:251 +#: src/config/SSSDConfig/__init__.py.in:252 msgid "Kerberos server address" msgstr "Адрес на Kerberos сървър" -#: src/config/SSSDConfig/__init__.py.in:252 +#: src/config/SSSDConfig/__init__.py.in:253 msgid "Kerberos backup server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:253 +#: src/config/SSSDConfig/__init__.py.in:254 msgid "Kerberos realm" msgstr "Kerberos област" -#: src/config/SSSDConfig/__init__.py.in:254 +#: src/config/SSSDConfig/__init__.py.in:255 msgid "Authentication timeout" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:255 +#: src/config/SSSDConfig/__init__.py.in:256 msgid "Whether to create kdcinfo files" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:256 +#: src/config/SSSDConfig/__init__.py.in:257 msgid "Where to drop krb5 config snippets" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:259 +#: src/config/SSSDConfig/__init__.py.in:260 msgid "Directory to store credential caches" msgstr "Директория за съхранение на кеша за данни за удостоверяване" -#: src/config/SSSDConfig/__init__.py.in:260 +#: src/config/SSSDConfig/__init__.py.in:261 msgid "Location of the user's credential cache" msgstr "Местоположение на кеша за данни за удостоверяване на потребители" -#: src/config/SSSDConfig/__init__.py.in:261 +#: src/config/SSSDConfig/__init__.py.in:262 msgid "Location of the keytab to validate credentials" msgstr "Местоположение на keytab за валидиране на данните за удостоверяване" -#: src/config/SSSDConfig/__init__.py.in:262 +#: src/config/SSSDConfig/__init__.py.in:263 msgid "Enable credential validation" msgstr "Разреши проверката на данните за удостоверяване" -#: src/config/SSSDConfig/__init__.py.in:263 +#: src/config/SSSDConfig/__init__.py.in:264 msgid "Store password if offline for later online authentication" msgstr "Записва паролата ако е офлайн за по-късно удостоверяване" -#: src/config/SSSDConfig/__init__.py.in:264 +#: src/config/SSSDConfig/__init__.py.in:265 msgid "Renewable lifetime of the TGT" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:265 +#: src/config/SSSDConfig/__init__.py.in:266 msgid "Lifetime of the TGT" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:266 +#: src/config/SSSDConfig/__init__.py.in:267 msgid "Time between two checks for renewal" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:267 +#: src/config/SSSDConfig/__init__.py.in:268 msgid "Enables FAST" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:268 +#: src/config/SSSDConfig/__init__.py.in:269 msgid "Selects the principal to use for FAST" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:269 +#: src/config/SSSDConfig/__init__.py.in:270 msgid "Enables principal canonicalization" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:270 +#: src/config/SSSDConfig/__init__.py.in:271 msgid "Enables enterprise principals" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:271 -msgid "A mapping from user names to kerberos principal names" +#: src/config/SSSDConfig/__init__.py.in:272 +msgid "A mapping from user names to Kerberos principal names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:274 #: src/config/SSSDConfig/__init__.py.in:275 +#: src/config/SSSDConfig/__init__.py.in:276 msgid "Server where the change password service is running if not on the KDC" msgstr "Сървърът, на който работи услугата за смяна на парола ако не е на KDC" -#: src/config/SSSDConfig/__init__.py.in:278 +#: src/config/SSSDConfig/__init__.py.in:279 msgid "ldap_uri, The URI of the LDAP server" msgstr "ldap_uri, URI на LDAP сървъра" -#: src/config/SSSDConfig/__init__.py.in:279 +#: src/config/SSSDConfig/__init__.py.in:280 msgid "ldap_backup_uri, The URI of the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:280 +#: src/config/SSSDConfig/__init__.py.in:281 msgid "The default base DN" msgstr "Базовият DN по подразбиране" -#: src/config/SSSDConfig/__init__.py.in:281 +#: src/config/SSSDConfig/__init__.py.in:282 msgid "The Schema Type in use on the LDAP server, rfc2307" msgstr "Използваният тип схема на LDAP сървъра, rfc2307" -#: src/config/SSSDConfig/__init__.py.in:282 +#: src/config/SSSDConfig/__init__.py.in:283 msgid "The default bind DN" msgstr "Подразбиращият се bind DN" -#: src/config/SSSDConfig/__init__.py.in:283 +#: src/config/SSSDConfig/__init__.py.in:284 msgid "The type of the authentication token of the default bind DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:284 +#: src/config/SSSDConfig/__init__.py.in:285 msgid "The authentication token of the default bind DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:285 +#: src/config/SSSDConfig/__init__.py.in:286 msgid "Length of time to attempt connection" msgstr "Продължителност на опитите за свързване" -#: src/config/SSSDConfig/__init__.py.in:286 +#: src/config/SSSDConfig/__init__.py.in:287 msgid "Length of time to attempt synchronous LDAP operations" msgstr "Продължителност на опитите за синхронни LDAP операции" -#: src/config/SSSDConfig/__init__.py.in:287 +#: src/config/SSSDConfig/__init__.py.in:288 msgid "Length of time between attempts to reconnect while offline" msgstr "Продължителност на времето между опитите за връзка докато е офлайн" -#: src/config/SSSDConfig/__init__.py.in:288 +#: src/config/SSSDConfig/__init__.py.in:289 msgid "Use only the upper case for realm names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:289 +#: src/config/SSSDConfig/__init__.py.in:290 msgid "File that contains CA certificates" msgstr "Файл, съдържащ CA сертификати" -#: src/config/SSSDConfig/__init__.py.in:290 +#: src/config/SSSDConfig/__init__.py.in:291 msgid "Path to CA certificate directory" msgstr "Път до директорията на CA сертификат" -#: src/config/SSSDConfig/__init__.py.in:291 +#: src/config/SSSDConfig/__init__.py.in:292 msgid "File that contains the client certificate" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:292 +#: src/config/SSSDConfig/__init__.py.in:293 msgid "File that contains the client key" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:293 +#: src/config/SSSDConfig/__init__.py.in:294 msgid "List of possible ciphers suites" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:294 +#: src/config/SSSDConfig/__init__.py.in:295 msgid "Require TLS certificate verification" msgstr "Изисква TLS проверка на сертификат" -#: src/config/SSSDConfig/__init__.py.in:295 +#: src/config/SSSDConfig/__init__.py.in:296 msgid "Specify the sasl mechanism to use" msgstr "Задава за използване механизма sasl" -#: src/config/SSSDConfig/__init__.py.in:296 +#: src/config/SSSDConfig/__init__.py.in:297 msgid "Specify the sasl authorization id to use" msgstr "Задаване на sasl authorization id за употреба" -#: src/config/SSSDConfig/__init__.py.in:297 +#: src/config/SSSDConfig/__init__.py.in:298 msgid "Specify the sasl authorization realm to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:298 +#: src/config/SSSDConfig/__init__.py.in:299 msgid "Specify the minimal SSF for LDAP sasl authorization" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:299 +#: src/config/SSSDConfig/__init__.py.in:300 msgid "Kerberos service keytab" msgstr "keytab на Kerberos услуга" -#: src/config/SSSDConfig/__init__.py.in:300 +#: src/config/SSSDConfig/__init__.py.in:301 msgid "Use Kerberos auth for LDAP connection" msgstr "Ползвай Kerberos auth за LDAP връзка" -#: src/config/SSSDConfig/__init__.py.in:301 +#: src/config/SSSDConfig/__init__.py.in:302 msgid "Follow LDAP referrals" msgstr "Следвай LDAP референциите" -#: src/config/SSSDConfig/__init__.py.in:302 +#: src/config/SSSDConfig/__init__.py.in:303 msgid "Lifetime of TGT for LDAP connection" msgstr "Продължителност на живот на TGT за LDAP връзка" -#: src/config/SSSDConfig/__init__.py.in:303 +#: src/config/SSSDConfig/__init__.py.in:304 msgid "How to dereference aliases" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:304 +#: src/config/SSSDConfig/__init__.py.in:305 msgid "Service name for DNS service lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:305 +#: src/config/SSSDConfig/__init__.py.in:306 msgid "The number of records to retrieve in a single LDAP query" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:306 +#: src/config/SSSDConfig/__init__.py.in:307 msgid "The number of members that must be missing to trigger a full deref" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:307 +#: src/config/SSSDConfig/__init__.py.in:308 msgid "" "Whether the LDAP library should perform a reverse lookup to canonicalize the " "host name during a SASL bind" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:309 +#: src/config/SSSDConfig/__init__.py.in:310 msgid "entryUSN attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:310 +#: src/config/SSSDConfig/__init__.py.in:311 msgid "lastUSN attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:312 +#: src/config/SSSDConfig/__init__.py.in:313 msgid "How long to retain a connection to the LDAP server before disconnecting" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:314 +#: src/config/SSSDConfig/__init__.py.in:315 msgid "Disable the LDAP paging control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:315 +#: src/config/SSSDConfig/__init__.py.in:316 msgid "Disable Active Directory range retrieval" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:318 +#: src/config/SSSDConfig/__init__.py.in:319 msgid "Length of time to wait for a search request" msgstr "Продължителност на време за изчакване на заявка за търсене" -#: src/config/SSSDConfig/__init__.py.in:319 +#: src/config/SSSDConfig/__init__.py.in:320 msgid "Length of time to wait for a enumeration request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:320 +#: src/config/SSSDConfig/__init__.py.in:321 msgid "Length of time between enumeration updates" msgstr "Продължителност на време между актуализации на изброяване" -#: src/config/SSSDConfig/__init__.py.in:321 +#: src/config/SSSDConfig/__init__.py.in:322 msgid "Length of time between cache cleanups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:322 +#: src/config/SSSDConfig/__init__.py.in:323 msgid "Require TLS for ID lookups" msgstr "Изисква TLS за ИД справките" -#: src/config/SSSDConfig/__init__.py.in:323 +#: src/config/SSSDConfig/__init__.py.in:324 msgid "Use ID-mapping of objectSID instead of pre-set IDs" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:324 +#: src/config/SSSDConfig/__init__.py.in:325 msgid "Base DN for user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:325 +#: src/config/SSSDConfig/__init__.py.in:326 msgid "Scope of user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:326 +#: src/config/SSSDConfig/__init__.py.in:327 msgid "Filter for user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:327 +#: src/config/SSSDConfig/__init__.py.in:328 msgid "Objectclass for users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:328 +#: src/config/SSSDConfig/__init__.py.in:329 msgid "Username attribute" msgstr "атрибут Потребителско име" -#: src/config/SSSDConfig/__init__.py.in:330 +#: src/config/SSSDConfig/__init__.py.in:331 msgid "UID attribute" msgstr "атрибут UID" -#: src/config/SSSDConfig/__init__.py.in:331 +#: src/config/SSSDConfig/__init__.py.in:332 msgid "Primary GID attribute" msgstr "атрибут Първичен GID" -#: src/config/SSSDConfig/__init__.py.in:332 +#: src/config/SSSDConfig/__init__.py.in:333 msgid "GECOS attribute" msgstr "атрибут GECOS" -#: src/config/SSSDConfig/__init__.py.in:333 +#: src/config/SSSDConfig/__init__.py.in:334 msgid "Home directory attribute" msgstr "атрибут Домашна директория" -#: src/config/SSSDConfig/__init__.py.in:334 +#: src/config/SSSDConfig/__init__.py.in:335 msgid "Shell attribute" msgstr "атрибут Команден интерпретатор" -#: src/config/SSSDConfig/__init__.py.in:335 +#: src/config/SSSDConfig/__init__.py.in:336 msgid "UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:336 -#: src/config/SSSDConfig/__init__.py.in:378 +#: src/config/SSSDConfig/__init__.py.in:337 +#: src/config/SSSDConfig/__init__.py.in:379 msgid "objectSID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:337 +#: src/config/SSSDConfig/__init__.py.in:338 msgid "Active Directory primary group attribute for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:338 +#: src/config/SSSDConfig/__init__.py.in:339 msgid "User principal attribute (for Kerberos)" msgstr "атрибут User principal (за Kerberos)" -#: src/config/SSSDConfig/__init__.py.in:339 +#: src/config/SSSDConfig/__init__.py.in:340 msgid "Full Name" msgstr "Пълно име" -#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:341 msgid "memberOf attribute" msgstr "атрибут членНа" -#: src/config/SSSDConfig/__init__.py.in:341 +#: src/config/SSSDConfig/__init__.py.in:342 msgid "Modification time attribute" msgstr "атрибут Момент на промяна" -#: src/config/SSSDConfig/__init__.py.in:343 +#: src/config/SSSDConfig/__init__.py.in:344 msgid "shadowLastChange attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:344 +#: src/config/SSSDConfig/__init__.py.in:345 msgid "shadowMin attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:345 +#: src/config/SSSDConfig/__init__.py.in:346 msgid "shadowMax attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:346 +#: src/config/SSSDConfig/__init__.py.in:347 msgid "shadowWarning attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:347 +#: src/config/SSSDConfig/__init__.py.in:348 msgid "shadowInactive attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:348 +#: src/config/SSSDConfig/__init__.py.in:349 msgid "shadowExpire attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:349 +#: src/config/SSSDConfig/__init__.py.in:350 msgid "shadowFlag attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:350 +#: src/config/SSSDConfig/__init__.py.in:351 msgid "Attribute listing authorized PAM services" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:351 +#: src/config/SSSDConfig/__init__.py.in:352 msgid "Attribute listing authorized server hosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:352 +#: src/config/SSSDConfig/__init__.py.in:353 msgid "Attribute listing authorized server rhosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:353 +#: src/config/SSSDConfig/__init__.py.in:354 msgid "krbLastPwdChange attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:354 +#: src/config/SSSDConfig/__init__.py.in:355 msgid "krbPasswordExpiration attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:355 +#: src/config/SSSDConfig/__init__.py.in:356 msgid "Attribute indicating that server side password policies are active" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:356 +#: src/config/SSSDConfig/__init__.py.in:357 msgid "accountExpires attribute of AD" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:357 +#: src/config/SSSDConfig/__init__.py.in:358 msgid "userAccountControl attribute of AD" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:358 +#: src/config/SSSDConfig/__init__.py.in:359 msgid "nsAccountLock attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:359 +#: src/config/SSSDConfig/__init__.py.in:360 msgid "loginDisabled attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:360 +#: src/config/SSSDConfig/__init__.py.in:361 msgid "loginExpirationTime attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:361 +#: src/config/SSSDConfig/__init__.py.in:362 msgid "loginAllowedTimeMap attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:362 +#: src/config/SSSDConfig/__init__.py.in:363 msgid "SSH public key attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:363 +#: src/config/SSSDConfig/__init__.py.in:364 msgid "attribute listing allowed authentication types for a user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:364 +#: src/config/SSSDConfig/__init__.py.in:365 msgid "attribute containing the X509 certificate of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:365 +#: src/config/SSSDConfig/__init__.py.in:366 msgid "attribute containing the email address of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:367 +#: src/config/SSSDConfig/__init__.py.in:368 msgid "A list of extra attributes to download along with the user entry" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:369 +#: src/config/SSSDConfig/__init__.py.in:370 msgid "Base DN for group lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:372 +#: src/config/SSSDConfig/__init__.py.in:373 msgid "Objectclass for groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:373 +#: src/config/SSSDConfig/__init__.py.in:374 msgid "Group name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:374 +#: src/config/SSSDConfig/__init__.py.in:375 msgid "Group password" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:375 +#: src/config/SSSDConfig/__init__.py.in:376 msgid "GID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:376 +#: src/config/SSSDConfig/__init__.py.in:377 msgid "Group member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:377 +#: src/config/SSSDConfig/__init__.py.in:378 msgid "Group UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:379 +#: src/config/SSSDConfig/__init__.py.in:380 msgid "Modification time attribute for groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:380 +#: src/config/SSSDConfig/__init__.py.in:381 msgid "Type of the group and other flags" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:381 +#: src/config/SSSDConfig/__init__.py.in:382 msgid "The LDAP group external member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:383 -msgid "Maximum nesting level SSSd will follow" +#: src/config/SSSDConfig/__init__.py.in:384 +msgid "Maximum nesting level SSSD will follow" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:385 +#: src/config/SSSDConfig/__init__.py.in:386 msgid "Base DN for netgroup lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:386 +#: src/config/SSSDConfig/__init__.py.in:387 msgid "Objectclass for netgroups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:387 +#: src/config/SSSDConfig/__init__.py.in:388 msgid "Netgroup name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:388 +#: src/config/SSSDConfig/__init__.py.in:389 msgid "Netgroups members attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:389 +#: src/config/SSSDConfig/__init__.py.in:390 msgid "Netgroup triple attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:390 +#: src/config/SSSDConfig/__init__.py.in:391 msgid "Modification time attribute for netgroups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:392 +#: src/config/SSSDConfig/__init__.py.in:393 msgid "Base DN for service lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:393 +#: src/config/SSSDConfig/__init__.py.in:394 msgid "Objectclass for services" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:394 +#: src/config/SSSDConfig/__init__.py.in:395 msgid "Service name attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:395 +#: src/config/SSSDConfig/__init__.py.in:396 msgid "Service port attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:396 +#: src/config/SSSDConfig/__init__.py.in:397 msgid "Service protocol attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:399 +#: src/config/SSSDConfig/__init__.py.in:400 msgid "Lower bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:400 +#: src/config/SSSDConfig/__init__.py.in:401 msgid "Upper bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:401 +#: src/config/SSSDConfig/__init__.py.in:402 msgid "Number of IDs for each slice when ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:402 +#: src/config/SSSDConfig/__init__.py.in:403 msgid "Use autorid-compatible algorithm for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:403 +#: src/config/SSSDConfig/__init__.py.in:404 msgid "Name of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:404 +#: src/config/SSSDConfig/__init__.py.in:405 msgid "SID of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:405 +#: src/config/SSSDConfig/__init__.py.in:406 msgid "Number of secondary slices" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:407 +#: src/config/SSSDConfig/__init__.py.in:408 msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:408 +#: src/config/SSSDConfig/__init__.py.in:409 msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:409 +#: src/config/SSSDConfig/__init__.py.in:410 msgid "Whether to use Token-Groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:410 +#: src/config/SSSDConfig/__init__.py.in:411 msgid "Set lower boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:411 +#: src/config/SSSDConfig/__init__.py.in:412 msgid "Set upper boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:412 +#: src/config/SSSDConfig/__init__.py.in:413 msgid "DN for ppolicy queries" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:413 +#: src/config/SSSDConfig/__init__.py.in:414 msgid "How many maximum entries to fetch during a wildcard request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:416 +#: src/config/SSSDConfig/__init__.py.in:417 msgid "Policy to evaluate the password expiration" msgstr "Политика за определяне срок на валидност на парола" -#: src/config/SSSDConfig/__init__.py.in:420 +#: src/config/SSSDConfig/__init__.py.in:421 msgid "Which attributes shall be used to evaluate if an account is expired" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:421 +#: src/config/SSSDConfig/__init__.py.in:422 msgid "Which rules should be used to evaluate access control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:424 +#: src/config/SSSDConfig/__init__.py.in:425 msgid "URI of an LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:425 +#: src/config/SSSDConfig/__init__.py.in:426 msgid "URI of a backup LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:426 +#: src/config/SSSDConfig/__init__.py.in:427 msgid "DNS service name for LDAP password change server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:427 +#: src/config/SSSDConfig/__init__.py.in:428 msgid "" "Whether to update the ldap_user_shadow_last_change attribute after a " "password change" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:430 +#: src/config/SSSDConfig/__init__.py.in:431 msgid "Base DN for sudo rules lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:431 +#: src/config/SSSDConfig/__init__.py.in:432 msgid "Automatic full refresh period" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:432 +#: src/config/SSSDConfig/__init__.py.in:433 msgid "Automatic smart refresh period" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:433 +#: src/config/SSSDConfig/__init__.py.in:434 msgid "Whether to filter rules by hostname, IP addresses and network" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:434 +#: src/config/SSSDConfig/__init__.py.in:435 msgid "" "Hostnames and/or fully qualified domain names of this machine to filter sudo " "rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:435 +#: src/config/SSSDConfig/__init__.py.in:436 msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:436 +#: src/config/SSSDConfig/__init__.py.in:437 msgid "Whether to include rules that contains netgroup in host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:437 +#: src/config/SSSDConfig/__init__.py.in:438 msgid "" "Whether to include rules that contains regular expression in host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:438 +#: src/config/SSSDConfig/__init__.py.in:439 msgid "Object class for sudo rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:439 +#: src/config/SSSDConfig/__init__.py.in:440 msgid "Sudo rule name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:440 +#: src/config/SSSDConfig/__init__.py.in:441 msgid "Sudo rule command attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:441 +#: src/config/SSSDConfig/__init__.py.in:442 msgid "Sudo rule host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:442 +#: src/config/SSSDConfig/__init__.py.in:443 msgid "Sudo rule user attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:443 +#: src/config/SSSDConfig/__init__.py.in:444 msgid "Sudo rule option attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:444 +#: src/config/SSSDConfig/__init__.py.in:445 msgid "Sudo rule runas attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:445 +#: src/config/SSSDConfig/__init__.py.in:446 msgid "Sudo rule runasuser attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:446 +#: src/config/SSSDConfig/__init__.py.in:447 msgid "Sudo rule runasgroup attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:447 +#: src/config/SSSDConfig/__init__.py.in:448 msgid "Sudo rule notbefore attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:448 +#: src/config/SSSDConfig/__init__.py.in:449 msgid "Sudo rule notafter attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:449 +#: src/config/SSSDConfig/__init__.py.in:450 msgid "Sudo rule order attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:452 +#: src/config/SSSDConfig/__init__.py.in:453 msgid "Object class for automounter maps" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:453 +#: src/config/SSSDConfig/__init__.py.in:454 msgid "Automounter map name attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:454 +#: src/config/SSSDConfig/__init__.py.in:455 msgid "Object class for automounter map entries" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:455 +#: src/config/SSSDConfig/__init__.py.in:456 msgid "Automounter map entry key attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:456 +#: src/config/SSSDConfig/__init__.py.in:457 msgid "Automounter map entry value attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:457 +#: src/config/SSSDConfig/__init__.py.in:458 msgid "Base DN for automounter map lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:460 +#: src/config/SSSDConfig/__init__.py.in:461 msgid "Comma separated list of allowed users" msgstr "Списък разрешени потребители, разделени със запетая" -#: src/config/SSSDConfig/__init__.py.in:461 +#: src/config/SSSDConfig/__init__.py.in:462 msgid "Comma separated list of prohibited users" msgstr "Списък забранени потребители, разделени със запетая" -#: src/config/SSSDConfig/__init__.py.in:464 +#: src/config/SSSDConfig/__init__.py.in:465 msgid "Default shell, /bin/bash" msgstr "Подразбиращ се команден интерпретатор, /bin/bash" -#: src/config/SSSDConfig/__init__.py.in:465 +#: src/config/SSSDConfig/__init__.py.in:466 msgid "Base for home directories" msgstr "Място за домашните директории" -#: src/config/SSSDConfig/__init__.py.in:468 +#: src/config/SSSDConfig/__init__.py.in:469 msgid "The number of preforked proxy children." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:471 +#: src/config/SSSDConfig/__init__.py.in:472 msgid "The name of the NSS library to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:472 +#: src/config/SSSDConfig/__init__.py.in:473 msgid "Whether to look up canonical group name from cache if possible" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:475 +#: src/config/SSSDConfig/__init__.py.in:476 msgid "PAM stack to use" msgstr "" -#: src/monitor/monitor.c:2469 +#: src/monitor/monitor.c:2449 msgid "Become a daemon (default)" msgstr "Продължава като демон (по подразбиране)" -#: src/monitor/monitor.c:2471 +#: src/monitor/monitor.c:2451 msgid "Run interactive (not a daemon)" msgstr "Интерактивна работа (а не като демон)" -#: src/monitor/monitor.c:2474 +#: src/monitor/monitor.c:2454 msgid "Disable netlink interface" msgstr "" -#: src/monitor/monitor.c:2476 src/tools/sssctl/sssctl_logs.c:311 +#: src/monitor/monitor.c:2456 src/tools/sssctl/sssctl_logs.c:311 msgid "Specify a non-default config file" msgstr "Задаване на друг (не подразбиращия се) конфиг файл" -#: src/monitor/monitor.c:2478 +#: src/monitor/monitor.c:2458 msgid "Refresh the configuration database, then exit" msgstr "" -#: src/monitor/monitor.c:2481 +#: src/monitor/monitor.c:2461 msgid "Print version number and exit" msgstr "" -#: src/monitor/monitor.c:2645 +#: src/monitor/monitor.c:2627 msgid "SSSD is already running\n" msgstr "" -#: src/providers/krb5/krb5_child.c:3032 src/providers/ldap/ldap_child.c:616 +#: src/providers/krb5/krb5_child.c:3216 src/providers/ldap/ldap_child.c:617 msgid "Debug level" msgstr "Ниво на debug" -#: src/providers/krb5/krb5_child.c:3034 src/providers/ldap/ldap_child.c:618 +#: src/providers/krb5/krb5_child.c:3218 src/providers/ldap/ldap_child.c:619 msgid "Add debug timestamps" msgstr "" -#: src/providers/krb5/krb5_child.c:3036 src/providers/ldap/ldap_child.c:620 +#: src/providers/krb5/krb5_child.c:3220 src/providers/ldap/ldap_child.c:621 msgid "Show timestamps with microseconds" msgstr "" -#: src/providers/krb5/krb5_child.c:3038 src/providers/ldap/ldap_child.c:622 +#: src/providers/krb5/krb5_child.c:3222 src/providers/ldap/ldap_child.c:623 msgid "An open file descriptor for the debug logs" msgstr "" -#: src/providers/krb5/krb5_child.c:3041 src/providers/ldap/ldap_child.c:624 +#: src/providers/krb5/krb5_child.c:3225 src/providers/ldap/ldap_child.c:625 msgid "Send the debug output to stderr directly." msgstr "" -#: src/providers/krb5/krb5_child.c:3043 +#: src/providers/krb5/krb5_child.c:3228 msgid "The user to create FAST ccache as" msgstr "" -#: src/providers/krb5/krb5_child.c:3045 +#: src/providers/krb5/krb5_child.c:3230 msgid "The group to create FAST ccache as" msgstr "" -#: src/providers/krb5/krb5_child.c:3047 +#: src/providers/krb5/krb5_child.c:3232 msgid "Kerberos realm to use" msgstr "" -#: src/providers/krb5/krb5_child.c:3049 +#: src/providers/krb5/krb5_child.c:3234 msgid "Requested lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:3051 +#: src/providers/krb5/krb5_child.c:3236 msgid "Requested renewable lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:3053 +#: src/providers/krb5/krb5_child.c:3238 msgid "FAST options ('never', 'try', 'demand')" msgstr "" -#: src/providers/krb5/krb5_child.c:3056 +#: src/providers/krb5/krb5_child.c:3241 msgid "Specifies the server principal to use for FAST" msgstr "" -#: src/providers/krb5/krb5_child.c:3058 +#: src/providers/krb5/krb5_child.c:3243 msgid "Requests canonicalization of the principal name" msgstr "" -#: src/providers/data_provider_be.c:553 +#: src/providers/krb5/krb5_child.c:3245 +msgid "Use custom version of krb5_get_init_creds_password" +msgstr "" + +#: src/providers/data_provider_be.c:555 msgid "Domain of the information provider (mandatory)" msgstr "" -#: src/sss_client/common.c:1061 +#: src/sss_client/common.c:1066 msgid "Privileged socket has wrong ownership or permissions." msgstr "" -#: src/sss_client/common.c:1064 +#: src/sss_client/common.c:1069 msgid "Public socket has wrong ownership or permissions." msgstr "" -#: src/sss_client/common.c:1067 +#: src/sss_client/common.c:1072 msgid "Unexpected format of the server credential message." msgstr "" -#: src/sss_client/common.c:1070 +#: src/sss_client/common.c:1075 msgid "SSSD is not run by root." msgstr "SSSD не е стартиран като root." -#: src/sss_client/common.c:1075 +#: src/sss_client/common.c:1080 msgid "An error occurred, but no description can be found." msgstr "Възникнала е грешка, но не може да се намери описание." -#: src/sss_client/common.c:1081 +#: src/sss_client/common.c:1086 msgid "Unexpected error while looking for an error description" msgstr "Неочаквана грешка при търсене на описание на грешка" -#: src/sss_client/pam_sss.c:68 +#: src/sss_client/pam_sss.c:76 msgid "Permission denied. " msgstr "" -#: src/sss_client/pam_sss.c:69 src/sss_client/pam_sss.c:746 -#: src/sss_client/pam_sss.c:757 +#: src/sss_client/pam_sss.c:77 src/sss_client/pam_sss.c:782 +#: src/sss_client/pam_sss.c:793 msgid "Server message: " msgstr "Съобщение от сървъра:" -#: src/sss_client/pam_sss.c:264 +#: src/sss_client/pam_sss.c:300 msgid "Passwords do not match" msgstr "Паролите не съвпадат" -#: src/sss_client/pam_sss.c:452 +#: src/sss_client/pam_sss.c:488 msgid "Password reset by root is not supported." msgstr "Промяна на паролата от root не се поддържа." -#: src/sss_client/pam_sss.c:493 +#: src/sss_client/pam_sss.c:529 msgid "Authenticated with cached credentials" msgstr "Удостоверен с кеширани идентификационни данни" -#: src/sss_client/pam_sss.c:494 +#: src/sss_client/pam_sss.c:530 msgid ", your cached password will expire at: " msgstr ", кешираната парола ще изтече на: " -#: src/sss_client/pam_sss.c:524 +#: src/sss_client/pam_sss.c:560 #, c-format msgid "Your password has expired. You have %1$d grace login(s) remaining." msgstr "" -#: src/sss_client/pam_sss.c:570 +#: src/sss_client/pam_sss.c:606 #, c-format msgid "Your password will expire in %1$d %2$s." msgstr "" -#: src/sss_client/pam_sss.c:619 +#: src/sss_client/pam_sss.c:655 msgid "Authentication is denied until: " msgstr "Удостоверяването е забранено до: " -#: src/sss_client/pam_sss.c:640 +#: src/sss_client/pam_sss.c:676 msgid "System is offline, password change not possible" msgstr "Системата е офлайн, промяна на паролата не е възможна" -#: src/sss_client/pam_sss.c:655 +#: src/sss_client/pam_sss.c:691 msgid "" "After changing the OTP password, you need to log out and back in order to " "acquire a ticket" msgstr "" -#: src/sss_client/pam_sss.c:743 src/sss_client/pam_sss.c:756 +#: src/sss_client/pam_sss.c:779 src/sss_client/pam_sss.c:792 msgid "Password change failed. " msgstr "Промяната на паролата не успя." -#: src/sss_client/pam_sss.c:1670 +#: src/sss_client/pam_sss.c:1926 msgid "New Password: " msgstr "Нова парола:" -#: src/sss_client/pam_sss.c:1671 +#: src/sss_client/pam_sss.c:1927 msgid "Reenter new Password: " msgstr "Отново новата парола:" -#: src/sss_client/pam_sss.c:1783 src/sss_client/pam_sss.c:1786 +#: src/sss_client/pam_sss.c:2039 src/sss_client/pam_sss.c:2042 msgid "First Factor: " msgstr "" -#: src/sss_client/pam_sss.c:1784 +#: src/sss_client/pam_sss.c:2040 src/sss_client/pam_sss.c:2202 msgid "Second Factor (optional): " msgstr "" -#: src/sss_client/pam_sss.c:1787 +#: src/sss_client/pam_sss.c:2043 src/sss_client/pam_sss.c:2205 msgid "Second Factor: " msgstr "" -#: src/sss_client/pam_sss.c:1792 +#: src/sss_client/pam_sss.c:2058 msgid "Password: " msgstr "Парола:" -#: src/sss_client/pam_sss.c:1832 +#: src/sss_client/pam_sss.c:2201 src/sss_client/pam_sss.c:2204 +#, fuzzy +msgid "First Factor (Current Password): " +msgstr "Текуща парола:" + +#: src/sss_client/pam_sss.c:2208 msgid "Current Password: " msgstr "Текуща парола:" -#: src/sss_client/pam_sss.c:2098 +#: src/sss_client/pam_sss.c:2536 msgid "Password expired. Change your password now." msgstr "Паролата Ви е остаряла. Сменете я сега." @@ -2288,38 +2302,38 @@ msgstr "" msgid "Cached in InfoPipe" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:511 +#: src/tools/sssctl/sssctl_cache.c:512 #, c-format msgid "Error: Unable to get object [%d]: %s\n" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:527 +#: src/tools/sssctl/sssctl_cache.c:528 #, c-format msgid "%s: Unable to read value [%d]: %s\n" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:555 +#: src/tools/sssctl/sssctl_cache.c:556 msgid "Specify name." msgstr "" -#: src/tools/sssctl/sssctl_cache.c:565 +#: src/tools/sssctl/sssctl_cache.c:566 #, c-format msgid "Unable to parse name %s.\n" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:591 src/tools/sssctl/sssctl_cache.c:638 +#: src/tools/sssctl/sssctl_cache.c:592 src/tools/sssctl/sssctl_cache.c:639 msgid "Search by SID" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:592 +#: src/tools/sssctl/sssctl_cache.c:593 msgid "Search by user ID" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:601 +#: src/tools/sssctl/sssctl_cache.c:602 msgid "Initgroups expiration time" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:639 +#: src/tools/sssctl/sssctl_cache.c:640 msgid "Search by group ID" msgstr "" @@ -2357,7 +2371,7 @@ msgid "Unable to create backup directory [%d]: %s" msgstr "" #: src/tools/sssctl/sssctl_data.c:95 -msgid "SSSD backup of local data already exist, override?" +msgid "SSSD backup of local data already exists, override?" msgstr "" #: src/tools/sssctl/sssctl_data.c:111 diff --git a/po/ca.po b/po/ca.po index fd20c44beac..d19bf0a2d2c 100644 --- a/po/ca.po +++ b/po/ca.po @@ -14,7 +14,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2017-10-20 16:16+0200\n" +"POT-Creation-Date: 2018-03-09 12:31+0100\n" "PO-Revision-Date: 2017-10-15 03:02-0400\n" "Last-Translator: Robert Antoni Buj Gelonch \n" "Language-Team: Catalan (http://www.transifex.com/projects/p/sssd/language/" @@ -552,12 +552,12 @@ msgid "Whether to automatically update the client's DNS entry" msgstr "Si s'actualitza automàticament l'entrada DNS del client" #: src/config/SSSDConfig/__init__.py.in:184 -#: src/config/SSSDConfig/__init__.py.in:205 +#: src/config/SSSDConfig/__init__.py.in:206 msgid "The TTL to apply to the client's DNS entry after updating it" msgstr "El TTL per aplicar a l'entrada DNS del client després d'actualitzar-ho" #: src/config/SSSDConfig/__init__.py.in:185 -#: src/config/SSSDConfig/__init__.py.in:206 +#: src/config/SSSDConfig/__init__.py.in:207 msgid "The interface whose IP should be used for dynamic DNS updates" msgstr "" "La interfície amb la IP que s'hauria d'utilitzar per a les actualitzacions " @@ -605,37 +605,42 @@ msgstr "" msgid "How long can cached credentials be used for cached authentication" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:200 +#: src/config/SSSDConfig/__init__.py.in:198 +#, fuzzy +msgid "Whether to automatically create private groups for users" +msgstr "Si s'actualitza automàticament l'entrada DNS del client" + +#: src/config/SSSDConfig/__init__.py.in:201 msgid "IPA domain" msgstr "Domini IPA" -#: src/config/SSSDConfig/__init__.py.in:201 +#: src/config/SSSDConfig/__init__.py.in:202 msgid "IPA server address" msgstr "Adreça del servidor IPA" -#: src/config/SSSDConfig/__init__.py.in:202 +#: src/config/SSSDConfig/__init__.py.in:203 msgid "Address of backup IPA server" msgstr "Adreça del servidor IPA de reserva " -#: src/config/SSSDConfig/__init__.py.in:203 +#: src/config/SSSDConfig/__init__.py.in:204 msgid "IPA client hostname" msgstr "Nom d'amfitrió del client IPA" -#: src/config/SSSDConfig/__init__.py.in:204 +#: src/config/SSSDConfig/__init__.py.in:205 msgid "Whether to automatically update the client's DNS entry in FreeIPA" msgstr "Si s'actualitza automàticament l'entrada DNS del client a FreeIPA" -#: src/config/SSSDConfig/__init__.py.in:207 +#: src/config/SSSDConfig/__init__.py.in:208 msgid "Search base for HBAC related objects" msgstr "Base de cerca per als objectes relacionats amb HBAC" -#: src/config/SSSDConfig/__init__.py.in:208 +#: src/config/SSSDConfig/__init__.py.in:209 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server" msgstr "" "Quantitat de temps entre recerques de les regles HBAC contra el servidor IPA" -#: src/config/SSSDConfig/__init__.py.in:209 +#: src/config/SSSDConfig/__init__.py.in:210 msgid "" "The amount of time in seconds between lookups of the SELinux maps against " "the IPA server" @@ -643,70 +648,70 @@ msgstr "" "Quantitat de temps en segons entre recerques de les assignacions SELinux " "contra el servidor IPA" -#: src/config/SSSDConfig/__init__.py.in:210 +#: src/config/SSSDConfig/__init__.py.in:211 msgid "If set to false, host argument given by PAM will be ignored" msgstr "" "Si s'estableix a fals, s'ignorarà l'argument de l'amfitrió proporcionat amb " "PAM" -#: src/config/SSSDConfig/__init__.py.in:211 +#: src/config/SSSDConfig/__init__.py.in:212 msgid "The automounter location this IPA client is using" msgstr "" "La ubicació de l'eina de muntatge automàtic que aquest client IPA està " "utilitzant" -#: src/config/SSSDConfig/__init__.py.in:212 +#: src/config/SSSDConfig/__init__.py.in:213 msgid "Search base for object containing info about IPA domain" msgstr "" "Base de cerca per a l'objecte que conté la informació sobre el domini de " "l'IPA" -#: src/config/SSSDConfig/__init__.py.in:213 +#: src/config/SSSDConfig/__init__.py.in:214 msgid "Search base for objects containing info about ID ranges" msgstr "" "Base de cerca per als objectes que contenen informació sobre els intervals " "d'id." -#: src/config/SSSDConfig/__init__.py.in:214 -#: src/config/SSSDConfig/__init__.py.in:232 +#: src/config/SSSDConfig/__init__.py.in:215 +#: src/config/SSSDConfig/__init__.py.in:233 msgid "Enable DNS sites - location based service discovery" msgstr "" "Habilita els llocs DNS - el descobriment del servei es basa en la ubicació" -#: src/config/SSSDConfig/__init__.py.in:215 +#: src/config/SSSDConfig/__init__.py.in:216 msgid "Search base for view containers" msgstr "Base de cerca per als contenidors de la vista" -#: src/config/SSSDConfig/__init__.py.in:216 +#: src/config/SSSDConfig/__init__.py.in:217 msgid "Objectclass for view containers" msgstr "Objectclass per als contenidors de la vista" -#: src/config/SSSDConfig/__init__.py.in:217 +#: src/config/SSSDConfig/__init__.py.in:218 msgid "Attribute with the name of the view" msgstr "L'atribut amb el nom de la vista" -#: src/config/SSSDConfig/__init__.py.in:218 +#: src/config/SSSDConfig/__init__.py.in:219 msgid "Objectclass for override objects" msgstr "Objectclass per substituir els objectes" -#: src/config/SSSDConfig/__init__.py.in:219 +#: src/config/SSSDConfig/__init__.py.in:220 msgid "Attribute with the reference to the original object" msgstr "L'atribut amb la referència a l'objecte original" -#: src/config/SSSDConfig/__init__.py.in:220 +#: src/config/SSSDConfig/__init__.py.in:221 msgid "Objectclass for user override objects" msgstr "Objectclass per als objectes de substitució d'usuari" -#: src/config/SSSDConfig/__init__.py.in:221 +#: src/config/SSSDConfig/__init__.py.in:222 msgid "Objectclass for group override objects" msgstr "Objectclass per als objectes de substitució de grup" -#: src/config/SSSDConfig/__init__.py.in:222 +#: src/config/SSSDConfig/__init__.py.in:223 #, fuzzy msgid "Search base for Desktop Profile related objects" msgstr "Base de cerca per als objectes relacionats amb HBAC" -#: src/config/SSSDConfig/__init__.py.in:223 +#: src/config/SSSDConfig/__init__.py.in:224 #, fuzzy msgid "" "The amount of time in seconds between lookups of the Desktop Profile rules " @@ -715,7 +720,7 @@ msgstr "" "Quantitat de temps en segons entre recerques de les assignacions SELinux " "contra el servidor IPA" -#: src/config/SSSDConfig/__init__.py.in:224 +#: src/config/SSSDConfig/__init__.py.in:225 #, fuzzy msgid "" "The amount of time in minutes between lookups of Desktop Profiles rules " @@ -723,40 +728,40 @@ msgid "" msgstr "" "Quantitat de temps entre recerques de les regles HBAC contra el servidor IPA" -#: src/config/SSSDConfig/__init__.py.in:227 +#: src/config/SSSDConfig/__init__.py.in:228 msgid "Active Directory domain" msgstr "Domini Active Directory" -#: src/config/SSSDConfig/__init__.py.in:228 +#: src/config/SSSDConfig/__init__.py.in:229 msgid "Enabled Active Directory domains" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:229 +#: src/config/SSSDConfig/__init__.py.in:230 msgid "Active Directory server address" msgstr "Adreça del servidor de l'Active Directory" -#: src/config/SSSDConfig/__init__.py.in:230 +#: src/config/SSSDConfig/__init__.py.in:231 msgid "Active Directory backup server address" msgstr "Adreça del servidor de l'Active Directory de reserva" -#: src/config/SSSDConfig/__init__.py.in:231 +#: src/config/SSSDConfig/__init__.py.in:232 msgid "Active Directory client hostname" msgstr "Nom d'amfitrió del client d'Active Directory" -#: src/config/SSSDConfig/__init__.py.in:233 -#: src/config/SSSDConfig/__init__.py.in:419 +#: src/config/SSSDConfig/__init__.py.in:234 +#: src/config/SSSDConfig/__init__.py.in:420 msgid "LDAP filter to determine access privileges" msgstr "Filtre LDAP per determinar els privilegis d'accés" -#: src/config/SSSDConfig/__init__.py.in:234 +#: src/config/SSSDConfig/__init__.py.in:235 msgid "Whether to use the Global Catalog for lookups" msgstr "Si s'utilitza el catàleg global per a les recerques" -#: src/config/SSSDConfig/__init__.py.in:235 +#: src/config/SSSDConfig/__init__.py.in:236 msgid "Operation mode for GPO-based access control" msgstr "Mode d'operació per al control d'accés basat en GPO" -#: src/config/SSSDConfig/__init__.py.in:236 +#: src/config/SSSDConfig/__init__.py.in:237 msgid "" "The amount of time between lookups of the GPO policy files against the AD " "server" @@ -764,7 +769,7 @@ msgstr "" "Quantitat de temps entre recerques de fitxers de polítiques GPO contra el " "servidor d'AD" -#: src/config/SSSDConfig/__init__.py.in:237 +#: src/config/SSSDConfig/__init__.py.in:238 msgid "" "PAM service names that map to the GPO (Deny)InteractiveLogonRight policy " "settings" @@ -772,7 +777,7 @@ msgstr "" "Noms dels serveis del PAM que s'assignen als ajusts de les polítiques " "(Deny)InteractiveLogonRight del GPO" -#: src/config/SSSDConfig/__init__.py.in:238 +#: src/config/SSSDConfig/__init__.py.in:239 msgid "" "PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight " "policy settings" @@ -780,266 +785,267 @@ msgstr "" "Noms dels serveis del PAM que s'assignen als ajusts de les polítiques " "(Deny)RemoteInteractiveLogonRight del GPO" -#: src/config/SSSDConfig/__init__.py.in:239 +#: src/config/SSSDConfig/__init__.py.in:240 msgid "" "PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings" msgstr "" "Noms dels serveis del PAM que s'assignen als ajusts de les polítiques " "(Deny)NetworkLogonRight del GPO" -#: src/config/SSSDConfig/__init__.py.in:240 +#: src/config/SSSDConfig/__init__.py.in:241 msgid "" "PAM service names that map to the GPO (Deny)BatchLogonRight policy settings" msgstr "" "Noms dels serveis del PAM que s'assignen als ajusts de les polítiques " "(Deny)BatchLogonRight del GPO" -#: src/config/SSSDConfig/__init__.py.in:241 +#: src/config/SSSDConfig/__init__.py.in:242 msgid "" "PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings" msgstr "" "Noms dels serveis del PAM que s'assignen als ajusts de les polítiques " "(Deny)ServiceLogonRight del GPO" -#: src/config/SSSDConfig/__init__.py.in:242 +#: src/config/SSSDConfig/__init__.py.in:243 msgid "PAM service names for which GPO-based access is always granted" msgstr "" "Noms dels serveis del PAM als quals sempre se'ls garanteix l'accés basat en " "GPO" -#: src/config/SSSDConfig/__init__.py.in:243 +#: src/config/SSSDConfig/__init__.py.in:244 msgid "PAM service names for which GPO-based access is always denied" msgstr "" "Noms dels serveis del PAM als quals sempre se'ls denega l'accés basat en GPO" -#: src/config/SSSDConfig/__init__.py.in:244 +#: src/config/SSSDConfig/__init__.py.in:245 msgid "" "Default logon right (or permit/deny) to use for unmapped PAM service names" msgstr "" "Dret (permet o denega) predeterminat de l'inici de sessió a utilitzar per " "als noms dels serveis del PAM sense assignar" -#: src/config/SSSDConfig/__init__.py.in:245 +#: src/config/SSSDConfig/__init__.py.in:246 msgid "a particular site to be used by the client" msgstr "un lloc determinat per utilitzar amb el client" -#: src/config/SSSDConfig/__init__.py.in:246 +#: src/config/SSSDConfig/__init__.py.in:247 msgid "" "Maximum age in days before the machine account password should be renewed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:247 +#: src/config/SSSDConfig/__init__.py.in:248 msgid "Option for tuning the machine account renewal task" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:250 #: src/config/SSSDConfig/__init__.py.in:251 +#: src/config/SSSDConfig/__init__.py.in:252 msgid "Kerberos server address" msgstr "Adreça del servidor Kerberos" -#: src/config/SSSDConfig/__init__.py.in:252 +#: src/config/SSSDConfig/__init__.py.in:253 msgid "Kerberos backup server address" msgstr "Adreça del servidor Kerberos de reserva" -#: src/config/SSSDConfig/__init__.py.in:253 +#: src/config/SSSDConfig/__init__.py.in:254 msgid "Kerberos realm" msgstr "Reialme Kerberos" -#: src/config/SSSDConfig/__init__.py.in:254 +#: src/config/SSSDConfig/__init__.py.in:255 msgid "Authentication timeout" msgstr "Temps d'expiració de l'autenticació" -#: src/config/SSSDConfig/__init__.py.in:255 +#: src/config/SSSDConfig/__init__.py.in:256 msgid "Whether to create kdcinfo files" msgstr "Si es creen els fitxers kdcinfo" -#: src/config/SSSDConfig/__init__.py.in:256 +#: src/config/SSSDConfig/__init__.py.in:257 msgid "Where to drop krb5 config snippets" msgstr "Si es rebutgen les parts de la configuració del krb5" -#: src/config/SSSDConfig/__init__.py.in:259 +#: src/config/SSSDConfig/__init__.py.in:260 msgid "Directory to store credential caches" msgstr "Directori per emmagatzemar la memòria cau de les credencials" -#: src/config/SSSDConfig/__init__.py.in:260 +#: src/config/SSSDConfig/__init__.py.in:261 msgid "Location of the user's credential cache" msgstr "Ubicació de la memòria cau de les credencials de l'usuari" -#: src/config/SSSDConfig/__init__.py.in:261 +#: src/config/SSSDConfig/__init__.py.in:262 msgid "Location of the keytab to validate credentials" msgstr "Ubicació de la clau per validar les credencials" -#: src/config/SSSDConfig/__init__.py.in:262 +#: src/config/SSSDConfig/__init__.py.in:263 msgid "Enable credential validation" msgstr "Habilita la validació de credencials" -#: src/config/SSSDConfig/__init__.py.in:263 +#: src/config/SSSDConfig/__init__.py.in:264 msgid "Store password if offline for later online authentication" msgstr "" "Emmagatzema la contrasenya si s'està desconnectat per a l'autenticació " "posterior amb connexió" -#: src/config/SSSDConfig/__init__.py.in:264 +#: src/config/SSSDConfig/__init__.py.in:265 msgid "Renewable lifetime of the TGT" msgstr "Temps de vida renovable del TGT" -#: src/config/SSSDConfig/__init__.py.in:265 +#: src/config/SSSDConfig/__init__.py.in:266 msgid "Lifetime of the TGT" msgstr "Temps de vida del TGT" -#: src/config/SSSDConfig/__init__.py.in:266 +#: src/config/SSSDConfig/__init__.py.in:267 msgid "Time between two checks for renewal" msgstr "Temps entre les dues comprovacions per a la renovació" -#: src/config/SSSDConfig/__init__.py.in:267 +#: src/config/SSSDConfig/__init__.py.in:268 msgid "Enables FAST" msgstr "Habilita FAST" -#: src/config/SSSDConfig/__init__.py.in:268 +#: src/config/SSSDConfig/__init__.py.in:269 msgid "Selects the principal to use for FAST" msgstr "Selecciona el principal per utilitzar amb FAST" -#: src/config/SSSDConfig/__init__.py.in:269 +#: src/config/SSSDConfig/__init__.py.in:270 msgid "Enables principal canonicalization" msgstr "Habilita la canonització del principal" -#: src/config/SSSDConfig/__init__.py.in:270 +#: src/config/SSSDConfig/__init__.py.in:271 msgid "Enables enterprise principals" msgstr "Habilita els principals empresarials" -#: src/config/SSSDConfig/__init__.py.in:271 -msgid "A mapping from user names to kerberos principal names" +#: src/config/SSSDConfig/__init__.py.in:272 +#, fuzzy +msgid "A mapping from user names to Kerberos principal names" msgstr "" "Una assignació des dels noms dels usuaris als noms del principal de kerberos" -#: src/config/SSSDConfig/__init__.py.in:274 #: src/config/SSSDConfig/__init__.py.in:275 +#: src/config/SSSDConfig/__init__.py.in:276 msgid "Server where the change password service is running if not on the KDC" msgstr "" "Servidor on es troba el servei de canvi de contrasenya si no està al KDC" -#: src/config/SSSDConfig/__init__.py.in:278 +#: src/config/SSSDConfig/__init__.py.in:279 msgid "ldap_uri, The URI of the LDAP server" msgstr "ldap_uri, L'URI del servidor LDAP" -#: src/config/SSSDConfig/__init__.py.in:279 +#: src/config/SSSDConfig/__init__.py.in:280 msgid "ldap_backup_uri, The URI of the LDAP server" msgstr "ldap_backup_uri, L'URI del servidor LDAP" -#: src/config/SSSDConfig/__init__.py.in:280 +#: src/config/SSSDConfig/__init__.py.in:281 msgid "The default base DN" msgstr "El DN base per defecte" -#: src/config/SSSDConfig/__init__.py.in:281 +#: src/config/SSSDConfig/__init__.py.in:282 msgid "The Schema Type in use on the LDAP server, rfc2307" msgstr "El tipus d'esquema en ús al servidor LDAP, rfc2307" -#: src/config/SSSDConfig/__init__.py.in:282 +#: src/config/SSSDConfig/__init__.py.in:283 msgid "The default bind DN" msgstr "El DN de creació del vincle per defecte" -#: src/config/SSSDConfig/__init__.py.in:283 +#: src/config/SSSDConfig/__init__.py.in:284 msgid "The type of the authentication token of the default bind DN" msgstr "" "El tipus del testimoni d'autenticació del DN de creació del vincle per " "defecte" -#: src/config/SSSDConfig/__init__.py.in:284 +#: src/config/SSSDConfig/__init__.py.in:285 msgid "The authentication token of the default bind DN" msgstr "El testimoni d'autenticació del DN de creació del vincle per defecte" -#: src/config/SSSDConfig/__init__.py.in:285 +#: src/config/SSSDConfig/__init__.py.in:286 msgid "Length of time to attempt connection" msgstr "Període de temps per intentar una connexió" -#: src/config/SSSDConfig/__init__.py.in:286 +#: src/config/SSSDConfig/__init__.py.in:287 msgid "Length of time to attempt synchronous LDAP operations" msgstr "Període de temps per intentar operacions LDAP asíncrones" -#: src/config/SSSDConfig/__init__.py.in:287 +#: src/config/SSSDConfig/__init__.py.in:288 msgid "Length of time between attempts to reconnect while offline" msgstr "" "Període de temps entre els intents per tornar a connectar mentre s'està " "desconnectat" -#: src/config/SSSDConfig/__init__.py.in:288 +#: src/config/SSSDConfig/__init__.py.in:289 msgid "Use only the upper case for realm names" msgstr "Utilitza només majúscules pels noms de reialme" -#: src/config/SSSDConfig/__init__.py.in:289 +#: src/config/SSSDConfig/__init__.py.in:290 msgid "File that contains CA certificates" msgstr "Fitxer que conté els certificats de l'AC" -#: src/config/SSSDConfig/__init__.py.in:290 +#: src/config/SSSDConfig/__init__.py.in:291 msgid "Path to CA certificate directory" msgstr "Camí al directori del certificat de l'AC" -#: src/config/SSSDConfig/__init__.py.in:291 +#: src/config/SSSDConfig/__init__.py.in:292 msgid "File that contains the client certificate" msgstr "Fitxer que conté el certificat de client" -#: src/config/SSSDConfig/__init__.py.in:292 +#: src/config/SSSDConfig/__init__.py.in:293 msgid "File that contains the client key" msgstr "Fitxer que conté la clau de client" -#: src/config/SSSDConfig/__init__.py.in:293 +#: src/config/SSSDConfig/__init__.py.in:294 msgid "List of possible ciphers suites" msgstr "Llista de paquets de xifrat possibles" -#: src/config/SSSDConfig/__init__.py.in:294 +#: src/config/SSSDConfig/__init__.py.in:295 msgid "Require TLS certificate verification" msgstr "Requereix verificació de certificat TLS" -#: src/config/SSSDConfig/__init__.py.in:295 +#: src/config/SSSDConfig/__init__.py.in:296 msgid "Specify the sasl mechanism to use" msgstr "Especifica el mecanisme SASL a utilitzar" -#: src/config/SSSDConfig/__init__.py.in:296 +#: src/config/SSSDConfig/__init__.py.in:297 msgid "Specify the sasl authorization id to use" msgstr "Especifica l'id. d'autorització SASL a utilitzar" -#: src/config/SSSDConfig/__init__.py.in:297 +#: src/config/SSSDConfig/__init__.py.in:298 msgid "Specify the sasl authorization realm to use" msgstr "Especifica el reialme d'autorització SASL a utilitzar" -#: src/config/SSSDConfig/__init__.py.in:298 +#: src/config/SSSDConfig/__init__.py.in:299 msgid "Specify the minimal SSF for LDAP sasl authorization" msgstr "Especifica el SSF mínim per a l'autorització SASL de LDAP" -#: src/config/SSSDConfig/__init__.py.in:299 +#: src/config/SSSDConfig/__init__.py.in:300 msgid "Kerberos service keytab" msgstr "Taula de claus del servei del Kerberos" -#: src/config/SSSDConfig/__init__.py.in:300 +#: src/config/SSSDConfig/__init__.py.in:301 msgid "Use Kerberos auth for LDAP connection" msgstr "Utilitza l'autenticació Kerberos per a la connexió LDAP" -#: src/config/SSSDConfig/__init__.py.in:301 +#: src/config/SSSDConfig/__init__.py.in:302 msgid "Follow LDAP referrals" msgstr "Segueix les referències LDAP" -#: src/config/SSSDConfig/__init__.py.in:302 +#: src/config/SSSDConfig/__init__.py.in:303 msgid "Lifetime of TGT for LDAP connection" msgstr "Temps de vida del TGT per la connexió LDAP" -#: src/config/SSSDConfig/__init__.py.in:303 +#: src/config/SSSDConfig/__init__.py.in:304 msgid "How to dereference aliases" msgstr "Com desreferenciar els àlies" -#: src/config/SSSDConfig/__init__.py.in:304 +#: src/config/SSSDConfig/__init__.py.in:305 msgid "Service name for DNS service lookups" msgstr "Nom del servei per a la recerca del servei del DNS" -#: src/config/SSSDConfig/__init__.py.in:305 +#: src/config/SSSDConfig/__init__.py.in:306 msgid "The number of records to retrieve in a single LDAP query" msgstr "El nombre de registres a recuperar en una sola consulta LDAP" -#: src/config/SSSDConfig/__init__.py.in:306 +#: src/config/SSSDConfig/__init__.py.in:307 msgid "The number of members that must be missing to trigger a full deref" msgstr "" "El nombre de membres que han de faltar per activar una de-referència completa" -#: src/config/SSSDConfig/__init__.py.in:307 +#: src/config/SSSDConfig/__init__.py.in:308 msgid "" "Whether the LDAP library should perform a reverse lookup to canonicalize the " "host name during a SASL bind" @@ -1047,393 +1053,394 @@ msgstr "" "Si la biblioteca LDAP hauria de realitzar una recerca inversa per canonitzar " "el nom d'amfitrió durant la creació del vincle SASL" -#: src/config/SSSDConfig/__init__.py.in:309 +#: src/config/SSSDConfig/__init__.py.in:310 msgid "entryUSN attribute" msgstr "L'atribut entryUSN" -#: src/config/SSSDConfig/__init__.py.in:310 +#: src/config/SSSDConfig/__init__.py.in:311 msgid "lastUSN attribute" msgstr "L'atribut lastUSN" -#: src/config/SSSDConfig/__init__.py.in:312 +#: src/config/SSSDConfig/__init__.py.in:313 msgid "How long to retain a connection to the LDAP server before disconnecting" msgstr "" "Quant de temps s'ha de retenir una connexió al servidor LDAP abans de " "desconnectar" -#: src/config/SSSDConfig/__init__.py.in:314 +#: src/config/SSSDConfig/__init__.py.in:315 msgid "Disable the LDAP paging control" msgstr "Inhabilita el control de paginació LDAP" -#: src/config/SSSDConfig/__init__.py.in:315 +#: src/config/SSSDConfig/__init__.py.in:316 msgid "Disable Active Directory range retrieval" msgstr "Inhabilita la recuperació de l'interval de l'Active Directory" -#: src/config/SSSDConfig/__init__.py.in:318 +#: src/config/SSSDConfig/__init__.py.in:319 msgid "Length of time to wait for a search request" msgstr "Període de temps per esperar una petició de cerca" -#: src/config/SSSDConfig/__init__.py.in:319 +#: src/config/SSSDConfig/__init__.py.in:320 msgid "Length of time to wait for a enumeration request" msgstr "Període de temps per esperar una petició d'enumeració" -#: src/config/SSSDConfig/__init__.py.in:320 +#: src/config/SSSDConfig/__init__.py.in:321 msgid "Length of time between enumeration updates" msgstr "Període de temps entre les actualitzacions de les enumeracions" -#: src/config/SSSDConfig/__init__.py.in:321 +#: src/config/SSSDConfig/__init__.py.in:322 msgid "Length of time between cache cleanups" msgstr "Període de temps entre les neteges de la memòria cau" -#: src/config/SSSDConfig/__init__.py.in:322 +#: src/config/SSSDConfig/__init__.py.in:323 msgid "Require TLS for ID lookups" msgstr "Requereix TLS per a la recerca d'id." -#: src/config/SSSDConfig/__init__.py.in:323 +#: src/config/SSSDConfig/__init__.py.in:324 msgid "Use ID-mapping of objectSID instead of pre-set IDs" msgstr "" "Utilitza l'assignació dels id. de l'objectSID en lloc dels id. pre-establerts" -#: src/config/SSSDConfig/__init__.py.in:324 +#: src/config/SSSDConfig/__init__.py.in:325 msgid "Base DN for user lookups" msgstr "DN base per a la recerca de l'usuari" -#: src/config/SSSDConfig/__init__.py.in:325 +#: src/config/SSSDConfig/__init__.py.in:326 msgid "Scope of user lookups" msgstr "Abast de la recerca de l'usuari" -#: src/config/SSSDConfig/__init__.py.in:326 +#: src/config/SSSDConfig/__init__.py.in:327 msgid "Filter for user lookups" msgstr "Filtre per a la recerca de l'usuari" -#: src/config/SSSDConfig/__init__.py.in:327 +#: src/config/SSSDConfig/__init__.py.in:328 msgid "Objectclass for users" msgstr "Objectclass per als usuaris" -#: src/config/SSSDConfig/__init__.py.in:328 +#: src/config/SSSDConfig/__init__.py.in:329 msgid "Username attribute" msgstr "L'atribut nom d'usuari" -#: src/config/SSSDConfig/__init__.py.in:330 +#: src/config/SSSDConfig/__init__.py.in:331 msgid "UID attribute" msgstr "L'atribut UID" -#: src/config/SSSDConfig/__init__.py.in:331 +#: src/config/SSSDConfig/__init__.py.in:332 msgid "Primary GID attribute" msgstr "L'atribut GID primari" -#: src/config/SSSDConfig/__init__.py.in:332 +#: src/config/SSSDConfig/__init__.py.in:333 msgid "GECOS attribute" msgstr "L'atribut GECOS" -#: src/config/SSSDConfig/__init__.py.in:333 +#: src/config/SSSDConfig/__init__.py.in:334 msgid "Home directory attribute" msgstr "L'atribut directori inicial" -#: src/config/SSSDConfig/__init__.py.in:334 +#: src/config/SSSDConfig/__init__.py.in:335 msgid "Shell attribute" msgstr "L'atribut shell" -#: src/config/SSSDConfig/__init__.py.in:335 +#: src/config/SSSDConfig/__init__.py.in:336 msgid "UUID attribute" msgstr "L'atribut UUID" -#: src/config/SSSDConfig/__init__.py.in:336 -#: src/config/SSSDConfig/__init__.py.in:378 +#: src/config/SSSDConfig/__init__.py.in:337 +#: src/config/SSSDConfig/__init__.py.in:379 msgid "objectSID attribute" msgstr "L'atribut objectSID" -#: src/config/SSSDConfig/__init__.py.in:337 +#: src/config/SSSDConfig/__init__.py.in:338 msgid "Active Directory primary group attribute for ID-mapping" msgstr "L'atribut grup primari de l'Active Directory per a l'assignació d'id." -#: src/config/SSSDConfig/__init__.py.in:338 +#: src/config/SSSDConfig/__init__.py.in:339 msgid "User principal attribute (for Kerberos)" msgstr "L'atribut usuari principal (per a Kerberos)" -#: src/config/SSSDConfig/__init__.py.in:339 +#: src/config/SSSDConfig/__init__.py.in:340 msgid "Full Name" msgstr "Nom complet" -#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:341 msgid "memberOf attribute" msgstr "L'atribut memberOf" -#: src/config/SSSDConfig/__init__.py.in:341 +#: src/config/SSSDConfig/__init__.py.in:342 msgid "Modification time attribute" msgstr "L'atribut data de modificació" -#: src/config/SSSDConfig/__init__.py.in:343 +#: src/config/SSSDConfig/__init__.py.in:344 msgid "shadowLastChange attribute" msgstr "L'atribut shadowLastChange" -#: src/config/SSSDConfig/__init__.py.in:344 +#: src/config/SSSDConfig/__init__.py.in:345 msgid "shadowMin attribute" msgstr "L'atribut shadowMin" -#: src/config/SSSDConfig/__init__.py.in:345 +#: src/config/SSSDConfig/__init__.py.in:346 msgid "shadowMax attribute" msgstr "L'atribut shadowMax" -#: src/config/SSSDConfig/__init__.py.in:346 +#: src/config/SSSDConfig/__init__.py.in:347 msgid "shadowWarning attribute" msgstr "L'atribut shadowWarning" -#: src/config/SSSDConfig/__init__.py.in:347 +#: src/config/SSSDConfig/__init__.py.in:348 msgid "shadowInactive attribute" msgstr "L'atribut shadowInactive" -#: src/config/SSSDConfig/__init__.py.in:348 +#: src/config/SSSDConfig/__init__.py.in:349 msgid "shadowExpire attribute" msgstr "L'atribut shadowExpire" -#: src/config/SSSDConfig/__init__.py.in:349 +#: src/config/SSSDConfig/__init__.py.in:350 msgid "shadowFlag attribute" msgstr "L'atribut shadowFlag" -#: src/config/SSSDConfig/__init__.py.in:350 +#: src/config/SSSDConfig/__init__.py.in:351 msgid "Attribute listing authorized PAM services" msgstr "L'atribut que llista els serveis PAM autoritzats" -#: src/config/SSSDConfig/__init__.py.in:351 +#: src/config/SSSDConfig/__init__.py.in:352 msgid "Attribute listing authorized server hosts" msgstr "L'atribut que llista els amfitrions dels servidors autoritzats" -#: src/config/SSSDConfig/__init__.py.in:352 +#: src/config/SSSDConfig/__init__.py.in:353 #, fuzzy msgid "Attribute listing authorized server rhosts" msgstr "L'atribut que llista els amfitrions dels servidors autoritzats" -#: src/config/SSSDConfig/__init__.py.in:353 +#: src/config/SSSDConfig/__init__.py.in:354 msgid "krbLastPwdChange attribute" msgstr "L'atribut krbLastPwdChange" -#: src/config/SSSDConfig/__init__.py.in:354 +#: src/config/SSSDConfig/__init__.py.in:355 msgid "krbPasswordExpiration attribute" msgstr "L'atribut krbPasswordExpiration" -#: src/config/SSSDConfig/__init__.py.in:355 +#: src/config/SSSDConfig/__init__.py.in:356 msgid "Attribute indicating that server side password policies are active" msgstr "" "L'atribut que indica l'activació de les polítiques de contrasenya de servidor" -#: src/config/SSSDConfig/__init__.py.in:356 +#: src/config/SSSDConfig/__init__.py.in:357 msgid "accountExpires attribute of AD" msgstr "L'atribut accountExpires de l'AD" -#: src/config/SSSDConfig/__init__.py.in:357 +#: src/config/SSSDConfig/__init__.py.in:358 msgid "userAccountControl attribute of AD" msgstr "L'atribut userAccountControl de l'AD" -#: src/config/SSSDConfig/__init__.py.in:358 +#: src/config/SSSDConfig/__init__.py.in:359 msgid "nsAccountLock attribute" msgstr "L'atribut nsAccountLock" -#: src/config/SSSDConfig/__init__.py.in:359 +#: src/config/SSSDConfig/__init__.py.in:360 msgid "loginDisabled attribute of NDS" msgstr "L'atribut loginDisabled del NDS" -#: src/config/SSSDConfig/__init__.py.in:360 +#: src/config/SSSDConfig/__init__.py.in:361 msgid "loginExpirationTime attribute of NDS" msgstr "L'atribut loginExpirationTime del NDS" -#: src/config/SSSDConfig/__init__.py.in:361 +#: src/config/SSSDConfig/__init__.py.in:362 msgid "loginAllowedTimeMap attribute of NDS" msgstr "L'atribut loginAllowedTimeMap del NDS" -#: src/config/SSSDConfig/__init__.py.in:362 +#: src/config/SSSDConfig/__init__.py.in:363 msgid "SSH public key attribute" msgstr "L'atribut clau pública SSH" -#: src/config/SSSDConfig/__init__.py.in:363 +#: src/config/SSSDConfig/__init__.py.in:364 msgid "attribute listing allowed authentication types for a user" msgstr "atribut que llista els tipus permesos d'autenticació per a un usuari" -#: src/config/SSSDConfig/__init__.py.in:364 +#: src/config/SSSDConfig/__init__.py.in:365 msgid "attribute containing the X509 certificate of the user" msgstr "atribut que conté el certificat X509 de l'usuari" -#: src/config/SSSDConfig/__init__.py.in:365 +#: src/config/SSSDConfig/__init__.py.in:366 msgid "attribute containing the email address of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:367 +#: src/config/SSSDConfig/__init__.py.in:368 msgid "A list of extra attributes to download along with the user entry" msgstr "" "Una llista dels atributs extres per baixar juntament amb l'entrada de " "l'usuari" -#: src/config/SSSDConfig/__init__.py.in:369 +#: src/config/SSSDConfig/__init__.py.in:370 msgid "Base DN for group lookups" msgstr "DN base per a la recerca del grup" -#: src/config/SSSDConfig/__init__.py.in:372 +#: src/config/SSSDConfig/__init__.py.in:373 msgid "Objectclass for groups" msgstr "L'objectclass per als grups" -#: src/config/SSSDConfig/__init__.py.in:373 +#: src/config/SSSDConfig/__init__.py.in:374 msgid "Group name" msgstr "Nom del grup" -#: src/config/SSSDConfig/__init__.py.in:374 +#: src/config/SSSDConfig/__init__.py.in:375 msgid "Group password" msgstr "Contrasenya del grup" -#: src/config/SSSDConfig/__init__.py.in:375 +#: src/config/SSSDConfig/__init__.py.in:376 msgid "GID attribute" msgstr "L'atribut GID" -#: src/config/SSSDConfig/__init__.py.in:376 +#: src/config/SSSDConfig/__init__.py.in:377 msgid "Group member attribute" msgstr "L'atribut membre del grup" -#: src/config/SSSDConfig/__init__.py.in:377 +#: src/config/SSSDConfig/__init__.py.in:378 msgid "Group UUID attribute" msgstr "L'atribut UUID del grup" -#: src/config/SSSDConfig/__init__.py.in:379 +#: src/config/SSSDConfig/__init__.py.in:380 msgid "Modification time attribute for groups" msgstr "L'atribut data de modificació per als grups" -#: src/config/SSSDConfig/__init__.py.in:380 +#: src/config/SSSDConfig/__init__.py.in:381 msgid "Type of the group and other flags" msgstr "Tipus del grup i altres senyals" -#: src/config/SSSDConfig/__init__.py.in:381 +#: src/config/SSSDConfig/__init__.py.in:382 msgid "The LDAP group external member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:383 -msgid "Maximum nesting level SSSd will follow" +#: src/config/SSSDConfig/__init__.py.in:384 +#, fuzzy +msgid "Maximum nesting level SSSD will follow" msgstr "Nivell màxim d'encadenament que seguirà l'SSSd" -#: src/config/SSSDConfig/__init__.py.in:385 +#: src/config/SSSDConfig/__init__.py.in:386 msgid "Base DN for netgroup lookups" msgstr "DN base per a la recerca del grup de xarxa" -#: src/config/SSSDConfig/__init__.py.in:386 +#: src/config/SSSDConfig/__init__.py.in:387 msgid "Objectclass for netgroups" msgstr "L'objectclass per als grups de xarxa" -#: src/config/SSSDConfig/__init__.py.in:387 +#: src/config/SSSDConfig/__init__.py.in:388 msgid "Netgroup name" msgstr "Nom de grup de xarxa" -#: src/config/SSSDConfig/__init__.py.in:388 +#: src/config/SSSDConfig/__init__.py.in:389 msgid "Netgroups members attribute" msgstr "L'atribut membres del grup de xarxa" -#: src/config/SSSDConfig/__init__.py.in:389 +#: src/config/SSSDConfig/__init__.py.in:390 msgid "Netgroup triple attribute" msgstr "L'atribut triple del grup de xarxa" -#: src/config/SSSDConfig/__init__.py.in:390 +#: src/config/SSSDConfig/__init__.py.in:391 msgid "Modification time attribute for netgroups" msgstr "L'atribut data de modificació per als grups de xarxa" -#: src/config/SSSDConfig/__init__.py.in:392 +#: src/config/SSSDConfig/__init__.py.in:393 msgid "Base DN for service lookups" msgstr "DN base per a la recerca del servei" -#: src/config/SSSDConfig/__init__.py.in:393 +#: src/config/SSSDConfig/__init__.py.in:394 msgid "Objectclass for services" msgstr "Objectclass per als serveis" -#: src/config/SSSDConfig/__init__.py.in:394 +#: src/config/SSSDConfig/__init__.py.in:395 msgid "Service name attribute" msgstr "L'atribut nom del servei" -#: src/config/SSSDConfig/__init__.py.in:395 +#: src/config/SSSDConfig/__init__.py.in:396 msgid "Service port attribute" msgstr "L'atribut port del servei" -#: src/config/SSSDConfig/__init__.py.in:396 +#: src/config/SSSDConfig/__init__.py.in:397 msgid "Service protocol attribute" msgstr "L'atribut protocol del servei" -#: src/config/SSSDConfig/__init__.py.in:399 +#: src/config/SSSDConfig/__init__.py.in:400 msgid "Lower bound for ID-mapping" msgstr "Límit inferior per a l'assignació d'id." -#: src/config/SSSDConfig/__init__.py.in:400 +#: src/config/SSSDConfig/__init__.py.in:401 msgid "Upper bound for ID-mapping" msgstr "Límit superior per a l'assignació d'id." -#: src/config/SSSDConfig/__init__.py.in:401 +#: src/config/SSSDConfig/__init__.py.in:402 msgid "Number of IDs for each slice when ID-mapping" msgstr "Nombres d'id. per cada porció en l'assignació d'id." -#: src/config/SSSDConfig/__init__.py.in:402 +#: src/config/SSSDConfig/__init__.py.in:403 msgid "Use autorid-compatible algorithm for ID-mapping" msgstr "Utilitza l'algoritme compatible d'autorid per a l'assignació d'id." -#: src/config/SSSDConfig/__init__.py.in:403 +#: src/config/SSSDConfig/__init__.py.in:404 msgid "Name of the default domain for ID-mapping" msgstr "Nom del domini per defecte per a l'assignació d'id." -#: src/config/SSSDConfig/__init__.py.in:404 +#: src/config/SSSDConfig/__init__.py.in:405 msgid "SID of the default domain for ID-mapping" msgstr "SID del domini per defecte per a l'assignació d'id." -#: src/config/SSSDConfig/__init__.py.in:405 +#: src/config/SSSDConfig/__init__.py.in:406 msgid "Number of secondary slices" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:407 +#: src/config/SSSDConfig/__init__.py.in:408 msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups" msgstr "Utilitza LDAP_MATCHING_RULE_IN_CHAIN per a la recerca del grup" -#: src/config/SSSDConfig/__init__.py.in:408 +#: src/config/SSSDConfig/__init__.py.in:409 msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups" msgstr "Utilitza LDAP_MATCHING_RULE_IN_CHAIN per a la recerca del grup inicial" -#: src/config/SSSDConfig/__init__.py.in:409 +#: src/config/SSSDConfig/__init__.py.in:410 msgid "Whether to use Token-Groups" msgstr "Si s'utilitzen els grups amb testimonis" -#: src/config/SSSDConfig/__init__.py.in:410 +#: src/config/SSSDConfig/__init__.py.in:411 msgid "Set lower boundary for allowed IDs from the LDAP server" msgstr "Estableix el límit inferior per als id. permesos del servidor LDAP" -#: src/config/SSSDConfig/__init__.py.in:411 +#: src/config/SSSDConfig/__init__.py.in:412 msgid "Set upper boundary for allowed IDs from the LDAP server" msgstr "Estableix el límit superior per als id. permesos del servidor LDAP" -#: src/config/SSSDConfig/__init__.py.in:412 +#: src/config/SSSDConfig/__init__.py.in:413 msgid "DN for ppolicy queries" msgstr "DN per a les consultes ppolicy" -#: src/config/SSSDConfig/__init__.py.in:413 +#: src/config/SSSDConfig/__init__.py.in:414 msgid "How many maximum entries to fetch during a wildcard request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:416 +#: src/config/SSSDConfig/__init__.py.in:417 msgid "Policy to evaluate the password expiration" msgstr "Política per avaluar el venciment de la contrasenya" -#: src/config/SSSDConfig/__init__.py.in:420 +#: src/config/SSSDConfig/__init__.py.in:421 msgid "Which attributes shall be used to evaluate if an account is expired" msgstr "" "Quins atributs s'haurien d'utilitzar per avaluar si el compte ha vençut" -#: src/config/SSSDConfig/__init__.py.in:421 +#: src/config/SSSDConfig/__init__.py.in:422 msgid "Which rules should be used to evaluate access control" msgstr "Quines regles s'haurien d'utilitzar per avaluar el control d'accés" -#: src/config/SSSDConfig/__init__.py.in:424 +#: src/config/SSSDConfig/__init__.py.in:425 msgid "URI of an LDAP server where password changes are allowed" msgstr "URI d'un servidor LDAP on es permeten els canvis de contrasenya" -#: src/config/SSSDConfig/__init__.py.in:425 +#: src/config/SSSDConfig/__init__.py.in:426 msgid "URI of a backup LDAP server where password changes are allowed" msgstr "" "URI d'un servidor LDAP de reserva on es permeten els canvis de contrasenya" -#: src/config/SSSDConfig/__init__.py.in:426 +#: src/config/SSSDConfig/__init__.py.in:427 msgid "DNS service name for LDAP password change server" msgstr "Nom del servei DNS pel servidor LDAP de canvi de contrasenyes" -#: src/config/SSSDConfig/__init__.py.in:427 +#: src/config/SSSDConfig/__init__.py.in:428 msgid "" "Whether to update the ldap_user_shadow_last_change attribute after a " "password change" @@ -1441,23 +1448,23 @@ msgstr "" "Si s'actualitza l'atribut ldap_user_shadow_last_change després d'un canvi de " "contrasenya" -#: src/config/SSSDConfig/__init__.py.in:430 +#: src/config/SSSDConfig/__init__.py.in:431 msgid "Base DN for sudo rules lookups" msgstr "DN base per a la recerca de les regles sudo" -#: src/config/SSSDConfig/__init__.py.in:431 +#: src/config/SSSDConfig/__init__.py.in:432 msgid "Automatic full refresh period" msgstr "Període d'actualització automàtica completa" -#: src/config/SSSDConfig/__init__.py.in:432 +#: src/config/SSSDConfig/__init__.py.in:433 msgid "Automatic smart refresh period" msgstr "Període d'actualització automàtica intel·ligent" -#: src/config/SSSDConfig/__init__.py.in:433 +#: src/config/SSSDConfig/__init__.py.in:434 msgid "Whether to filter rules by hostname, IP addresses and network" msgstr "Si es filtren les regles per nom d'amfitrió, adreça IP i xarxa" -#: src/config/SSSDConfig/__init__.py.in:434 +#: src/config/SSSDConfig/__init__.py.in:435 msgid "" "Hostnames and/or fully qualified domain names of this machine to filter sudo " "rules" @@ -1465,288 +1472,292 @@ msgstr "" "Noms d'amfitrió i/o noms de domini plenament qualificat d'aquesta màquina " "per filtrar les regles de sudo" -#: src/config/SSSDConfig/__init__.py.in:435 +#: src/config/SSSDConfig/__init__.py.in:436 msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" msgstr "" "Adreces IPv4 o IPv6 o xarxa d'aquesta màquina per filtrar regles de sudo" -#: src/config/SSSDConfig/__init__.py.in:436 +#: src/config/SSSDConfig/__init__.py.in:437 msgid "Whether to include rules that contains netgroup in host attribute" msgstr "" "Si s'inclouen les regles que contenen el grup de xarxa a l'atribut de " "l'amfitrió" -#: src/config/SSSDConfig/__init__.py.in:437 +#: src/config/SSSDConfig/__init__.py.in:438 msgid "" "Whether to include rules that contains regular expression in host attribute" msgstr "" "Si s'inclouen les regles que contenen expressions regulars a l'atribut de " "l'amfitrió" -#: src/config/SSSDConfig/__init__.py.in:438 +#: src/config/SSSDConfig/__init__.py.in:439 msgid "Object class for sudo rules" msgstr "Objectclass de les regles sudo" -#: src/config/SSSDConfig/__init__.py.in:439 +#: src/config/SSSDConfig/__init__.py.in:440 msgid "Sudo rule name" msgstr "Nom de la regla sudo" -#: src/config/SSSDConfig/__init__.py.in:440 +#: src/config/SSSDConfig/__init__.py.in:441 msgid "Sudo rule command attribute" msgstr "Attribut command de la regla sudo" -#: src/config/SSSDConfig/__init__.py.in:441 +#: src/config/SSSDConfig/__init__.py.in:442 msgid "Sudo rule host attribute" msgstr "L'atribut host de la regla sudo" -#: src/config/SSSDConfig/__init__.py.in:442 +#: src/config/SSSDConfig/__init__.py.in:443 msgid "Sudo rule user attribute" msgstr "L'atribut user de la regla sudo" -#: src/config/SSSDConfig/__init__.py.in:443 +#: src/config/SSSDConfig/__init__.py.in:444 msgid "Sudo rule option attribute" msgstr "L'atribut option de la regla sudo" -#: src/config/SSSDConfig/__init__.py.in:444 +#: src/config/SSSDConfig/__init__.py.in:445 msgid "Sudo rule runas attribute" msgstr "L'atribut runas de la regla sudo" -#: src/config/SSSDConfig/__init__.py.in:445 +#: src/config/SSSDConfig/__init__.py.in:446 msgid "Sudo rule runasuser attribute" msgstr "L'atribut runasuser de la regla sudo" -#: src/config/SSSDConfig/__init__.py.in:446 +#: src/config/SSSDConfig/__init__.py.in:447 msgid "Sudo rule runasgroup attribute" msgstr "L'atribut runasgroup de la regla sudo" -#: src/config/SSSDConfig/__init__.py.in:447 +#: src/config/SSSDConfig/__init__.py.in:448 msgid "Sudo rule notbefore attribute" msgstr "L'atribut notbefore de la regla sudo" -#: src/config/SSSDConfig/__init__.py.in:448 +#: src/config/SSSDConfig/__init__.py.in:449 msgid "Sudo rule notafter attribute" msgstr "L'atribut notafter de la regla sudo" -#: src/config/SSSDConfig/__init__.py.in:449 +#: src/config/SSSDConfig/__init__.py.in:450 msgid "Sudo rule order attribute" msgstr "L'atribut order de la regla sudo" -#: src/config/SSSDConfig/__init__.py.in:452 +#: src/config/SSSDConfig/__init__.py.in:453 msgid "Object class for automounter maps" msgstr "Objectclass per a les assignacions de l'eina de muntatge automàtic" -#: src/config/SSSDConfig/__init__.py.in:453 +#: src/config/SSSDConfig/__init__.py.in:454 msgid "Automounter map name attribute" msgstr "L'atribut nom de l'assignació de l'eina de muntatge automàtic" -#: src/config/SSSDConfig/__init__.py.in:454 +#: src/config/SSSDConfig/__init__.py.in:455 msgid "Object class for automounter map entries" msgstr "" "Objectclass per a les entrades de les assignacions de l'eina de muntatge " "automàtic" -#: src/config/SSSDConfig/__init__.py.in:455 +#: src/config/SSSDConfig/__init__.py.in:456 msgid "Automounter map entry key attribute" msgstr "" "L'atribut clau d'entrada de l'assignació de l'eina de muntatge automàtic" -#: src/config/SSSDConfig/__init__.py.in:456 +#: src/config/SSSDConfig/__init__.py.in:457 msgid "Automounter map entry value attribute" msgstr "" "L'atribut valor de l'entrada de l'assignació l'eina de muntatge automàtic" -#: src/config/SSSDConfig/__init__.py.in:457 +#: src/config/SSSDConfig/__init__.py.in:458 msgid "Base DN for automounter map lookups" msgstr "" "DN base per a la recerca de l'assignació de l'eina de muntatge automàtic" -#: src/config/SSSDConfig/__init__.py.in:460 +#: src/config/SSSDConfig/__init__.py.in:461 msgid "Comma separated list of allowed users" msgstr "Llista separada per comes dels usuaris autoritzats" -#: src/config/SSSDConfig/__init__.py.in:461 +#: src/config/SSSDConfig/__init__.py.in:462 msgid "Comma separated list of prohibited users" msgstr "Llista separada per comes dels usuaris no autoritzats" -#: src/config/SSSDConfig/__init__.py.in:464 +#: src/config/SSSDConfig/__init__.py.in:465 msgid "Default shell, /bin/bash" msgstr "El shell predeterminat, /bin/bash" -#: src/config/SSSDConfig/__init__.py.in:465 +#: src/config/SSSDConfig/__init__.py.in:466 msgid "Base for home directories" msgstr "Base per als directoris inicials" -#: src/config/SSSDConfig/__init__.py.in:468 +#: src/config/SSSDConfig/__init__.py.in:469 msgid "The number of preforked proxy children." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:471 +#: src/config/SSSDConfig/__init__.py.in:472 msgid "The name of the NSS library to use" msgstr "El nom de la biblioteca NSS a utilitzar" -#: src/config/SSSDConfig/__init__.py.in:472 +#: src/config/SSSDConfig/__init__.py.in:473 msgid "Whether to look up canonical group name from cache if possible" msgstr "" "Si se cerca el nom del grup canònic des de la memòria cau, si és possible" -#: src/config/SSSDConfig/__init__.py.in:475 +#: src/config/SSSDConfig/__init__.py.in:476 msgid "PAM stack to use" msgstr "Pila PAM a utilitzar" -#: src/monitor/monitor.c:2469 +#: src/monitor/monitor.c:2449 msgid "Become a daemon (default)" msgstr "Esdevé un dimoni (per defecte)" -#: src/monitor/monitor.c:2471 +#: src/monitor/monitor.c:2451 msgid "Run interactive (not a daemon)" msgstr "Executa en mode interactiu (no com a dimoni)" -#: src/monitor/monitor.c:2474 +#: src/monitor/monitor.c:2454 msgid "Disable netlink interface" msgstr "" -#: src/monitor/monitor.c:2476 src/tools/sssctl/sssctl_logs.c:311 +#: src/monitor/monitor.c:2456 src/tools/sssctl/sssctl_logs.c:311 msgid "Specify a non-default config file" msgstr "Especifica un fitxer de configuració diferent del predeterminat" -#: src/monitor/monitor.c:2478 +#: src/monitor/monitor.c:2458 msgid "Refresh the configuration database, then exit" msgstr "" -#: src/monitor/monitor.c:2481 +#: src/monitor/monitor.c:2461 msgid "Print version number and exit" msgstr "Imprimeix el número de versió i surt" -#: src/monitor/monitor.c:2645 +#: src/monitor/monitor.c:2627 msgid "SSSD is already running\n" msgstr "" -#: src/providers/krb5/krb5_child.c:3032 src/providers/ldap/ldap_child.c:616 +#: src/providers/krb5/krb5_child.c:3216 src/providers/ldap/ldap_child.c:617 msgid "Debug level" msgstr "Nivell de depuració" -#: src/providers/krb5/krb5_child.c:3034 src/providers/ldap/ldap_child.c:618 +#: src/providers/krb5/krb5_child.c:3218 src/providers/ldap/ldap_child.c:619 msgid "Add debug timestamps" msgstr "Afegeix les marques temporals de depuració" -#: src/providers/krb5/krb5_child.c:3036 src/providers/ldap/ldap_child.c:620 +#: src/providers/krb5/krb5_child.c:3220 src/providers/ldap/ldap_child.c:621 msgid "Show timestamps with microseconds" msgstr "Mostra les marques temporals amb microsegons" -#: src/providers/krb5/krb5_child.c:3038 src/providers/ldap/ldap_child.c:622 +#: src/providers/krb5/krb5_child.c:3222 src/providers/ldap/ldap_child.c:623 msgid "An open file descriptor for the debug logs" msgstr "Un descriptor de fitxer obert pels registres de depuració" -#: src/providers/krb5/krb5_child.c:3041 src/providers/ldap/ldap_child.c:624 +#: src/providers/krb5/krb5_child.c:3225 src/providers/ldap/ldap_child.c:625 msgid "Send the debug output to stderr directly." msgstr "Envia directament la sortida de depuració al stderr." -#: src/providers/krb5/krb5_child.c:3043 +#: src/providers/krb5/krb5_child.c:3228 msgid "The user to create FAST ccache as" msgstr "L'usuari amb què es crea la ccache FAST" -#: src/providers/krb5/krb5_child.c:3045 +#: src/providers/krb5/krb5_child.c:3230 msgid "The group to create FAST ccache as" msgstr "El grup amb què es crea la ccache FAST" -#: src/providers/krb5/krb5_child.c:3047 +#: src/providers/krb5/krb5_child.c:3232 msgid "Kerberos realm to use" msgstr "" -#: src/providers/krb5/krb5_child.c:3049 +#: src/providers/krb5/krb5_child.c:3234 msgid "Requested lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:3051 +#: src/providers/krb5/krb5_child.c:3236 msgid "Requested renewable lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:3053 +#: src/providers/krb5/krb5_child.c:3238 msgid "FAST options ('never', 'try', 'demand')" msgstr "" -#: src/providers/krb5/krb5_child.c:3056 +#: src/providers/krb5/krb5_child.c:3241 msgid "Specifies the server principal to use for FAST" msgstr "" -#: src/providers/krb5/krb5_child.c:3058 +#: src/providers/krb5/krb5_child.c:3243 msgid "Requests canonicalization of the principal name" msgstr "" -#: src/providers/data_provider_be.c:553 +#: src/providers/krb5/krb5_child.c:3245 +msgid "Use custom version of krb5_get_init_creds_password" +msgstr "" + +#: src/providers/data_provider_be.c:555 msgid "Domain of the information provider (mandatory)" msgstr "Domini del proveïdor d'informació (obligatori)" -#: src/sss_client/common.c:1061 +#: src/sss_client/common.c:1066 msgid "Privileged socket has wrong ownership or permissions." msgstr "El sòcol amb privilegis té malament els permisos o el propietari." -#: src/sss_client/common.c:1064 +#: src/sss_client/common.c:1069 msgid "Public socket has wrong ownership or permissions." msgstr "El sòcol públic té malament els permisos o el propietari." -#: src/sss_client/common.c:1067 +#: src/sss_client/common.c:1072 msgid "Unexpected format of the server credential message." msgstr "Format inesperat del missatge de les credencials del servidor." -#: src/sss_client/common.c:1070 +#: src/sss_client/common.c:1075 msgid "SSSD is not run by root." msgstr "L'SSSD no s'està executant com a root." -#: src/sss_client/common.c:1075 +#: src/sss_client/common.c:1080 msgid "An error occurred, but no description can be found." msgstr "S'ha produït un error però no s'ha pogut trobar cap descripció." -#: src/sss_client/common.c:1081 +#: src/sss_client/common.c:1086 msgid "Unexpected error while looking for an error description" msgstr "Error inesperat en cercar una descripció de l'error" -#: src/sss_client/pam_sss.c:68 +#: src/sss_client/pam_sss.c:76 msgid "Permission denied. " msgstr "Permís denegat." -#: src/sss_client/pam_sss.c:69 src/sss_client/pam_sss.c:746 -#: src/sss_client/pam_sss.c:757 +#: src/sss_client/pam_sss.c:77 src/sss_client/pam_sss.c:782 +#: src/sss_client/pam_sss.c:793 msgid "Server message: " msgstr "Missatge del servidor: " -#: src/sss_client/pam_sss.c:264 +#: src/sss_client/pam_sss.c:300 msgid "Passwords do not match" msgstr "Les contrasenyes no coincideixen" -#: src/sss_client/pam_sss.c:452 +#: src/sss_client/pam_sss.c:488 msgid "Password reset by root is not supported." msgstr "No s'admet el restabliment de la contrasenya pel root." -#: src/sss_client/pam_sss.c:493 +#: src/sss_client/pam_sss.c:529 msgid "Authenticated with cached credentials" msgstr "S'ha autenticat amb credencials de la memòria cau" -#: src/sss_client/pam_sss.c:494 +#: src/sss_client/pam_sss.c:530 msgid ", your cached password will expire at: " msgstr ", la vostra contrasenya en memòria cau vencerà el: " -#: src/sss_client/pam_sss.c:524 +#: src/sss_client/pam_sss.c:560 #, c-format msgid "Your password has expired. You have %1$d grace login(s) remaining." msgstr "" "La vostra contrasenya ha vençut. Teniu %1$d inicis de sessió restants de " "cortesia." -#: src/sss_client/pam_sss.c:570 +#: src/sss_client/pam_sss.c:606 #, c-format msgid "Your password will expire in %1$d %2$s." msgstr "La vostra contrasenya vencerà en %1$d %2$s." -#: src/sss_client/pam_sss.c:619 +#: src/sss_client/pam_sss.c:655 msgid "Authentication is denied until: " msgstr "S'ha denegat l'autenticació fins: " -#: src/sss_client/pam_sss.c:640 +#: src/sss_client/pam_sss.c:676 msgid "System is offline, password change not possible" msgstr "El sistema està desconnectat, el canvi de contrasenya no és possible" -#: src/sss_client/pam_sss.c:655 +#: src/sss_client/pam_sss.c:691 msgid "" "After changing the OTP password, you need to log out and back in order to " "acquire a ticket" @@ -1754,39 +1765,44 @@ msgstr "" "Després de canviar la contrasenya OTP, heu de tancar la sessió i tornar-la a " "iniciar per tal d'adquirir un tiquet" -#: src/sss_client/pam_sss.c:743 src/sss_client/pam_sss.c:756 +#: src/sss_client/pam_sss.c:779 src/sss_client/pam_sss.c:792 msgid "Password change failed. " msgstr "Ha fallat el canvi de contrasenya." -#: src/sss_client/pam_sss.c:1670 +#: src/sss_client/pam_sss.c:1926 msgid "New Password: " msgstr "Nova contrasenya: " -#: src/sss_client/pam_sss.c:1671 +#: src/sss_client/pam_sss.c:1927 msgid "Reenter new Password: " msgstr "Torneu a introduir la nova contrasenya: " -#: src/sss_client/pam_sss.c:1783 src/sss_client/pam_sss.c:1786 +#: src/sss_client/pam_sss.c:2039 src/sss_client/pam_sss.c:2042 msgid "First Factor: " msgstr "Primer factor:" -#: src/sss_client/pam_sss.c:1784 +#: src/sss_client/pam_sss.c:2040 src/sss_client/pam_sss.c:2202 msgid "Second Factor (optional): " msgstr "" -#: src/sss_client/pam_sss.c:1787 +#: src/sss_client/pam_sss.c:2043 src/sss_client/pam_sss.c:2205 msgid "Second Factor: " msgstr "Segon factor:" -#: src/sss_client/pam_sss.c:1792 +#: src/sss_client/pam_sss.c:2058 msgid "Password: " msgstr "Contrasenya: " -#: src/sss_client/pam_sss.c:1832 +#: src/sss_client/pam_sss.c:2201 src/sss_client/pam_sss.c:2204 +#, fuzzy +msgid "First Factor (Current Password): " +msgstr "Contrasenya actual: " + +#: src/sss_client/pam_sss.c:2208 msgid "Current Password: " msgstr "Contrasenya actual: " -#: src/sss_client/pam_sss.c:2098 +#: src/sss_client/pam_sss.c:2536 msgid "Password expired. Change your password now." msgstr "La contrasenya ha vençut. Canvieu ara la vostra contrasenya." @@ -2459,38 +2475,38 @@ msgstr "" msgid "Cached in InfoPipe" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:511 +#: src/tools/sssctl/sssctl_cache.c:512 #, c-format msgid "Error: Unable to get object [%d]: %s\n" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:527 +#: src/tools/sssctl/sssctl_cache.c:528 #, c-format msgid "%s: Unable to read value [%d]: %s\n" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:555 +#: src/tools/sssctl/sssctl_cache.c:556 msgid "Specify name." msgstr "" -#: src/tools/sssctl/sssctl_cache.c:565 +#: src/tools/sssctl/sssctl_cache.c:566 #, c-format msgid "Unable to parse name %s.\n" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:591 src/tools/sssctl/sssctl_cache.c:638 +#: src/tools/sssctl/sssctl_cache.c:592 src/tools/sssctl/sssctl_cache.c:639 msgid "Search by SID" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:592 +#: src/tools/sssctl/sssctl_cache.c:593 msgid "Search by user ID" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:601 +#: src/tools/sssctl/sssctl_cache.c:602 msgid "Initgroups expiration time" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:639 +#: src/tools/sssctl/sssctl_cache.c:640 msgid "Search by group ID" msgstr "" @@ -2528,7 +2544,7 @@ msgid "Unable to create backup directory [%d]: %s" msgstr "" #: src/tools/sssctl/sssctl_data.c:95 -msgid "SSSD backup of local data already exist, override?" +msgid "SSSD backup of local data already exists, override?" msgstr "" #: src/tools/sssctl/sssctl_data.c:111 diff --git a/po/de.po b/po/de.po index 36c7011779e..2878c3832cd 100644 --- a/po/de.po +++ b/po/de.po @@ -10,7 +10,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2017-10-20 16:16+0200\n" +"POT-Creation-Date: 2018-03-09 12:31+0100\n" "PO-Revision-Date: 2014-12-14 11:45-0500\n" "Last-Translator: Copied by Zanata \n" "Language-Team: German (http://www.transifex.com/projects/p/sssd/language/" @@ -540,14 +540,14 @@ msgid "Whether to automatically update the client's DNS entry" msgstr "Automatische Aktualisierung des DNS-Eintrags des Clients" #: src/config/SSSDConfig/__init__.py.in:184 -#: src/config/SSSDConfig/__init__.py.in:205 +#: src/config/SSSDConfig/__init__.py.in:206 msgid "The TTL to apply to the client's DNS entry after updating it" msgstr "" "Die auf den DNS-Eintrag des Clients anzuwendende TTL, nachdem dieser " "aktualisiert wurde" #: src/config/SSSDConfig/__init__.py.in:185 -#: src/config/SSSDConfig/__init__.py.in:206 +#: src/config/SSSDConfig/__init__.py.in:207 msgid "The interface whose IP should be used for dynamic DNS updates" msgstr "" "Schnittstelle, deren IP für dynamische DNS-Aktualisierungen verwendet werden " @@ -597,38 +597,43 @@ msgstr "" msgid "How long can cached credentials be used for cached authentication" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:200 +#: src/config/SSSDConfig/__init__.py.in:198 +#, fuzzy +msgid "Whether to automatically create private groups for users" +msgstr "Automatische Aktualisierung des DNS-Eintrags des Clients" + +#: src/config/SSSDConfig/__init__.py.in:201 msgid "IPA domain" msgstr "IPA-Domain" -#: src/config/SSSDConfig/__init__.py.in:201 +#: src/config/SSSDConfig/__init__.py.in:202 msgid "IPA server address" msgstr "IPA-Serveradresse" -#: src/config/SSSDConfig/__init__.py.in:202 +#: src/config/SSSDConfig/__init__.py.in:203 msgid "Address of backup IPA server" msgstr "Adresse des Ersatz-IPA-Servers" -#: src/config/SSSDConfig/__init__.py.in:203 +#: src/config/SSSDConfig/__init__.py.in:204 msgid "IPA client hostname" msgstr "IPA-Client-Rechnername" -#: src/config/SSSDConfig/__init__.py.in:204 +#: src/config/SSSDConfig/__init__.py.in:205 msgid "Whether to automatically update the client's DNS entry in FreeIPA" msgstr "" "Gibt an, ob der DNS-Eintrag des Clients in FreeIPA automatisch aktualisiert " "werden soll" -#: src/config/SSSDConfig/__init__.py.in:207 +#: src/config/SSSDConfig/__init__.py.in:208 msgid "Search base for HBAC related objects" msgstr "Suchbasis für HBAC-bezogene Objekte" -#: src/config/SSSDConfig/__init__.py.in:208 +#: src/config/SSSDConfig/__init__.py.in:209 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server" msgstr "Die Zeitspanne zwischen Suchanfragen der HBAC-Regeln an den IPA-Server" -#: src/config/SSSDConfig/__init__.py.in:209 +#: src/config/SSSDConfig/__init__.py.in:210 msgid "" "The amount of time in seconds between lookups of the SELinux maps against " "the IPA server" @@ -636,64 +641,64 @@ msgstr "" "Die Zeitspanne in Sekunden zwischen Suchanfragen der SELinux-Zuweisung an " "den IPA-Server" -#: src/config/SSSDConfig/__init__.py.in:210 +#: src/config/SSSDConfig/__init__.py.in:211 msgid "If set to false, host argument given by PAM will be ignored" msgstr "" "Falls auf »false« gesetzt, wird das von PAM angegebene Host-Argument " "ignoriert" -#: src/config/SSSDConfig/__init__.py.in:211 +#: src/config/SSSDConfig/__init__.py.in:212 msgid "The automounter location this IPA client is using" msgstr "Der Automounter-Ort, den dieser IPA-Client verwendet" -#: src/config/SSSDConfig/__init__.py.in:212 +#: src/config/SSSDConfig/__init__.py.in:213 msgid "Search base for object containing info about IPA domain" msgstr "" "Suchbasis für Objekte, die Informationen über eine IPA-Domain enthalten" -#: src/config/SSSDConfig/__init__.py.in:213 +#: src/config/SSSDConfig/__init__.py.in:214 msgid "Search base for objects containing info about ID ranges" msgstr "Suchbasis für Objekte, die Informationen über ID-Bereiche enthalten" -#: src/config/SSSDConfig/__init__.py.in:214 -#: src/config/SSSDConfig/__init__.py.in:232 +#: src/config/SSSDConfig/__init__.py.in:215 +#: src/config/SSSDConfig/__init__.py.in:233 msgid "Enable DNS sites - location based service discovery" msgstr "DNS-Sites aktivieren – standortbasierte Dienstsuche" -#: src/config/SSSDConfig/__init__.py.in:215 +#: src/config/SSSDConfig/__init__.py.in:216 msgid "Search base for view containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:216 +#: src/config/SSSDConfig/__init__.py.in:217 msgid "Objectclass for view containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:217 +#: src/config/SSSDConfig/__init__.py.in:218 msgid "Attribute with the name of the view" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:218 +#: src/config/SSSDConfig/__init__.py.in:219 msgid "Objectclass for override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:219 +#: src/config/SSSDConfig/__init__.py.in:220 msgid "Attribute with the reference to the original object" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:220 +#: src/config/SSSDConfig/__init__.py.in:221 msgid "Objectclass for user override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:221 +#: src/config/SSSDConfig/__init__.py.in:222 msgid "Objectclass for group override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:222 +#: src/config/SSSDConfig/__init__.py.in:223 #, fuzzy msgid "Search base for Desktop Profile related objects" msgstr "Suchbasis für HBAC-bezogene Objekte" -#: src/config/SSSDConfig/__init__.py.in:223 +#: src/config/SSSDConfig/__init__.py.in:224 #, fuzzy msgid "" "The amount of time in seconds between lookups of the Desktop Profile rules " @@ -702,308 +707,308 @@ msgstr "" "Die Zeitspanne in Sekunden zwischen Suchanfragen der SELinux-Zuweisung an " "den IPA-Server" -#: src/config/SSSDConfig/__init__.py.in:224 +#: src/config/SSSDConfig/__init__.py.in:225 #, fuzzy msgid "" "The amount of time in minutes between lookups of Desktop Profiles rules " "against the IPA server when the last request did not find any rule" msgstr "Die Zeitspanne zwischen Suchanfragen der HBAC-Regeln an den IPA-Server" -#: src/config/SSSDConfig/__init__.py.in:227 +#: src/config/SSSDConfig/__init__.py.in:228 msgid "Active Directory domain" msgstr "Active-Directory-Domain" -#: src/config/SSSDConfig/__init__.py.in:228 +#: src/config/SSSDConfig/__init__.py.in:229 msgid "Enabled Active Directory domains" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:229 +#: src/config/SSSDConfig/__init__.py.in:230 msgid "Active Directory server address" msgstr "Adresse des Active-Directory-Servers" -#: src/config/SSSDConfig/__init__.py.in:230 +#: src/config/SSSDConfig/__init__.py.in:231 msgid "Active Directory backup server address" msgstr "Adresse des Ersatz-Active-Directory-Servers" -#: src/config/SSSDConfig/__init__.py.in:231 +#: src/config/SSSDConfig/__init__.py.in:232 msgid "Active Directory client hostname" msgstr "Hostname des Active-Directory-Clients" -#: src/config/SSSDConfig/__init__.py.in:233 -#: src/config/SSSDConfig/__init__.py.in:419 +#: src/config/SSSDConfig/__init__.py.in:234 +#: src/config/SSSDConfig/__init__.py.in:420 msgid "LDAP filter to determine access privileges" msgstr "LDAP-Filter zum Bestimmen der Zugriffsprivilegien" -#: src/config/SSSDConfig/__init__.py.in:234 +#: src/config/SSSDConfig/__init__.py.in:235 msgid "Whether to use the Global Catalog for lookups" msgstr "Verwendung des globalen Katalogs für Suchvorgänge" -#: src/config/SSSDConfig/__init__.py.in:235 +#: src/config/SSSDConfig/__init__.py.in:236 msgid "Operation mode for GPO-based access control" msgstr "Operationsmodus für GPO-basierte Zuhgriffskontrolle" -#: src/config/SSSDConfig/__init__.py.in:236 +#: src/config/SSSDConfig/__init__.py.in:237 msgid "" "The amount of time between lookups of the GPO policy files against the AD " "server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:237 +#: src/config/SSSDConfig/__init__.py.in:238 msgid "" "PAM service names that map to the GPO (Deny)InteractiveLogonRight policy " "settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:238 +#: src/config/SSSDConfig/__init__.py.in:239 msgid "" "PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight " "policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:239 +#: src/config/SSSDConfig/__init__.py.in:240 msgid "" "PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:240 +#: src/config/SSSDConfig/__init__.py.in:241 msgid "" "PAM service names that map to the GPO (Deny)BatchLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:241 +#: src/config/SSSDConfig/__init__.py.in:242 msgid "" "PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:242 +#: src/config/SSSDConfig/__init__.py.in:243 msgid "PAM service names for which GPO-based access is always granted" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:243 +#: src/config/SSSDConfig/__init__.py.in:244 msgid "PAM service names for which GPO-based access is always denied" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:244 +#: src/config/SSSDConfig/__init__.py.in:245 msgid "" "Default logon right (or permit/deny) to use for unmapped PAM service names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:245 +#: src/config/SSSDConfig/__init__.py.in:246 msgid "a particular site to be used by the client" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:246 +#: src/config/SSSDConfig/__init__.py.in:247 msgid "" "Maximum age in days before the machine account password should be renewed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:247 +#: src/config/SSSDConfig/__init__.py.in:248 msgid "Option for tuning the machine account renewal task" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:250 #: src/config/SSSDConfig/__init__.py.in:251 +#: src/config/SSSDConfig/__init__.py.in:252 msgid "Kerberos server address" msgstr "Kerberos-Serveradresse" -#: src/config/SSSDConfig/__init__.py.in:252 +#: src/config/SSSDConfig/__init__.py.in:253 msgid "Kerberos backup server address" msgstr "Adresse des Ersatz-Kerberos-Servers" -#: src/config/SSSDConfig/__init__.py.in:253 +#: src/config/SSSDConfig/__init__.py.in:254 msgid "Kerberos realm" msgstr "Kerberos-Realm" -#: src/config/SSSDConfig/__init__.py.in:254 +#: src/config/SSSDConfig/__init__.py.in:255 msgid "Authentication timeout" msgstr "Zeitüberschreitung bei Authentifizierung" -#: src/config/SSSDConfig/__init__.py.in:255 +#: src/config/SSSDConfig/__init__.py.in:256 msgid "Whether to create kdcinfo files" msgstr "Gibt an, ob kdcinfo-Dateien angelegt werden" -#: src/config/SSSDConfig/__init__.py.in:256 +#: src/config/SSSDConfig/__init__.py.in:257 msgid "Where to drop krb5 config snippets" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:259 +#: src/config/SSSDConfig/__init__.py.in:260 msgid "Directory to store credential caches" msgstr "Verzeichnis zum Speichern der Anmeldedaten" -#: src/config/SSSDConfig/__init__.py.in:260 +#: src/config/SSSDConfig/__init__.py.in:261 msgid "Location of the user's credential cache" msgstr "Ort des Zwischenspeichers für die Anmeldedaten des Benutzers" -#: src/config/SSSDConfig/__init__.py.in:261 +#: src/config/SSSDConfig/__init__.py.in:262 msgid "Location of the keytab to validate credentials" msgstr "Ort der Schlüsseltabelle zum Überprüfen von Anmeldedaten" -#: src/config/SSSDConfig/__init__.py.in:262 +#: src/config/SSSDConfig/__init__.py.in:263 msgid "Enable credential validation" msgstr "Validierung der Anmeldedaten aktivieren" -#: src/config/SSSDConfig/__init__.py.in:263 +#: src/config/SSSDConfig/__init__.py.in:264 msgid "Store password if offline for later online authentication" msgstr "Passwort im Offline-Modus für spätere Online-Anmeldung speichern" -#: src/config/SSSDConfig/__init__.py.in:264 +#: src/config/SSSDConfig/__init__.py.in:265 msgid "Renewable lifetime of the TGT" msgstr "Erneuerung der Lebensdauer des TGT" -#: src/config/SSSDConfig/__init__.py.in:265 +#: src/config/SSSDConfig/__init__.py.in:266 msgid "Lifetime of the TGT" msgstr "Lebensdauer des TGT" -#: src/config/SSSDConfig/__init__.py.in:266 +#: src/config/SSSDConfig/__init__.py.in:267 msgid "Time between two checks for renewal" msgstr "Zeitspanne zwischen zwei Prüfungen, ob Erneuerung nötig ist" -#: src/config/SSSDConfig/__init__.py.in:267 +#: src/config/SSSDConfig/__init__.py.in:268 msgid "Enables FAST" msgstr "Aktiviert FAST" -#: src/config/SSSDConfig/__init__.py.in:268 +#: src/config/SSSDConfig/__init__.py.in:269 msgid "Selects the principal to use for FAST" msgstr "Wählt den für FAST zu verwendenden Principal aus" -#: src/config/SSSDConfig/__init__.py.in:269 +#: src/config/SSSDConfig/__init__.py.in:270 msgid "Enables principal canonicalization" msgstr "Aktiviert Kanonisierung des Principals" -#: src/config/SSSDConfig/__init__.py.in:270 +#: src/config/SSSDConfig/__init__.py.in:271 msgid "Enables enterprise principals" msgstr "Enterprise-Principals aktivieren" -#: src/config/SSSDConfig/__init__.py.in:271 -msgid "A mapping from user names to kerberos principal names" +#: src/config/SSSDConfig/__init__.py.in:272 +msgid "A mapping from user names to Kerberos principal names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:274 #: src/config/SSSDConfig/__init__.py.in:275 +#: src/config/SSSDConfig/__init__.py.in:276 msgid "Server where the change password service is running if not on the KDC" msgstr "" "Server, auf dem der Dienst zum Ändern des Passworts läuft, falls nicht KDC" -#: src/config/SSSDConfig/__init__.py.in:278 +#: src/config/SSSDConfig/__init__.py.in:279 msgid "ldap_uri, The URI of the LDAP server" msgstr "ldap_uri, die URI des LDAP-Servers" -#: src/config/SSSDConfig/__init__.py.in:279 +#: src/config/SSSDConfig/__init__.py.in:280 msgid "ldap_backup_uri, The URI of the LDAP server" msgstr "ldap_backup_uri, die URI des LDAP-Servers" -#: src/config/SSSDConfig/__init__.py.in:280 +#: src/config/SSSDConfig/__init__.py.in:281 msgid "The default base DN" msgstr "Vorgegebene Basis-DN" -#: src/config/SSSDConfig/__init__.py.in:281 +#: src/config/SSSDConfig/__init__.py.in:282 msgid "The Schema Type in use on the LDAP server, rfc2307" msgstr "Der vom LDAP-Server verwendete Schema-Typ gemäß RFC2307" -#: src/config/SSSDConfig/__init__.py.in:282 +#: src/config/SSSDConfig/__init__.py.in:283 msgid "The default bind DN" msgstr "Vorgegebene Bind-DN" -#: src/config/SSSDConfig/__init__.py.in:283 +#: src/config/SSSDConfig/__init__.py.in:284 msgid "The type of the authentication token of the default bind DN" msgstr "Typ des Authentifizierungs-Tokens der vorgegebenen Bind-DN" -#: src/config/SSSDConfig/__init__.py.in:284 +#: src/config/SSSDConfig/__init__.py.in:285 msgid "The authentication token of the default bind DN" msgstr "Authentifizierungs-Token für die vorgegebene Bind-DN" -#: src/config/SSSDConfig/__init__.py.in:285 +#: src/config/SSSDConfig/__init__.py.in:286 msgid "Length of time to attempt connection" msgstr "Zeitspanne für einen Verbindungsversuch" -#: src/config/SSSDConfig/__init__.py.in:286 +#: src/config/SSSDConfig/__init__.py.in:287 msgid "Length of time to attempt synchronous LDAP operations" msgstr "Zeitspanne für Versuche zur Ausführung synchroner LDAP-Vorgänge" -#: src/config/SSSDConfig/__init__.py.in:287 +#: src/config/SSSDConfig/__init__.py.in:288 msgid "Length of time between attempts to reconnect while offline" msgstr "" "Zeitspanne zwischen Versuchen zum erneuten Verbindungsaufbau im Offline-Modus" -#: src/config/SSSDConfig/__init__.py.in:288 +#: src/config/SSSDConfig/__init__.py.in:289 msgid "Use only the upper case for realm names" msgstr "Nur Großschreibung für Realm-Namen verwenden" -#: src/config/SSSDConfig/__init__.py.in:289 +#: src/config/SSSDConfig/__init__.py.in:290 msgid "File that contains CA certificates" msgstr "Datei, die CA-Zertifikate enthält" -#: src/config/SSSDConfig/__init__.py.in:290 +#: src/config/SSSDConfig/__init__.py.in:291 msgid "Path to CA certificate directory" msgstr "Pfad zum CA-Zertifikatverzeichnis" -#: src/config/SSSDConfig/__init__.py.in:291 +#: src/config/SSSDConfig/__init__.py.in:292 msgid "File that contains the client certificate" msgstr "Datei, die das Client-Zertifikat enthält" -#: src/config/SSSDConfig/__init__.py.in:292 +#: src/config/SSSDConfig/__init__.py.in:293 msgid "File that contains the client key" msgstr "Datei, die den Client-Schlüssel enthält" -#: src/config/SSSDConfig/__init__.py.in:293 +#: src/config/SSSDConfig/__init__.py.in:294 msgid "List of possible ciphers suites" msgstr "Liste der möglichen Verschlüsselungs-Suites" -#: src/config/SSSDConfig/__init__.py.in:294 +#: src/config/SSSDConfig/__init__.py.in:295 msgid "Require TLS certificate verification" msgstr "TLS-Zertifikatüberprüfung erforderlich machen" -#: src/config/SSSDConfig/__init__.py.in:295 +#: src/config/SSSDConfig/__init__.py.in:296 msgid "Specify the sasl mechanism to use" msgstr "Zu verwendenden sasl-Mechanismus angeben" -#: src/config/SSSDConfig/__init__.py.in:296 +#: src/config/SSSDConfig/__init__.py.in:297 msgid "Specify the sasl authorization id to use" msgstr "Zu verwendende ID für sasl-Authentifizierung angeben" -#: src/config/SSSDConfig/__init__.py.in:297 +#: src/config/SSSDConfig/__init__.py.in:298 msgid "Specify the sasl authorization realm to use" msgstr "Zu verwendenden Realm für sasl-Authentifizierung angeben" -#: src/config/SSSDConfig/__init__.py.in:298 +#: src/config/SSSDConfig/__init__.py.in:299 msgid "Specify the minimal SSF for LDAP sasl authorization" msgstr "Gibt den minimalen SSF für die SASL-Authentifizierung über LDAP an" -#: src/config/SSSDConfig/__init__.py.in:299 +#: src/config/SSSDConfig/__init__.py.in:300 msgid "Kerberos service keytab" msgstr "Schlüsseltabelle des Kerberos-Dienstes" -#: src/config/SSSDConfig/__init__.py.in:300 +#: src/config/SSSDConfig/__init__.py.in:301 msgid "Use Kerberos auth for LDAP connection" msgstr "Kerberos-Authentifizierung für LDAP-Verbindung verwenden" -#: src/config/SSSDConfig/__init__.py.in:301 +#: src/config/SSSDConfig/__init__.py.in:302 msgid "Follow LDAP referrals" msgstr "LDAP-Verweisen folgen" -#: src/config/SSSDConfig/__init__.py.in:302 +#: src/config/SSSDConfig/__init__.py.in:303 msgid "Lifetime of TGT for LDAP connection" msgstr "Lebensdauer von TGT für LDAP-Verbindung" -#: src/config/SSSDConfig/__init__.py.in:303 +#: src/config/SSSDConfig/__init__.py.in:304 msgid "How to dereference aliases" msgstr "Dereferenzierung von Aliasen" -#: src/config/SSSDConfig/__init__.py.in:304 +#: src/config/SSSDConfig/__init__.py.in:305 msgid "Service name for DNS service lookups" msgstr "Dienstname für DNS-Service-Suchanfragen" -#: src/config/SSSDConfig/__init__.py.in:305 +#: src/config/SSSDConfig/__init__.py.in:306 msgid "The number of records to retrieve in a single LDAP query" msgstr "Anzahl der in einer einzelnen LDAP-Abfrage zu holenden Datensätze" -#: src/config/SSSDConfig/__init__.py.in:306 +#: src/config/SSSDConfig/__init__.py.in:307 msgid "The number of members that must be missing to trigger a full deref" msgstr "" "Anzahl der Elemente, die fehlen müssen, um eine vollständige " "Dereferenzierung auszulösen" -#: src/config/SSSDConfig/__init__.py.in:307 +#: src/config/SSSDConfig/__init__.py.in:308 msgid "" "Whether the LDAP library should perform a reverse lookup to canonicalize the " "host name during a SASL bind" @@ -1011,392 +1016,393 @@ msgstr "" "Gibt an, ob die LDAP-Bibliothek eine Rückwärtssuche ausführen soll, um den " "Rechnernamen während einer SASL-Bindung zu kanonisieren" -#: src/config/SSSDConfig/__init__.py.in:309 +#: src/config/SSSDConfig/__init__.py.in:310 msgid "entryUSN attribute" msgstr "entryUSN-Attribut" -#: src/config/SSSDConfig/__init__.py.in:310 +#: src/config/SSSDConfig/__init__.py.in:311 msgid "lastUSN attribute" msgstr "lastUSN-Attribut" -#: src/config/SSSDConfig/__init__.py.in:312 +#: src/config/SSSDConfig/__init__.py.in:313 msgid "How long to retain a connection to the LDAP server before disconnecting" msgstr "" "Zeitspanne zum Halten einer Verbindung zum LDAP-Server, bis diese " "unterbrochen wird" -#: src/config/SSSDConfig/__init__.py.in:314 +#: src/config/SSSDConfig/__init__.py.in:315 msgid "Disable the LDAP paging control" msgstr "LDAP-Paging-Steuerung deaktivieren" -#: src/config/SSSDConfig/__init__.py.in:315 +#: src/config/SSSDConfig/__init__.py.in:316 msgid "Disable Active Directory range retrieval" msgstr "Bereichsermittlung für Active Directory deaktivieren" -#: src/config/SSSDConfig/__init__.py.in:318 +#: src/config/SSSDConfig/__init__.py.in:319 msgid "Length of time to wait for a search request" msgstr "Zeitspanne zum Warten auf eine Suchanfrage" -#: src/config/SSSDConfig/__init__.py.in:319 +#: src/config/SSSDConfig/__init__.py.in:320 msgid "Length of time to wait for a enumeration request" msgstr "Zeitspanne zum Warten auf eine Auflistungsanfrage" -#: src/config/SSSDConfig/__init__.py.in:320 +#: src/config/SSSDConfig/__init__.py.in:321 msgid "Length of time between enumeration updates" msgstr "Zeitspanne zwischen Auflistungsanfragen" -#: src/config/SSSDConfig/__init__.py.in:321 +#: src/config/SSSDConfig/__init__.py.in:322 msgid "Length of time between cache cleanups" msgstr "Zeitspanne zwischen den Leerungen des Zwischenspeichers" -#: src/config/SSSDConfig/__init__.py.in:322 +#: src/config/SSSDConfig/__init__.py.in:323 msgid "Require TLS for ID lookups" msgstr "TLS für ID-Suchvorgänge erforderlich machen" -#: src/config/SSSDConfig/__init__.py.in:323 +#: src/config/SSSDConfig/__init__.py.in:324 msgid "Use ID-mapping of objectSID instead of pre-set IDs" msgstr "ID-Zuweisung von objectSID anstelle von voreingestellten IDs verwenden" -#: src/config/SSSDConfig/__init__.py.in:324 +#: src/config/SSSDConfig/__init__.py.in:325 msgid "Base DN for user lookups" msgstr "Basis-DN für Benutzer-Suchanfragen" -#: src/config/SSSDConfig/__init__.py.in:325 +#: src/config/SSSDConfig/__init__.py.in:326 msgid "Scope of user lookups" msgstr "Bereich für Benutzer-Suchanfragen" -#: src/config/SSSDConfig/__init__.py.in:326 +#: src/config/SSSDConfig/__init__.py.in:327 msgid "Filter for user lookups" msgstr "Filter für Benutzer-Suchanfragen" -#: src/config/SSSDConfig/__init__.py.in:327 +#: src/config/SSSDConfig/__init__.py.in:328 msgid "Objectclass for users" msgstr "Objektklasse für Benutzer" -#: src/config/SSSDConfig/__init__.py.in:328 +#: src/config/SSSDConfig/__init__.py.in:329 msgid "Username attribute" msgstr "Benutzername-Attribut" -#: src/config/SSSDConfig/__init__.py.in:330 +#: src/config/SSSDConfig/__init__.py.in:331 msgid "UID attribute" msgstr "UID-Attribut" -#: src/config/SSSDConfig/__init__.py.in:331 +#: src/config/SSSDConfig/__init__.py.in:332 msgid "Primary GID attribute" msgstr "Primäres GID-Attribut" -#: src/config/SSSDConfig/__init__.py.in:332 +#: src/config/SSSDConfig/__init__.py.in:333 msgid "GECOS attribute" msgstr "GECOS-Attribut" -#: src/config/SSSDConfig/__init__.py.in:333 +#: src/config/SSSDConfig/__init__.py.in:334 msgid "Home directory attribute" msgstr "Home-Verzeichnis-Attribut" -#: src/config/SSSDConfig/__init__.py.in:334 +#: src/config/SSSDConfig/__init__.py.in:335 msgid "Shell attribute" msgstr "Shell-Attribut" -#: src/config/SSSDConfig/__init__.py.in:335 +#: src/config/SSSDConfig/__init__.py.in:336 msgid "UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:336 -#: src/config/SSSDConfig/__init__.py.in:378 +#: src/config/SSSDConfig/__init__.py.in:337 +#: src/config/SSSDConfig/__init__.py.in:379 msgid "objectSID attribute" msgstr "objectSID -Attribut" -#: src/config/SSSDConfig/__init__.py.in:337 +#: src/config/SSSDConfig/__init__.py.in:338 msgid "Active Directory primary group attribute for ID-mapping" msgstr "Active-Directory-Primärgruppen-Attribut für ID-Zuweisung" -#: src/config/SSSDConfig/__init__.py.in:338 +#: src/config/SSSDConfig/__init__.py.in:339 msgid "User principal attribute (for Kerberos)" msgstr "Principal-Attribut verwenden (für Kerberos)" -#: src/config/SSSDConfig/__init__.py.in:339 +#: src/config/SSSDConfig/__init__.py.in:340 msgid "Full Name" msgstr "Vollständiger Name" -#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:341 msgid "memberOf attribute" msgstr "memberOf-Attribut" -#: src/config/SSSDConfig/__init__.py.in:341 +#: src/config/SSSDConfig/__init__.py.in:342 msgid "Modification time attribute" msgstr "Änderungszeit-Attribut" -#: src/config/SSSDConfig/__init__.py.in:343 +#: src/config/SSSDConfig/__init__.py.in:344 msgid "shadowLastChange attribute" msgstr "shadowLastChange-attribut" -#: src/config/SSSDConfig/__init__.py.in:344 +#: src/config/SSSDConfig/__init__.py.in:345 msgid "shadowMin attribute" msgstr "shadowMin-Attribut" -#: src/config/SSSDConfig/__init__.py.in:345 +#: src/config/SSSDConfig/__init__.py.in:346 msgid "shadowMax attribute" msgstr "shadowMax Attribut" -#: src/config/SSSDConfig/__init__.py.in:346 +#: src/config/SSSDConfig/__init__.py.in:347 msgid "shadowWarning attribute" msgstr "shadowWarning-Attribut" -#: src/config/SSSDConfig/__init__.py.in:347 +#: src/config/SSSDConfig/__init__.py.in:348 msgid "shadowInactive attribute" msgstr "shadowInactive-Attribut" -#: src/config/SSSDConfig/__init__.py.in:348 +#: src/config/SSSDConfig/__init__.py.in:349 msgid "shadowExpire attribute" msgstr "shadowExpire-Attribut" -#: src/config/SSSDConfig/__init__.py.in:349 +#: src/config/SSSDConfig/__init__.py.in:350 msgid "shadowFlag attribute" msgstr "shadowFlag-Attribut" -#: src/config/SSSDConfig/__init__.py.in:350 +#: src/config/SSSDConfig/__init__.py.in:351 msgid "Attribute listing authorized PAM services" msgstr "Attribut, welches die autorisierten PAM-Dienste auflistet" -#: src/config/SSSDConfig/__init__.py.in:351 +#: src/config/SSSDConfig/__init__.py.in:352 msgid "Attribute listing authorized server hosts" msgstr "Attribut, welches die autorisierten Server-Hosts auflistet" -#: src/config/SSSDConfig/__init__.py.in:352 +#: src/config/SSSDConfig/__init__.py.in:353 #, fuzzy msgid "Attribute listing authorized server rhosts" msgstr "Attribut, welches die autorisierten Server-Hosts auflistet" -#: src/config/SSSDConfig/__init__.py.in:353 +#: src/config/SSSDConfig/__init__.py.in:354 msgid "krbLastPwdChange attribute" msgstr "krbLastPwdChange-Attribut" -#: src/config/SSSDConfig/__init__.py.in:354 +#: src/config/SSSDConfig/__init__.py.in:355 msgid "krbPasswordExpiration attribute" msgstr "krbPasswordExpiration-Attribut" -#: src/config/SSSDConfig/__init__.py.in:355 +#: src/config/SSSDConfig/__init__.py.in:356 msgid "Attribute indicating that server side password policies are active" msgstr "" "Attribut, welches angibt, dass die serverseitigen Passwortregeln aktiv sind" -#: src/config/SSSDConfig/__init__.py.in:356 +#: src/config/SSSDConfig/__init__.py.in:357 msgid "accountExpires attribute of AD" msgstr "accountExpires-Attribut von AD" -#: src/config/SSSDConfig/__init__.py.in:357 +#: src/config/SSSDConfig/__init__.py.in:358 msgid "userAccountControl attribute of AD" msgstr "userAccountControl-Attribut von AD" -#: src/config/SSSDConfig/__init__.py.in:358 +#: src/config/SSSDConfig/__init__.py.in:359 msgid "nsAccountLock attribute" msgstr "nsAccountLock-Attribut" -#: src/config/SSSDConfig/__init__.py.in:359 +#: src/config/SSSDConfig/__init__.py.in:360 msgid "loginDisabled attribute of NDS" msgstr "loginDisabled-Attribut von NDS" -#: src/config/SSSDConfig/__init__.py.in:360 +#: src/config/SSSDConfig/__init__.py.in:361 msgid "loginExpirationTime attribute of NDS" msgstr "loginExpirationTime-Attribut von NDS" -#: src/config/SSSDConfig/__init__.py.in:361 +#: src/config/SSSDConfig/__init__.py.in:362 msgid "loginAllowedTimeMap attribute of NDS" msgstr "loginAllowedTimeMap-Attribut von NDS" -#: src/config/SSSDConfig/__init__.py.in:362 +#: src/config/SSSDConfig/__init__.py.in:363 msgid "SSH public key attribute" msgstr "Attribut für öffentlichen SSH-Schlüssel" -#: src/config/SSSDConfig/__init__.py.in:363 +#: src/config/SSSDConfig/__init__.py.in:364 msgid "attribute listing allowed authentication types for a user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:364 +#: src/config/SSSDConfig/__init__.py.in:365 msgid "attribute containing the X509 certificate of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:365 +#: src/config/SSSDConfig/__init__.py.in:366 msgid "attribute containing the email address of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:367 +#: src/config/SSSDConfig/__init__.py.in:368 msgid "A list of extra attributes to download along with the user entry" msgstr "" "Eine Liste der zusätzlich herunterzuladender Attribute zusammen mit dem " "Benutzereintrag" -#: src/config/SSSDConfig/__init__.py.in:369 +#: src/config/SSSDConfig/__init__.py.in:370 msgid "Base DN for group lookups" msgstr "Basis-DN für Gruppen-Suchanfragen" -#: src/config/SSSDConfig/__init__.py.in:372 +#: src/config/SSSDConfig/__init__.py.in:373 msgid "Objectclass for groups" msgstr "Objektklasse für Gruppen" -#: src/config/SSSDConfig/__init__.py.in:373 +#: src/config/SSSDConfig/__init__.py.in:374 msgid "Group name" msgstr "Gruppenname" -#: src/config/SSSDConfig/__init__.py.in:374 +#: src/config/SSSDConfig/__init__.py.in:375 msgid "Group password" msgstr "Gruppenpasswort" -#: src/config/SSSDConfig/__init__.py.in:375 +#: src/config/SSSDConfig/__init__.py.in:376 msgid "GID attribute" msgstr "Gruppen-ID-Attribut" -#: src/config/SSSDConfig/__init__.py.in:376 +#: src/config/SSSDConfig/__init__.py.in:377 msgid "Group member attribute" msgstr "Gruppen-Mitgliedschafts-Attribut" -#: src/config/SSSDConfig/__init__.py.in:377 +#: src/config/SSSDConfig/__init__.py.in:378 msgid "Group UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:379 +#: src/config/SSSDConfig/__init__.py.in:380 msgid "Modification time attribute for groups" msgstr "Änderungszeit-Attribut für Gruppen" -#: src/config/SSSDConfig/__init__.py.in:380 +#: src/config/SSSDConfig/__init__.py.in:381 msgid "Type of the group and other flags" msgstr "Typ der Gruppe und weitere Flags" -#: src/config/SSSDConfig/__init__.py.in:381 +#: src/config/SSSDConfig/__init__.py.in:382 msgid "The LDAP group external member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:383 -msgid "Maximum nesting level SSSd will follow" +#: src/config/SSSDConfig/__init__.py.in:384 +#, fuzzy +msgid "Maximum nesting level SSSD will follow" msgstr "Maximale Ebene der Verschachtelung, der SSSd folgt" -#: src/config/SSSDConfig/__init__.py.in:385 +#: src/config/SSSDConfig/__init__.py.in:386 msgid "Base DN for netgroup lookups" msgstr "Basis-DN für Netzgruppen-Suchanfragen" -#: src/config/SSSDConfig/__init__.py.in:386 +#: src/config/SSSDConfig/__init__.py.in:387 msgid "Objectclass for netgroups" msgstr "Objektklasse für Netzgruppen" -#: src/config/SSSDConfig/__init__.py.in:387 +#: src/config/SSSDConfig/__init__.py.in:388 msgid "Netgroup name" msgstr "Netzgruppenname" -#: src/config/SSSDConfig/__init__.py.in:388 +#: src/config/SSSDConfig/__init__.py.in:389 msgid "Netgroups members attribute" msgstr "Netzgruppen-Mitglieder-Attribut" -#: src/config/SSSDConfig/__init__.py.in:389 +#: src/config/SSSDConfig/__init__.py.in:390 msgid "Netgroup triple attribute" msgstr "Netzgruppen-Tripel-Attribut" -#: src/config/SSSDConfig/__init__.py.in:390 +#: src/config/SSSDConfig/__init__.py.in:391 msgid "Modification time attribute for netgroups" msgstr "Änderungszeit-Attribut für Netzgruppen" -#: src/config/SSSDConfig/__init__.py.in:392 +#: src/config/SSSDConfig/__init__.py.in:393 msgid "Base DN for service lookups" msgstr "Basis-DN für Dienste-Suchanfragen" -#: src/config/SSSDConfig/__init__.py.in:393 +#: src/config/SSSDConfig/__init__.py.in:394 msgid "Objectclass for services" msgstr "Objektklasse für Dienste" -#: src/config/SSSDConfig/__init__.py.in:394 +#: src/config/SSSDConfig/__init__.py.in:395 msgid "Service name attribute" msgstr "Name-Attribut des Dienstes" -#: src/config/SSSDConfig/__init__.py.in:395 +#: src/config/SSSDConfig/__init__.py.in:396 msgid "Service port attribute" msgstr "Port-Attribut des Dienstes" -#: src/config/SSSDConfig/__init__.py.in:396 +#: src/config/SSSDConfig/__init__.py.in:397 msgid "Service protocol attribute" msgstr "Protokoll-Attribut des Dienstes" -#: src/config/SSSDConfig/__init__.py.in:399 +#: src/config/SSSDConfig/__init__.py.in:400 msgid "Lower bound for ID-mapping" msgstr "Untere Grenze für ID-Zuweisung" -#: src/config/SSSDConfig/__init__.py.in:400 +#: src/config/SSSDConfig/__init__.py.in:401 msgid "Upper bound for ID-mapping" msgstr "Obere Grenze für ID-Zuweisung" -#: src/config/SSSDConfig/__init__.py.in:401 +#: src/config/SSSDConfig/__init__.py.in:402 msgid "Number of IDs for each slice when ID-mapping" msgstr "Anzahl der IDs für jeden Teil bei der ID-Zuweisung" -#: src/config/SSSDConfig/__init__.py.in:402 +#: src/config/SSSDConfig/__init__.py.in:403 msgid "Use autorid-compatible algorithm for ID-mapping" msgstr "autorid-kompatiblen Algorithmus für ID-Zuweisung verwenden" -#: src/config/SSSDConfig/__init__.py.in:403 +#: src/config/SSSDConfig/__init__.py.in:404 msgid "Name of the default domain for ID-mapping" msgstr "Name der Vorgabe-Domain für ID-Zuweisung" -#: src/config/SSSDConfig/__init__.py.in:404 +#: src/config/SSSDConfig/__init__.py.in:405 msgid "SID of the default domain for ID-mapping" msgstr "SID der Vorgabedomain für ID-Zuweisung" -#: src/config/SSSDConfig/__init__.py.in:405 +#: src/config/SSSDConfig/__init__.py.in:406 msgid "Number of secondary slices" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:407 +#: src/config/SSSDConfig/__init__.py.in:408 msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups" msgstr "LDAP_MATCHING_RULE_IN_CHAIN für Gruppen-Suchanfragen verwenden" -#: src/config/SSSDConfig/__init__.py.in:408 +#: src/config/SSSDConfig/__init__.py.in:409 msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups" msgstr "LDAP_MATCHING_RULE_IN_CHAIN für initgroup-Suchanfragen verwenden" -#: src/config/SSSDConfig/__init__.py.in:409 +#: src/config/SSSDConfig/__init__.py.in:410 msgid "Whether to use Token-Groups" msgstr "Verwendung von Token-Gruppen" -#: src/config/SSSDConfig/__init__.py.in:410 +#: src/config/SSSDConfig/__init__.py.in:411 msgid "Set lower boundary for allowed IDs from the LDAP server" msgstr "Untere Grenze für zulässige IDs des LDAP-Servers angeben" -#: src/config/SSSDConfig/__init__.py.in:411 +#: src/config/SSSDConfig/__init__.py.in:412 msgid "Set upper boundary for allowed IDs from the LDAP server" msgstr "Obere Grenze für zulässige IDs des LDAP-Servers angeben" -#: src/config/SSSDConfig/__init__.py.in:412 +#: src/config/SSSDConfig/__init__.py.in:413 msgid "DN for ppolicy queries" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:413 +#: src/config/SSSDConfig/__init__.py.in:414 msgid "How many maximum entries to fetch during a wildcard request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:416 +#: src/config/SSSDConfig/__init__.py.in:417 msgid "Policy to evaluate the password expiration" msgstr "Regel zum Ermitteln der Ablaufzeit des Passworts" -#: src/config/SSSDConfig/__init__.py.in:420 +#: src/config/SSSDConfig/__init__.py.in:421 msgid "Which attributes shall be used to evaluate if an account is expired" msgstr "" "Attribute, die bei der Ermittlung verwendet werden, ob ein Konto abgelaufen " "ist" -#: src/config/SSSDConfig/__init__.py.in:421 +#: src/config/SSSDConfig/__init__.py.in:422 msgid "Which rules should be used to evaluate access control" msgstr "Regeln für die Ermittlung der Zugriffskontrolle" -#: src/config/SSSDConfig/__init__.py.in:424 +#: src/config/SSSDConfig/__init__.py.in:425 msgid "URI of an LDAP server where password changes are allowed" msgstr "URI eines LDAP-Servers, wo Passwortänderungen zulässig sind" -#: src/config/SSSDConfig/__init__.py.in:425 +#: src/config/SSSDConfig/__init__.py.in:426 msgid "URI of a backup LDAP server where password changes are allowed" msgstr "URI eines Ersatz-LDAP-Servers, wo Passwortänderungen zulässig sind" -#: src/config/SSSDConfig/__init__.py.in:426 +#: src/config/SSSDConfig/__init__.py.in:427 msgid "DNS service name for LDAP password change server" msgstr "DNS-Dienstname für den LDAP-Passwortänderungsserver" -#: src/config/SSSDConfig/__init__.py.in:427 +#: src/config/SSSDConfig/__init__.py.in:428 msgid "" "Whether to update the ldap_user_shadow_last_change attribute after a " "password change" @@ -1404,25 +1410,25 @@ msgstr "" "Gibt an, ob das Attribut ldap_user_shadow_last_change nach einer " "Passwortänderung aktualisiert werden soll" -#: src/config/SSSDConfig/__init__.py.in:430 +#: src/config/SSSDConfig/__init__.py.in:431 msgid "Base DN for sudo rules lookups" msgstr "Basis-DN für Suchanfragen nach Sudo-Regeln" -#: src/config/SSSDConfig/__init__.py.in:431 +#: src/config/SSSDConfig/__init__.py.in:432 msgid "Automatic full refresh period" msgstr "Periode für automatische vollständige Aktualisierung" -#: src/config/SSSDConfig/__init__.py.in:432 +#: src/config/SSSDConfig/__init__.py.in:433 msgid "Automatic smart refresh period" msgstr "Periode für bedingte vollständige Aktualisierung" -#: src/config/SSSDConfig/__init__.py.in:433 +#: src/config/SSSDConfig/__init__.py.in:434 msgid "Whether to filter rules by hostname, IP addresses and network" msgstr "" "Gibt an, ob Regeln nach Hostnamen, IP-Adressen oder Netzwerken gefiltert " "werden sollen" -#: src/config/SSSDConfig/__init__.py.in:434 +#: src/config/SSSDConfig/__init__.py.in:435 msgid "" "Hostnames and/or fully qualified domain names of this machine to filter sudo " "rules" @@ -1430,285 +1436,289 @@ msgstr "" "Hostnamen und/oder voll ausgeschriebene Domain-Namen dieses Rechners zum " "Filtern von Sudo-Regeln" -#: src/config/SSSDConfig/__init__.py.in:435 +#: src/config/SSSDConfig/__init__.py.in:436 msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" msgstr "" "IPv4- oder IPv6-Adressen oder Netzwerk dieses Rechners zum Filtern von sudo-" "Regeln" -#: src/config/SSSDConfig/__init__.py.in:436 +#: src/config/SSSDConfig/__init__.py.in:437 msgid "Whether to include rules that contains netgroup in host attribute" msgstr "" "Gibt an, ob Regeln im Host-Attribut einbezogen werden sollen, die " "Netzgruppen enthalten" -#: src/config/SSSDConfig/__init__.py.in:437 +#: src/config/SSSDConfig/__init__.py.in:438 msgid "" "Whether to include rules that contains regular expression in host attribute" msgstr "" "Gibt an, ob Regeln im Host-Attribut einbezogen werden sollen, die reguläre " "Ausdrücke enthalten" -#: src/config/SSSDConfig/__init__.py.in:438 +#: src/config/SSSDConfig/__init__.py.in:439 msgid "Object class for sudo rules" msgstr "Objektklasse für Sudo-Regeln" -#: src/config/SSSDConfig/__init__.py.in:439 +#: src/config/SSSDConfig/__init__.py.in:440 msgid "Sudo rule name" msgstr "Sudo-Regelname" -#: src/config/SSSDConfig/__init__.py.in:440 +#: src/config/SSSDConfig/__init__.py.in:441 msgid "Sudo rule command attribute" msgstr "Befehlsattribut der Sudo-Regel" -#: src/config/SSSDConfig/__init__.py.in:441 +#: src/config/SSSDConfig/__init__.py.in:442 msgid "Sudo rule host attribute" msgstr "Host-Attribut der Sudo-Regel" -#: src/config/SSSDConfig/__init__.py.in:442 +#: src/config/SSSDConfig/__init__.py.in:443 msgid "Sudo rule user attribute" msgstr "Benutzer-Attribut der Sudo-Regel" -#: src/config/SSSDConfig/__init__.py.in:443 +#: src/config/SSSDConfig/__init__.py.in:444 msgid "Sudo rule option attribute" msgstr "Optionsattribut der Sudo-Regel" -#: src/config/SSSDConfig/__init__.py.in:444 +#: src/config/SSSDConfig/__init__.py.in:445 msgid "Sudo rule runas attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:445 +#: src/config/SSSDConfig/__init__.py.in:446 msgid "Sudo rule runasuser attribute" msgstr "runasuser-Attribut der Sudo-Regel" -#: src/config/SSSDConfig/__init__.py.in:446 +#: src/config/SSSDConfig/__init__.py.in:447 msgid "Sudo rule runasgroup attribute" msgstr "runasgroup-Attribut der Sudo-Regel" -#: src/config/SSSDConfig/__init__.py.in:447 +#: src/config/SSSDConfig/__init__.py.in:448 msgid "Sudo rule notbefore attribute" msgstr "notbefore-Attribut der Sudo-Regel" -#: src/config/SSSDConfig/__init__.py.in:448 +#: src/config/SSSDConfig/__init__.py.in:449 msgid "Sudo rule notafter attribute" msgstr "notafter-Attribut der sudo-Regel" -#: src/config/SSSDConfig/__init__.py.in:449 +#: src/config/SSSDConfig/__init__.py.in:450 msgid "Sudo rule order attribute" msgstr "Reihenfolge-Attribut der Sudo-Regel" -#: src/config/SSSDConfig/__init__.py.in:452 +#: src/config/SSSDConfig/__init__.py.in:453 msgid "Object class for automounter maps" msgstr "Objektklasse für Automounter-Zuweisungen" -#: src/config/SSSDConfig/__init__.py.in:453 +#: src/config/SSSDConfig/__init__.py.in:454 msgid "Automounter map name attribute" msgstr "Name-Attribut der Automounter-Zuweisung" -#: src/config/SSSDConfig/__init__.py.in:454 +#: src/config/SSSDConfig/__init__.py.in:455 msgid "Object class for automounter map entries" msgstr "Objektklasse für Einträge von Automounter-Zuweisungen" -#: src/config/SSSDConfig/__init__.py.in:455 +#: src/config/SSSDConfig/__init__.py.in:456 msgid "Automounter map entry key attribute" msgstr "Schlüssel-Attribut des Automounter-Zuweisungseintrags" -#: src/config/SSSDConfig/__init__.py.in:456 +#: src/config/SSSDConfig/__init__.py.in:457 msgid "Automounter map entry value attribute" msgstr "Wert-Attribut des Automounter-Zuweisungseintrags" -#: src/config/SSSDConfig/__init__.py.in:457 +#: src/config/SSSDConfig/__init__.py.in:458 msgid "Base DN for automounter map lookups" msgstr "Basis-DN für Suchanfragen nach Automounter-Zuweisungen" -#: src/config/SSSDConfig/__init__.py.in:460 +#: src/config/SSSDConfig/__init__.py.in:461 msgid "Comma separated list of allowed users" msgstr "Durch Kommata getrennte Liste der erlaubten Benutzer" -#: src/config/SSSDConfig/__init__.py.in:461 +#: src/config/SSSDConfig/__init__.py.in:462 msgid "Comma separated list of prohibited users" msgstr "Durch Kommata getrennte Liste der verbotenen Benutzer" -#: src/config/SSSDConfig/__init__.py.in:464 +#: src/config/SSSDConfig/__init__.py.in:465 msgid "Default shell, /bin/bash" msgstr "Vorgabeshell, /bin/bash" -#: src/config/SSSDConfig/__init__.py.in:465 +#: src/config/SSSDConfig/__init__.py.in:466 msgid "Base for home directories" msgstr "Wurzel für Benutzerverzeichnisse" -#: src/config/SSSDConfig/__init__.py.in:468 +#: src/config/SSSDConfig/__init__.py.in:469 msgid "The number of preforked proxy children." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:471 +#: src/config/SSSDConfig/__init__.py.in:472 msgid "The name of the NSS library to use" msgstr "Name der zu verwendenden NSS-Bibliothek" -#: src/config/SSSDConfig/__init__.py.in:472 +#: src/config/SSSDConfig/__init__.py.in:473 msgid "Whether to look up canonical group name from cache if possible" msgstr "" "Gibt an, ob wenn möglich im Zwischenspeicher nach dem kanonischen " "Gruppennamen gesucht werden soll" -#: src/config/SSSDConfig/__init__.py.in:475 +#: src/config/SSSDConfig/__init__.py.in:476 msgid "PAM stack to use" msgstr "Zu verwendender PAM-Stapel" -#: src/monitor/monitor.c:2469 +#: src/monitor/monitor.c:2449 msgid "Become a daemon (default)" msgstr "Zum Hintergrunddienst werden (Vorgabe)" -#: src/monitor/monitor.c:2471 +#: src/monitor/monitor.c:2451 msgid "Run interactive (not a daemon)" msgstr "Interaktiv ausführen (nicht als Hintergrunddienst)" -#: src/monitor/monitor.c:2474 +#: src/monitor/monitor.c:2454 msgid "Disable netlink interface" msgstr "" -#: src/monitor/monitor.c:2476 src/tools/sssctl/sssctl_logs.c:311 +#: src/monitor/monitor.c:2456 src/tools/sssctl/sssctl_logs.c:311 msgid "Specify a non-default config file" msgstr "Angabe einer nicht standardmäßigen Konfigurationsdatei" -#: src/monitor/monitor.c:2478 +#: src/monitor/monitor.c:2458 msgid "Refresh the configuration database, then exit" msgstr "" -#: src/monitor/monitor.c:2481 +#: src/monitor/monitor.c:2461 msgid "Print version number and exit" msgstr "Versionsnummer ausgeben und das Programm beenden" -#: src/monitor/monitor.c:2645 +#: src/monitor/monitor.c:2627 msgid "SSSD is already running\n" msgstr "" -#: src/providers/krb5/krb5_child.c:3032 src/providers/ldap/ldap_child.c:616 +#: src/providers/krb5/krb5_child.c:3216 src/providers/ldap/ldap_child.c:617 msgid "Debug level" msgstr "Fehlerdiagnosestufe" -#: src/providers/krb5/krb5_child.c:3034 src/providers/ldap/ldap_child.c:618 +#: src/providers/krb5/krb5_child.c:3218 src/providers/ldap/ldap_child.c:619 msgid "Add debug timestamps" msgstr "Debug-Zeitstempel hinzufügen" -#: src/providers/krb5/krb5_child.c:3036 src/providers/ldap/ldap_child.c:620 +#: src/providers/krb5/krb5_child.c:3220 src/providers/ldap/ldap_child.c:621 msgid "Show timestamps with microseconds" msgstr "Zeitstempel mit Mikrosekunden anzeigen" -#: src/providers/krb5/krb5_child.c:3038 src/providers/ldap/ldap_child.c:622 +#: src/providers/krb5/krb5_child.c:3222 src/providers/ldap/ldap_child.c:623 msgid "An open file descriptor for the debug logs" msgstr "Offener Dateideskriptor für die Debug-Protokolle" -#: src/providers/krb5/krb5_child.c:3041 src/providers/ldap/ldap_child.c:624 +#: src/providers/krb5/krb5_child.c:3225 src/providers/ldap/ldap_child.c:625 msgid "Send the debug output to stderr directly." msgstr "" -#: src/providers/krb5/krb5_child.c:3043 +#: src/providers/krb5/krb5_child.c:3228 msgid "The user to create FAST ccache as" msgstr "" -#: src/providers/krb5/krb5_child.c:3045 +#: src/providers/krb5/krb5_child.c:3230 msgid "The group to create FAST ccache as" msgstr "" -#: src/providers/krb5/krb5_child.c:3047 +#: src/providers/krb5/krb5_child.c:3232 msgid "Kerberos realm to use" msgstr "" -#: src/providers/krb5/krb5_child.c:3049 +#: src/providers/krb5/krb5_child.c:3234 msgid "Requested lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:3051 +#: src/providers/krb5/krb5_child.c:3236 msgid "Requested renewable lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:3053 +#: src/providers/krb5/krb5_child.c:3238 msgid "FAST options ('never', 'try', 'demand')" msgstr "" -#: src/providers/krb5/krb5_child.c:3056 +#: src/providers/krb5/krb5_child.c:3241 msgid "Specifies the server principal to use for FAST" msgstr "" -#: src/providers/krb5/krb5_child.c:3058 +#: src/providers/krb5/krb5_child.c:3243 msgid "Requests canonicalization of the principal name" msgstr "" -#: src/providers/data_provider_be.c:553 +#: src/providers/krb5/krb5_child.c:3245 +msgid "Use custom version of krb5_get_init_creds_password" +msgstr "" + +#: src/providers/data_provider_be.c:555 msgid "Domain of the information provider (mandatory)" msgstr "Domain des Informationsanbieters (obligatorisch)" -#: src/sss_client/common.c:1061 +#: src/sss_client/common.c:1066 msgid "Privileged socket has wrong ownership or permissions." msgstr "Privilegierter Socket hat falsche Eigentums- oder Zugriffsrechte." -#: src/sss_client/common.c:1064 +#: src/sss_client/common.c:1069 msgid "Public socket has wrong ownership or permissions." msgstr "Öffentlicher Socket hat falsche Eigentums- oder Zugriffsrechte." -#: src/sss_client/common.c:1067 +#: src/sss_client/common.c:1072 msgid "Unexpected format of the server credential message." msgstr "Unerwartetes Format der Server-Anmeldenachricht." -#: src/sss_client/common.c:1070 +#: src/sss_client/common.c:1075 msgid "SSSD is not run by root." msgstr "SSSD wird nicht durch Root ausgeführt." -#: src/sss_client/common.c:1075 +#: src/sss_client/common.c:1080 msgid "An error occurred, but no description can be found." msgstr "" "Ein Fehler ist aufgetreten, aber es kann keine Beschreibung gefunden werden." -#: src/sss_client/common.c:1081 +#: src/sss_client/common.c:1086 msgid "Unexpected error while looking for an error description" msgstr "Unerwarteter Fehler beim Suchen nach einer Fehlerbeschreibung" -#: src/sss_client/pam_sss.c:68 +#: src/sss_client/pam_sss.c:76 msgid "Permission denied. " msgstr "" -#: src/sss_client/pam_sss.c:69 src/sss_client/pam_sss.c:746 -#: src/sss_client/pam_sss.c:757 +#: src/sss_client/pam_sss.c:77 src/sss_client/pam_sss.c:782 +#: src/sss_client/pam_sss.c:793 msgid "Server message: " msgstr "Server-Meldung: " -#: src/sss_client/pam_sss.c:264 +#: src/sss_client/pam_sss.c:300 msgid "Passwords do not match" msgstr "Passwörter stimmen nicht überein" -#: src/sss_client/pam_sss.c:452 +#: src/sss_client/pam_sss.c:488 msgid "Password reset by root is not supported." msgstr "Das Zurücksetzen des Passworts durch Root wird nicht unterstützt." -#: src/sss_client/pam_sss.c:493 +#: src/sss_client/pam_sss.c:529 msgid "Authenticated with cached credentials" msgstr "Authentifiziert mit zwischengespeicherten Anmeldedaten" -#: src/sss_client/pam_sss.c:494 +#: src/sss_client/pam_sss.c:530 msgid ", your cached password will expire at: " msgstr ", Ihr zwischengespeichertes Passwort läuft ab am: " -#: src/sss_client/pam_sss.c:524 +#: src/sss_client/pam_sss.c:560 #, c-format msgid "Your password has expired. You have %1$d grace login(s) remaining." msgstr "" "Ihr Passwort ist abgelaufen. Ihnen verbleiben nur noch %1$d Anmeldungen." -#: src/sss_client/pam_sss.c:570 +#: src/sss_client/pam_sss.c:606 #, c-format msgid "Your password will expire in %1$d %2$s." msgstr "Ihr Passwort wird in %1$d %2$s ablaufen." -#: src/sss_client/pam_sss.c:619 +#: src/sss_client/pam_sss.c:655 msgid "Authentication is denied until: " msgstr "Authentifizierung wird verweigert bis: " -#: src/sss_client/pam_sss.c:640 +#: src/sss_client/pam_sss.c:676 msgid "System is offline, password change not possible" msgstr "System ist offline, Änderung des Passworts ist nicht möglich" -#: src/sss_client/pam_sss.c:655 +#: src/sss_client/pam_sss.c:691 msgid "" "After changing the OTP password, you need to log out and back in order to " "acquire a ticket" @@ -1716,39 +1726,44 @@ msgstr "" "Nach dem Ändern des OTP-Passworts müssen Sie sich ab- und wieder anmelden, " "um ein Ticket erhalten zu können" -#: src/sss_client/pam_sss.c:743 src/sss_client/pam_sss.c:756 +#: src/sss_client/pam_sss.c:779 src/sss_client/pam_sss.c:792 msgid "Password change failed. " msgstr "Änderung des Passworts fehlgeschlagen. " -#: src/sss_client/pam_sss.c:1670 +#: src/sss_client/pam_sss.c:1926 msgid "New Password: " msgstr "Neues Passwort: " -#: src/sss_client/pam_sss.c:1671 +#: src/sss_client/pam_sss.c:1927 msgid "Reenter new Password: " msgstr "Neues Passwort wiederholen: " -#: src/sss_client/pam_sss.c:1783 src/sss_client/pam_sss.c:1786 +#: src/sss_client/pam_sss.c:2039 src/sss_client/pam_sss.c:2042 msgid "First Factor: " msgstr "" -#: src/sss_client/pam_sss.c:1784 +#: src/sss_client/pam_sss.c:2040 src/sss_client/pam_sss.c:2202 msgid "Second Factor (optional): " msgstr "" -#: src/sss_client/pam_sss.c:1787 +#: src/sss_client/pam_sss.c:2043 src/sss_client/pam_sss.c:2205 msgid "Second Factor: " msgstr "" -#: src/sss_client/pam_sss.c:1792 +#: src/sss_client/pam_sss.c:2058 msgid "Password: " msgstr "Passwort: " -#: src/sss_client/pam_sss.c:1832 +#: src/sss_client/pam_sss.c:2201 src/sss_client/pam_sss.c:2204 +#, fuzzy +msgid "First Factor (Current Password): " +msgstr "Aktuelles Passwort: " + +#: src/sss_client/pam_sss.c:2208 msgid "Current Password: " msgstr "Aktuelles Passwort: " -#: src/sss_client/pam_sss.c:2098 +#: src/sss_client/pam_sss.c:2536 msgid "Password expired. Change your password now." msgstr "Passwort ist abgelaufen. Ändern Sie Ihr Passwort jetzt." @@ -2424,38 +2439,38 @@ msgstr "" msgid "Cached in InfoPipe" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:511 +#: src/tools/sssctl/sssctl_cache.c:512 #, c-format msgid "Error: Unable to get object [%d]: %s\n" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:527 +#: src/tools/sssctl/sssctl_cache.c:528 #, c-format msgid "%s: Unable to read value [%d]: %s\n" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:555 +#: src/tools/sssctl/sssctl_cache.c:556 msgid "Specify name." msgstr "" -#: src/tools/sssctl/sssctl_cache.c:565 +#: src/tools/sssctl/sssctl_cache.c:566 #, c-format msgid "Unable to parse name %s.\n" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:591 src/tools/sssctl/sssctl_cache.c:638 +#: src/tools/sssctl/sssctl_cache.c:592 src/tools/sssctl/sssctl_cache.c:639 msgid "Search by SID" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:592 +#: src/tools/sssctl/sssctl_cache.c:593 msgid "Search by user ID" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:601 +#: src/tools/sssctl/sssctl_cache.c:602 msgid "Initgroups expiration time" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:639 +#: src/tools/sssctl/sssctl_cache.c:640 msgid "Search by group ID" msgstr "" @@ -2493,7 +2508,7 @@ msgid "Unable to create backup directory [%d]: %s" msgstr "" #: src/tools/sssctl/sssctl_data.c:95 -msgid "SSSD backup of local data already exist, override?" +msgid "SSSD backup of local data already exists, override?" msgstr "" #: src/tools/sssctl/sssctl_data.c:111 diff --git a/po/es.po b/po/es.po index 93f9183d3a9..effdb807409 100644 --- a/po/es.po +++ b/po/es.po @@ -16,7 +16,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2017-10-20 16:16+0200\n" +"POT-Creation-Date: 2018-03-09 12:31+0100\n" "PO-Revision-Date: 2014-12-14 11:45-0500\n" "Last-Translator: Copied by Zanata \n" "Language-Team: Spanish (http://www.transifex.com/projects/p/sssd/language/" @@ -524,12 +524,12 @@ msgid "Whether to automatically update the client's DNS entry" msgstr "" #: src/config/SSSDConfig/__init__.py.in:184 -#: src/config/SSSDConfig/__init__.py.in:205 +#: src/config/SSSDConfig/__init__.py.in:206 msgid "The TTL to apply to the client's DNS entry after updating it" msgstr "" #: src/config/SSSDConfig/__init__.py.in:185 -#: src/config/SSSDConfig/__init__.py.in:206 +#: src/config/SSSDConfig/__init__.py.in:207 msgid "The interface whose IP should be used for dynamic DNS updates" msgstr "" "La interfaz cuya IP debería ser utilizada para actualizaciones DNS " @@ -575,100 +575,106 @@ msgstr "" msgid "How long can cached credentials be used for cached authentication" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:200 +#: src/config/SSSDConfig/__init__.py.in:198 +#, fuzzy +msgid "Whether to automatically create private groups for users" +msgstr "" +"Si actualizar o no en forma automática la entrada DNS del cliente en FreeIPA" + +#: src/config/SSSDConfig/__init__.py.in:201 msgid "IPA domain" msgstr "Dominio IPA" -#: src/config/SSSDConfig/__init__.py.in:201 +#: src/config/SSSDConfig/__init__.py.in:202 msgid "IPA server address" msgstr "Dirección del servidor IPA" -#: src/config/SSSDConfig/__init__.py.in:202 +#: src/config/SSSDConfig/__init__.py.in:203 msgid "Address of backup IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:203 +#: src/config/SSSDConfig/__init__.py.in:204 msgid "IPA client hostname" msgstr "Nombre de equipo del cliente IPA" -#: src/config/SSSDConfig/__init__.py.in:204 +#: src/config/SSSDConfig/__init__.py.in:205 msgid "Whether to automatically update the client's DNS entry in FreeIPA" msgstr "" "Si actualizar o no en forma automática la entrada DNS del cliente en FreeIPA" -#: src/config/SSSDConfig/__init__.py.in:207 +#: src/config/SSSDConfig/__init__.py.in:208 msgid "Search base for HBAC related objects" msgstr "Búsqueda base para objetos HBAC" -#: src/config/SSSDConfig/__init__.py.in:208 +#: src/config/SSSDConfig/__init__.py.in:209 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server" msgstr "" "Cantidad de tiempo entre búsquedas de reglas HBAC contra el servidor IPA" -#: src/config/SSSDConfig/__init__.py.in:209 +#: src/config/SSSDConfig/__init__.py.in:210 msgid "" "The amount of time in seconds between lookups of the SELinux maps against " "the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:210 +#: src/config/SSSDConfig/__init__.py.in:211 msgid "If set to false, host argument given by PAM will be ignored" msgstr "" "Si se lo define en 'false', será ignorado el argumento de equipo ofrecido " "por PAM" -#: src/config/SSSDConfig/__init__.py.in:211 +#: src/config/SSSDConfig/__init__.py.in:212 msgid "The automounter location this IPA client is using" msgstr "La ubicación de montaje automático que este cliente de IPA está usando" -#: src/config/SSSDConfig/__init__.py.in:212 +#: src/config/SSSDConfig/__init__.py.in:213 msgid "Search base for object containing info about IPA domain" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:213 +#: src/config/SSSDConfig/__init__.py.in:214 msgid "Search base for objects containing info about ID ranges" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:214 -#: src/config/SSSDConfig/__init__.py.in:232 +#: src/config/SSSDConfig/__init__.py.in:215 +#: src/config/SSSDConfig/__init__.py.in:233 msgid "Enable DNS sites - location based service discovery" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:215 +#: src/config/SSSDConfig/__init__.py.in:216 msgid "Search base for view containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:216 +#: src/config/SSSDConfig/__init__.py.in:217 msgid "Objectclass for view containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:217 +#: src/config/SSSDConfig/__init__.py.in:218 msgid "Attribute with the name of the view" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:218 +#: src/config/SSSDConfig/__init__.py.in:219 msgid "Objectclass for override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:219 +#: src/config/SSSDConfig/__init__.py.in:220 msgid "Attribute with the reference to the original object" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:220 +#: src/config/SSSDConfig/__init__.py.in:221 msgid "Objectclass for user override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:221 +#: src/config/SSSDConfig/__init__.py.in:222 msgid "Objectclass for group override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:222 +#: src/config/SSSDConfig/__init__.py.in:223 #, fuzzy msgid "Search base for Desktop Profile related objects" msgstr "Búsqueda base para objetos HBAC" -#: src/config/SSSDConfig/__init__.py.in:223 +#: src/config/SSSDConfig/__init__.py.in:224 #, fuzzy msgid "" "The amount of time in seconds between lookups of the Desktop Profile rules " @@ -676,7 +682,7 @@ msgid "" msgstr "" "Cantidad de tiempo entre búsquedas de reglas HBAC contra el servidor IPA" -#: src/config/SSSDConfig/__init__.py.in:224 +#: src/config/SSSDConfig/__init__.py.in:225 #, fuzzy msgid "" "The amount of time in minutes between lookups of Desktop Profiles rules " @@ -684,302 +690,302 @@ msgid "" msgstr "" "Cantidad de tiempo entre búsquedas de reglas HBAC contra el servidor IPA" -#: src/config/SSSDConfig/__init__.py.in:227 +#: src/config/SSSDConfig/__init__.py.in:228 msgid "Active Directory domain" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:228 +#: src/config/SSSDConfig/__init__.py.in:229 msgid "Enabled Active Directory domains" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:229 +#: src/config/SSSDConfig/__init__.py.in:230 msgid "Active Directory server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:230 +#: src/config/SSSDConfig/__init__.py.in:231 msgid "Active Directory backup server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:231 +#: src/config/SSSDConfig/__init__.py.in:232 msgid "Active Directory client hostname" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:233 -#: src/config/SSSDConfig/__init__.py.in:419 +#: src/config/SSSDConfig/__init__.py.in:234 +#: src/config/SSSDConfig/__init__.py.in:420 msgid "LDAP filter to determine access privileges" msgstr "Filtro LDAP para determinar privilegios de acceso" -#: src/config/SSSDConfig/__init__.py.in:234 +#: src/config/SSSDConfig/__init__.py.in:235 msgid "Whether to use the Global Catalog for lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:235 +#: src/config/SSSDConfig/__init__.py.in:236 msgid "Operation mode for GPO-based access control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:236 +#: src/config/SSSDConfig/__init__.py.in:237 msgid "" "The amount of time between lookups of the GPO policy files against the AD " "server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:237 +#: src/config/SSSDConfig/__init__.py.in:238 msgid "" "PAM service names that map to the GPO (Deny)InteractiveLogonRight policy " "settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:238 +#: src/config/SSSDConfig/__init__.py.in:239 msgid "" "PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight " "policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:239 +#: src/config/SSSDConfig/__init__.py.in:240 msgid "" "PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:240 +#: src/config/SSSDConfig/__init__.py.in:241 msgid "" "PAM service names that map to the GPO (Deny)BatchLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:241 +#: src/config/SSSDConfig/__init__.py.in:242 msgid "" "PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:242 +#: src/config/SSSDConfig/__init__.py.in:243 msgid "PAM service names for which GPO-based access is always granted" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:243 +#: src/config/SSSDConfig/__init__.py.in:244 msgid "PAM service names for which GPO-based access is always denied" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:244 +#: src/config/SSSDConfig/__init__.py.in:245 msgid "" "Default logon right (or permit/deny) to use for unmapped PAM service names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:245 +#: src/config/SSSDConfig/__init__.py.in:246 msgid "a particular site to be used by the client" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:246 +#: src/config/SSSDConfig/__init__.py.in:247 msgid "" "Maximum age in days before the machine account password should be renewed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:247 +#: src/config/SSSDConfig/__init__.py.in:248 msgid "Option for tuning the machine account renewal task" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:250 #: src/config/SSSDConfig/__init__.py.in:251 +#: src/config/SSSDConfig/__init__.py.in:252 msgid "Kerberos server address" msgstr "Dirección del servidor Kerberos" -#: src/config/SSSDConfig/__init__.py.in:252 +#: src/config/SSSDConfig/__init__.py.in:253 msgid "Kerberos backup server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:253 +#: src/config/SSSDConfig/__init__.py.in:254 msgid "Kerberos realm" msgstr "Reinado Kerberos" -#: src/config/SSSDConfig/__init__.py.in:254 +#: src/config/SSSDConfig/__init__.py.in:255 msgid "Authentication timeout" msgstr "Expiración de la autenticación" -#: src/config/SSSDConfig/__init__.py.in:255 +#: src/config/SSSDConfig/__init__.py.in:256 msgid "Whether to create kdcinfo files" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:256 +#: src/config/SSSDConfig/__init__.py.in:257 msgid "Where to drop krb5 config snippets" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:259 +#: src/config/SSSDConfig/__init__.py.in:260 msgid "Directory to store credential caches" msgstr "Directorio donde almacenar las credenciales cacheadas" -#: src/config/SSSDConfig/__init__.py.in:260 +#: src/config/SSSDConfig/__init__.py.in:261 msgid "Location of the user's credential cache" msgstr "Ubicación del caché de credenciales del usuario" -#: src/config/SSSDConfig/__init__.py.in:261 +#: src/config/SSSDConfig/__init__.py.in:262 msgid "Location of the keytab to validate credentials" msgstr "Ubicación de la tabla de claves para validar las credenciales" -#: src/config/SSSDConfig/__init__.py.in:262 +#: src/config/SSSDConfig/__init__.py.in:263 msgid "Enable credential validation" msgstr "Habilitar la validación de credenciales" -#: src/config/SSSDConfig/__init__.py.in:263 +#: src/config/SSSDConfig/__init__.py.in:264 msgid "Store password if offline for later online authentication" msgstr "" "Si se encuentra desconectado, almacena contraseñas para más tarde realizar " "una autenticación en línea" -#: src/config/SSSDConfig/__init__.py.in:264 +#: src/config/SSSDConfig/__init__.py.in:265 msgid "Renewable lifetime of the TGT" msgstr "ciclo de vida renovable del TGT" -#: src/config/SSSDConfig/__init__.py.in:265 +#: src/config/SSSDConfig/__init__.py.in:266 msgid "Lifetime of the TGT" msgstr "ciclo de vida del TGT" -#: src/config/SSSDConfig/__init__.py.in:266 +#: src/config/SSSDConfig/__init__.py.in:267 msgid "Time between two checks for renewal" msgstr "tiempo entre dos comprobaciones para renovación " -#: src/config/SSSDConfig/__init__.py.in:267 +#: src/config/SSSDConfig/__init__.py.in:268 msgid "Enables FAST" msgstr "Habilita FAST" -#: src/config/SSSDConfig/__init__.py.in:268 +#: src/config/SSSDConfig/__init__.py.in:269 msgid "Selects the principal to use for FAST" msgstr "Selecciona el principal para su uso por FAST" -#: src/config/SSSDConfig/__init__.py.in:269 +#: src/config/SSSDConfig/__init__.py.in:270 msgid "Enables principal canonicalization" msgstr "Habilita canonicalización principal" -#: src/config/SSSDConfig/__init__.py.in:270 +#: src/config/SSSDConfig/__init__.py.in:271 msgid "Enables enterprise principals" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:271 -msgid "A mapping from user names to kerberos principal names" +#: src/config/SSSDConfig/__init__.py.in:272 +msgid "A mapping from user names to Kerberos principal names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:274 #: src/config/SSSDConfig/__init__.py.in:275 +#: src/config/SSSDConfig/__init__.py.in:276 msgid "Server where the change password service is running if not on the KDC" msgstr "" "El servidor en donde está ejecutándose el servicio de modificación de " "contraseña, en caso de no ser KDC. " -#: src/config/SSSDConfig/__init__.py.in:278 +#: src/config/SSSDConfig/__init__.py.in:279 msgid "ldap_uri, The URI of the LDAP server" msgstr "ldap_uri, El URI del servidor LDAP" -#: src/config/SSSDConfig/__init__.py.in:279 +#: src/config/SSSDConfig/__init__.py.in:280 msgid "ldap_backup_uri, The URI of the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:280 +#: src/config/SSSDConfig/__init__.py.in:281 msgid "The default base DN" msgstr "DN base predeterminado" -#: src/config/SSSDConfig/__init__.py.in:281 +#: src/config/SSSDConfig/__init__.py.in:282 msgid "The Schema Type in use on the LDAP server, rfc2307" msgstr "El Tipo de Esquema a usar en el servidor LDAP, rfc2307" -#: src/config/SSSDConfig/__init__.py.in:282 +#: src/config/SSSDConfig/__init__.py.in:283 msgid "The default bind DN" msgstr "El DN Bind predeterminado" -#: src/config/SSSDConfig/__init__.py.in:283 +#: src/config/SSSDConfig/__init__.py.in:284 msgid "The type of the authentication token of the default bind DN" msgstr "El tipo del token de autenticación del DN bind predeterminado" -#: src/config/SSSDConfig/__init__.py.in:284 +#: src/config/SSSDConfig/__init__.py.in:285 msgid "The authentication token of the default bind DN" msgstr "El token de autenticación del DN bind predeterminado" -#: src/config/SSSDConfig/__init__.py.in:285 +#: src/config/SSSDConfig/__init__.py.in:286 msgid "Length of time to attempt connection" msgstr "Tiempo durante el que se intentará la conexión" -#: src/config/SSSDConfig/__init__.py.in:286 +#: src/config/SSSDConfig/__init__.py.in:287 msgid "Length of time to attempt synchronous LDAP operations" msgstr "Tiempo durante el que se intentará operaciones LDAP sincrónicas" -#: src/config/SSSDConfig/__init__.py.in:287 +#: src/config/SSSDConfig/__init__.py.in:288 msgid "Length of time between attempts to reconnect while offline" msgstr "Tiempo entre intentos de reconexión cuando esté fuera de línea" -#: src/config/SSSDConfig/__init__.py.in:288 +#: src/config/SSSDConfig/__init__.py.in:289 msgid "Use only the upper case for realm names" msgstr "Use solo el caso superior para nombres reales" -#: src/config/SSSDConfig/__init__.py.in:289 +#: src/config/SSSDConfig/__init__.py.in:290 msgid "File that contains CA certificates" msgstr "Archivo que contiene los certificados CA" -#: src/config/SSSDConfig/__init__.py.in:290 +#: src/config/SSSDConfig/__init__.py.in:291 msgid "Path to CA certificate directory" msgstr "Ruta hacia un directorio certificado CA" -#: src/config/SSSDConfig/__init__.py.in:291 +#: src/config/SSSDConfig/__init__.py.in:292 msgid "File that contains the client certificate" msgstr "Fichero que contiene el certificado de cliente" -#: src/config/SSSDConfig/__init__.py.in:292 +#: src/config/SSSDConfig/__init__.py.in:293 msgid "File that contains the client key" msgstr "Fichero que contiene la llave de cliente" -#: src/config/SSSDConfig/__init__.py.in:293 +#: src/config/SSSDConfig/__init__.py.in:294 msgid "List of possible ciphers suites" msgstr "Lista de posibles suites de cifrado" -#: src/config/SSSDConfig/__init__.py.in:294 +#: src/config/SSSDConfig/__init__.py.in:295 msgid "Require TLS certificate verification" msgstr "Requiere la verificación de certificado TLS" -#: src/config/SSSDConfig/__init__.py.in:295 +#: src/config/SSSDConfig/__init__.py.in:296 msgid "Specify the sasl mechanism to use" msgstr "Especificar el mecanismo sasl a usar" -#: src/config/SSSDConfig/__init__.py.in:296 +#: src/config/SSSDConfig/__init__.py.in:297 msgid "Specify the sasl authorization id to use" msgstr "Especifique el id de autorización sasl a usar" -#: src/config/SSSDConfig/__init__.py.in:297 +#: src/config/SSSDConfig/__init__.py.in:298 msgid "Specify the sasl authorization realm to use" msgstr "Especifica el reinado de autorización sasl a ser utilizado" -#: src/config/SSSDConfig/__init__.py.in:298 +#: src/config/SSSDConfig/__init__.py.in:299 msgid "Specify the minimal SSF for LDAP sasl authorization" msgstr "Especificar los SSF mínimos para autorizaciones sasl de LDAP" -#: src/config/SSSDConfig/__init__.py.in:299 +#: src/config/SSSDConfig/__init__.py.in:300 msgid "Kerberos service keytab" msgstr "Tabla de clave del servicio Kerberos" -#: src/config/SSSDConfig/__init__.py.in:300 +#: src/config/SSSDConfig/__init__.py.in:301 msgid "Use Kerberos auth for LDAP connection" msgstr "Usar auth Kerberos para la conexión LDAP" -#: src/config/SSSDConfig/__init__.py.in:301 +#: src/config/SSSDConfig/__init__.py.in:302 msgid "Follow LDAP referrals" msgstr "Seguir referencias LDAP" -#: src/config/SSSDConfig/__init__.py.in:302 +#: src/config/SSSDConfig/__init__.py.in:303 msgid "Lifetime of TGT for LDAP connection" msgstr "Período de vida del TGT para la conexión LDAP" -#: src/config/SSSDConfig/__init__.py.in:303 +#: src/config/SSSDConfig/__init__.py.in:304 msgid "How to dereference aliases" msgstr "Como eliminar aliases" -#: src/config/SSSDConfig/__init__.py.in:304 +#: src/config/SSSDConfig/__init__.py.in:305 msgid "Service name for DNS service lookups" msgstr "Nombre de servicio para busquedas de servicios DNS" -#: src/config/SSSDConfig/__init__.py.in:305 +#: src/config/SSSDConfig/__init__.py.in:306 msgid "The number of records to retrieve in a single LDAP query" msgstr "La cantidad de registros a ser obtenidos en una única consulta LDAP" -#: src/config/SSSDConfig/__init__.py.in:306 +#: src/config/SSSDConfig/__init__.py.in:307 msgid "The number of members that must be missing to trigger a full deref" msgstr "" "La cantidad de miembros que deben faltar para desencadenar una deref completa" -#: src/config/SSSDConfig/__init__.py.in:307 +#: src/config/SSSDConfig/__init__.py.in:308 msgid "" "Whether the LDAP library should perform a reverse lookup to canonicalize the " "host name during a SASL bind" @@ -987,728 +993,738 @@ msgstr "" "Si la Biblioteca LDAP debería realizar una búsqueda inversa para " "canonicalizar el nombre del host durante un enlace SASL" -#: src/config/SSSDConfig/__init__.py.in:309 +#: src/config/SSSDConfig/__init__.py.in:310 msgid "entryUSN attribute" msgstr "atributo entryUSN" -#: src/config/SSSDConfig/__init__.py.in:310 +#: src/config/SSSDConfig/__init__.py.in:311 msgid "lastUSN attribute" msgstr "atributo lastUSN" -#: src/config/SSSDConfig/__init__.py.in:312 +#: src/config/SSSDConfig/__init__.py.in:313 msgid "How long to retain a connection to the LDAP server before disconnecting" msgstr "" "El período de tiempo máximo para retener una conexión con el servidor LDAP " "antes de desconectar" -#: src/config/SSSDConfig/__init__.py.in:314 +#: src/config/SSSDConfig/__init__.py.in:315 msgid "Disable the LDAP paging control" msgstr "Deshabilita el control de paginación LDAP" -#: src/config/SSSDConfig/__init__.py.in:315 +#: src/config/SSSDConfig/__init__.py.in:316 msgid "Disable Active Directory range retrieval" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:318 +#: src/config/SSSDConfig/__init__.py.in:319 msgid "Length of time to wait for a search request" msgstr "Tiempo máximo a esperar un pedido de búsqueda" -#: src/config/SSSDConfig/__init__.py.in:319 +#: src/config/SSSDConfig/__init__.py.in:320 msgid "Length of time to wait for a enumeration request" msgstr "periodo de espera para solicitud de enumeración" -#: src/config/SSSDConfig/__init__.py.in:320 +#: src/config/SSSDConfig/__init__.py.in:321 msgid "Length of time between enumeration updates" msgstr "Tiempo en segundos entre las actualizaciones de enumeración" -#: src/config/SSSDConfig/__init__.py.in:321 +#: src/config/SSSDConfig/__init__.py.in:322 msgid "Length of time between cache cleanups" msgstr "periodo de tiempo entre borrados de la caché" -#: src/config/SSSDConfig/__init__.py.in:322 +#: src/config/SSSDConfig/__init__.py.in:323 msgid "Require TLS for ID lookups" msgstr "Requiere TLS para búsquedas de ID" -#: src/config/SSSDConfig/__init__.py.in:323 +#: src/config/SSSDConfig/__init__.py.in:324 msgid "Use ID-mapping of objectSID instead of pre-set IDs" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:324 +#: src/config/SSSDConfig/__init__.py.in:325 msgid "Base DN for user lookups" msgstr "DN base para búsquedas de usuario" -#: src/config/SSSDConfig/__init__.py.in:325 +#: src/config/SSSDConfig/__init__.py.in:326 msgid "Scope of user lookups" msgstr "Ambito de las búsquedas del usuario" -#: src/config/SSSDConfig/__init__.py.in:326 +#: src/config/SSSDConfig/__init__.py.in:327 msgid "Filter for user lookups" msgstr "Filtro para las búsquedas del usuario" -#: src/config/SSSDConfig/__init__.py.in:327 +#: src/config/SSSDConfig/__init__.py.in:328 msgid "Objectclass for users" msgstr "Objectclass para los usuarios" -#: src/config/SSSDConfig/__init__.py.in:328 +#: src/config/SSSDConfig/__init__.py.in:329 msgid "Username attribute" msgstr "Atributo Username" -#: src/config/SSSDConfig/__init__.py.in:330 +#: src/config/SSSDConfig/__init__.py.in:331 msgid "UID attribute" msgstr "Atributo UID" -#: src/config/SSSDConfig/__init__.py.in:331 +#: src/config/SSSDConfig/__init__.py.in:332 msgid "Primary GID attribute" msgstr "Atributo GID primario" -#: src/config/SSSDConfig/__init__.py.in:332 +#: src/config/SSSDConfig/__init__.py.in:333 msgid "GECOS attribute" msgstr "Atributo GECOS" -#: src/config/SSSDConfig/__init__.py.in:333 +#: src/config/SSSDConfig/__init__.py.in:334 msgid "Home directory attribute" msgstr "Atributo Directorio de inicio" -#: src/config/SSSDConfig/__init__.py.in:334 +#: src/config/SSSDConfig/__init__.py.in:335 msgid "Shell attribute" msgstr "Atributo shell" -#: src/config/SSSDConfig/__init__.py.in:335 +#: src/config/SSSDConfig/__init__.py.in:336 msgid "UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:336 -#: src/config/SSSDConfig/__init__.py.in:378 +#: src/config/SSSDConfig/__init__.py.in:337 +#: src/config/SSSDConfig/__init__.py.in:379 msgid "objectSID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:337 +#: src/config/SSSDConfig/__init__.py.in:338 msgid "Active Directory primary group attribute for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:338 +#: src/config/SSSDConfig/__init__.py.in:339 msgid "User principal attribute (for Kerberos)" msgstr "Atributo principal del usuario (para Kerberos) " -#: src/config/SSSDConfig/__init__.py.in:339 +#: src/config/SSSDConfig/__init__.py.in:340 msgid "Full Name" msgstr "Nombre completo" -#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:341 msgid "memberOf attribute" msgstr "Atributo memberOf" -#: src/config/SSSDConfig/__init__.py.in:341 +#: src/config/SSSDConfig/__init__.py.in:342 msgid "Modification time attribute" msgstr "Atributo hora de modificación" -#: src/config/SSSDConfig/__init__.py.in:343 +#: src/config/SSSDConfig/__init__.py.in:344 msgid "shadowLastChange attribute" msgstr "atributo shadowLastChange" -#: src/config/SSSDConfig/__init__.py.in:344 +#: src/config/SSSDConfig/__init__.py.in:345 msgid "shadowMin attribute" msgstr "atributo shadowMin " -#: src/config/SSSDConfig/__init__.py.in:345 +#: src/config/SSSDConfig/__init__.py.in:346 msgid "shadowMax attribute" msgstr "atributo shadowMax" -#: src/config/SSSDConfig/__init__.py.in:346 +#: src/config/SSSDConfig/__init__.py.in:347 msgid "shadowWarning attribute" msgstr "atributo shadowWarning " -#: src/config/SSSDConfig/__init__.py.in:347 +#: src/config/SSSDConfig/__init__.py.in:348 msgid "shadowInactive attribute" msgstr "atributo shadowInactive " -#: src/config/SSSDConfig/__init__.py.in:348 +#: src/config/SSSDConfig/__init__.py.in:349 msgid "shadowExpire attribute" msgstr "atributo shadowExpire" -#: src/config/SSSDConfig/__init__.py.in:349 +#: src/config/SSSDConfig/__init__.py.in:350 msgid "shadowFlag attribute" msgstr "atributo shadowFlag " -#: src/config/SSSDConfig/__init__.py.in:350 +#: src/config/SSSDConfig/__init__.py.in:351 msgid "Attribute listing authorized PAM services" msgstr "listado de atributos de servicios PAM autorizados" -#: src/config/SSSDConfig/__init__.py.in:351 +#: src/config/SSSDConfig/__init__.py.in:352 msgid "Attribute listing authorized server hosts" msgstr "Atributo de listado de equipos de servidor autorizados" -#: src/config/SSSDConfig/__init__.py.in:352 +#: src/config/SSSDConfig/__init__.py.in:353 #, fuzzy msgid "Attribute listing authorized server rhosts" msgstr "Atributo de listado de equipos de servidor autorizados" -#: src/config/SSSDConfig/__init__.py.in:353 +#: src/config/SSSDConfig/__init__.py.in:354 msgid "krbLastPwdChange attribute" msgstr "atributo krbLastPwdChange " -#: src/config/SSSDConfig/__init__.py.in:354 +#: src/config/SSSDConfig/__init__.py.in:355 msgid "krbPasswordExpiration attribute" msgstr "atributo krbPasswordExpiration " -#: src/config/SSSDConfig/__init__.py.in:355 +#: src/config/SSSDConfig/__init__.py.in:356 msgid "Attribute indicating that server side password policies are active" msgstr "" "atributo indicando que las políticas de contraseña del lado del servidor " "están activas" -#: src/config/SSSDConfig/__init__.py.in:356 +#: src/config/SSSDConfig/__init__.py.in:357 msgid "accountExpires attribute of AD" msgstr "atributo accountExpires de AD" -#: src/config/SSSDConfig/__init__.py.in:357 +#: src/config/SSSDConfig/__init__.py.in:358 msgid "userAccountControl attribute of AD" msgstr "atributo userAccountControl de AD" -#: src/config/SSSDConfig/__init__.py.in:358 +#: src/config/SSSDConfig/__init__.py.in:359 msgid "nsAccountLock attribute" msgstr "atributo nsAccountLock " -#: src/config/SSSDConfig/__init__.py.in:359 +#: src/config/SSSDConfig/__init__.py.in:360 msgid "loginDisabled attribute of NDS" msgstr "loginDisabled atributo de NDS" -#: src/config/SSSDConfig/__init__.py.in:360 +#: src/config/SSSDConfig/__init__.py.in:361 msgid "loginExpirationTime attribute of NDS" msgstr "loginExpirationTime atributo de NDS" -#: src/config/SSSDConfig/__init__.py.in:361 +#: src/config/SSSDConfig/__init__.py.in:362 msgid "loginAllowedTimeMap attribute of NDS" msgstr "loginAllowedTimeMap atributo de NDS" -#: src/config/SSSDConfig/__init__.py.in:362 +#: src/config/SSSDConfig/__init__.py.in:363 msgid "SSH public key attribute" msgstr "Atributo de clave pública SSH" -#: src/config/SSSDConfig/__init__.py.in:363 +#: src/config/SSSDConfig/__init__.py.in:364 msgid "attribute listing allowed authentication types for a user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:364 +#: src/config/SSSDConfig/__init__.py.in:365 msgid "attribute containing the X509 certificate of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:365 +#: src/config/SSSDConfig/__init__.py.in:366 msgid "attribute containing the email address of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:367 +#: src/config/SSSDConfig/__init__.py.in:368 msgid "A list of extra attributes to download along with the user entry" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:369 +#: src/config/SSSDConfig/__init__.py.in:370 msgid "Base DN for group lookups" msgstr "DN base para busqueda de grupos" -#: src/config/SSSDConfig/__init__.py.in:372 +#: src/config/SSSDConfig/__init__.py.in:373 msgid "Objectclass for groups" msgstr "clase objeto para" -#: src/config/SSSDConfig/__init__.py.in:373 +#: src/config/SSSDConfig/__init__.py.in:374 msgid "Group name" msgstr "Nombre del grupo" -#: src/config/SSSDConfig/__init__.py.in:374 +#: src/config/SSSDConfig/__init__.py.in:375 msgid "Group password" msgstr "Contraseña del grupo" -#: src/config/SSSDConfig/__init__.py.in:375 +#: src/config/SSSDConfig/__init__.py.in:376 msgid "GID attribute" msgstr "Atributo GID" -#: src/config/SSSDConfig/__init__.py.in:376 +#: src/config/SSSDConfig/__init__.py.in:377 msgid "Group member attribute" msgstr "Atributo de miembro del grupo" -#: src/config/SSSDConfig/__init__.py.in:377 +#: src/config/SSSDConfig/__init__.py.in:378 msgid "Group UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:379 +#: src/config/SSSDConfig/__init__.py.in:380 msgid "Modification time attribute for groups" msgstr "Atributo de modificación de tiempo para los grupos" -#: src/config/SSSDConfig/__init__.py.in:380 +#: src/config/SSSDConfig/__init__.py.in:381 msgid "Type of the group and other flags" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:381 +#: src/config/SSSDConfig/__init__.py.in:382 msgid "The LDAP group external member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:383 -msgid "Maximum nesting level SSSd will follow" +#: src/config/SSSDConfig/__init__.py.in:384 +#, fuzzy +msgid "Maximum nesting level SSSD will follow" msgstr "A continuación, nivel SSSD de anidado máximo" -#: src/config/SSSDConfig/__init__.py.in:385 +#: src/config/SSSDConfig/__init__.py.in:386 msgid "Base DN for netgroup lookups" msgstr "DN base para búsquedas de grupos de red" -#: src/config/SSSDConfig/__init__.py.in:386 +#: src/config/SSSDConfig/__init__.py.in:387 msgid "Objectclass for netgroups" msgstr "Clases de objetos para grupos de red" -#: src/config/SSSDConfig/__init__.py.in:387 +#: src/config/SSSDConfig/__init__.py.in:388 msgid "Netgroup name" msgstr "Nombre de grupo de red" -#: src/config/SSSDConfig/__init__.py.in:388 +#: src/config/SSSDConfig/__init__.py.in:389 msgid "Netgroups members attribute" msgstr "Atributo de miembros de grupos de red" -#: src/config/SSSDConfig/__init__.py.in:389 +#: src/config/SSSDConfig/__init__.py.in:390 msgid "Netgroup triple attribute" msgstr "Atributo triple de grupo de red" -#: src/config/SSSDConfig/__init__.py.in:390 +#: src/config/SSSDConfig/__init__.py.in:391 msgid "Modification time attribute for netgroups" msgstr "Atributo de modificación de tiempo para grupos de red" -#: src/config/SSSDConfig/__init__.py.in:392 +#: src/config/SSSDConfig/__init__.py.in:393 msgid "Base DN for service lookups" msgstr "Base DN para servicio de búsquedas" -#: src/config/SSSDConfig/__init__.py.in:393 +#: src/config/SSSDConfig/__init__.py.in:394 msgid "Objectclass for services" msgstr "Clase de objeto para servicio" -#: src/config/SSSDConfig/__init__.py.in:394 +#: src/config/SSSDConfig/__init__.py.in:395 msgid "Service name attribute" msgstr "Atributo de nombre de servicio" -#: src/config/SSSDConfig/__init__.py.in:395 +#: src/config/SSSDConfig/__init__.py.in:396 msgid "Service port attribute" msgstr "Atributo de puerto de servicio" -#: src/config/SSSDConfig/__init__.py.in:396 +#: src/config/SSSDConfig/__init__.py.in:397 msgid "Service protocol attribute" msgstr "Atributo de protocolo de servidor" -#: src/config/SSSDConfig/__init__.py.in:399 +#: src/config/SSSDConfig/__init__.py.in:400 msgid "Lower bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:400 +#: src/config/SSSDConfig/__init__.py.in:401 msgid "Upper bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:401 +#: src/config/SSSDConfig/__init__.py.in:402 msgid "Number of IDs for each slice when ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:402 +#: src/config/SSSDConfig/__init__.py.in:403 msgid "Use autorid-compatible algorithm for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:403 +#: src/config/SSSDConfig/__init__.py.in:404 msgid "Name of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:404 +#: src/config/SSSDConfig/__init__.py.in:405 msgid "SID of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:405 +#: src/config/SSSDConfig/__init__.py.in:406 msgid "Number of secondary slices" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:407 +#: src/config/SSSDConfig/__init__.py.in:408 msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:408 +#: src/config/SSSDConfig/__init__.py.in:409 msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:409 +#: src/config/SSSDConfig/__init__.py.in:410 msgid "Whether to use Token-Groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:410 +#: src/config/SSSDConfig/__init__.py.in:411 msgid "Set lower boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:411 +#: src/config/SSSDConfig/__init__.py.in:412 msgid "Set upper boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:412 +#: src/config/SSSDConfig/__init__.py.in:413 msgid "DN for ppolicy queries" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:413 +#: src/config/SSSDConfig/__init__.py.in:414 msgid "How many maximum entries to fetch during a wildcard request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:416 +#: src/config/SSSDConfig/__init__.py.in:417 msgid "Policy to evaluate the password expiration" msgstr "Política para evaluar el vencimiento de la contraseña" -#: src/config/SSSDConfig/__init__.py.in:420 +#: src/config/SSSDConfig/__init__.py.in:421 msgid "Which attributes shall be used to evaluate if an account is expired" msgstr "" "Los atributos que deberán ser utilizados para evaluar si una cuenta ha " "expirado" -#: src/config/SSSDConfig/__init__.py.in:421 +#: src/config/SSSDConfig/__init__.py.in:422 msgid "Which rules should be used to evaluate access control" msgstr "Las reglas que deberían ser utilizadas para evaluar control de acceso" -#: src/config/SSSDConfig/__init__.py.in:424 +#: src/config/SSSDConfig/__init__.py.in:425 msgid "URI of an LDAP server where password changes are allowed" msgstr "" "URI de un servidor LDAP donde se permite la modificación de contraseñas" -#: src/config/SSSDConfig/__init__.py.in:425 +#: src/config/SSSDConfig/__init__.py.in:426 msgid "URI of a backup LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:426 +#: src/config/SSSDConfig/__init__.py.in:427 msgid "DNS service name for LDAP password change server" msgstr "" "Nombre del servicio DNS para el servidor de modificación de contraseñas LDAP" -#: src/config/SSSDConfig/__init__.py.in:427 +#: src/config/SSSDConfig/__init__.py.in:428 msgid "" "Whether to update the ldap_user_shadow_last_change attribute after a " "password change" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:430 +#: src/config/SSSDConfig/__init__.py.in:431 msgid "Base DN for sudo rules lookups" msgstr "Base DN para búsquedas de reglas sudo" -#: src/config/SSSDConfig/__init__.py.in:431 +#: src/config/SSSDConfig/__init__.py.in:432 msgid "Automatic full refresh period" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:432 +#: src/config/SSSDConfig/__init__.py.in:433 msgid "Automatic smart refresh period" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:433 +#: src/config/SSSDConfig/__init__.py.in:434 msgid "Whether to filter rules by hostname, IP addresses and network" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:434 +#: src/config/SSSDConfig/__init__.py.in:435 msgid "" "Hostnames and/or fully qualified domain names of this machine to filter sudo " "rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:435 +#: src/config/SSSDConfig/__init__.py.in:436 msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:436 +#: src/config/SSSDConfig/__init__.py.in:437 msgid "Whether to include rules that contains netgroup in host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:437 +#: src/config/SSSDConfig/__init__.py.in:438 msgid "" "Whether to include rules that contains regular expression in host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:438 +#: src/config/SSSDConfig/__init__.py.in:439 msgid "Object class for sudo rules" msgstr "Objeto clase para reglas sudo" -#: src/config/SSSDConfig/__init__.py.in:439 +#: src/config/SSSDConfig/__init__.py.in:440 msgid "Sudo rule name" msgstr "Nombre de regla sudo" -#: src/config/SSSDConfig/__init__.py.in:440 +#: src/config/SSSDConfig/__init__.py.in:441 msgid "Sudo rule command attribute" msgstr "Atributo de regla de comando sudo" -#: src/config/SSSDConfig/__init__.py.in:441 +#: src/config/SSSDConfig/__init__.py.in:442 msgid "Sudo rule host attribute" msgstr "Atributo de la regla host de sudo" -#: src/config/SSSDConfig/__init__.py.in:442 +#: src/config/SSSDConfig/__init__.py.in:443 msgid "Sudo rule user attribute" msgstr "Atributo de la regla usuario de sudo" -#: src/config/SSSDConfig/__init__.py.in:443 +#: src/config/SSSDConfig/__init__.py.in:444 msgid "Sudo rule option attribute" msgstr "Atributo de la regla opción de sudo" -#: src/config/SSSDConfig/__init__.py.in:444 +#: src/config/SSSDConfig/__init__.py.in:445 msgid "Sudo rule runas attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:445 +#: src/config/SSSDConfig/__init__.py.in:446 msgid "Sudo rule runasuser attribute" msgstr "Atributo de la regla suda runasuser" -#: src/config/SSSDConfig/__init__.py.in:446 +#: src/config/SSSDConfig/__init__.py.in:447 msgid "Sudo rule runasgroup attribute" msgstr "Atributo de regla runasgroup de sudo" -#: src/config/SSSDConfig/__init__.py.in:447 +#: src/config/SSSDConfig/__init__.py.in:448 msgid "Sudo rule notbefore attribute" msgstr "Atributo de regla notbefore de sudo" -#: src/config/SSSDConfig/__init__.py.in:448 +#: src/config/SSSDConfig/__init__.py.in:449 msgid "Sudo rule notafter attribute" msgstr "Atributo de regla noafter de sudo" -#: src/config/SSSDConfig/__init__.py.in:449 +#: src/config/SSSDConfig/__init__.py.in:450 msgid "Sudo rule order attribute" msgstr "Atributo de regla orden de sudo" -#: src/config/SSSDConfig/__init__.py.in:452 +#: src/config/SSSDConfig/__init__.py.in:453 msgid "Object class for automounter maps" msgstr "Objeto clase para mapas automontador" -#: src/config/SSSDConfig/__init__.py.in:453 +#: src/config/SSSDConfig/__init__.py.in:454 msgid "Automounter map name attribute" msgstr "Atributo de nombre de mapa de automontador" -#: src/config/SSSDConfig/__init__.py.in:454 +#: src/config/SSSDConfig/__init__.py.in:455 msgid "Object class for automounter map entries" msgstr "Objeto clase para entradas de mapa de automontador" -#: src/config/SSSDConfig/__init__.py.in:455 +#: src/config/SSSDConfig/__init__.py.in:456 msgid "Automounter map entry key attribute" msgstr "Atributo de clave de entrada para mapa de automontador" -#: src/config/SSSDConfig/__init__.py.in:456 +#: src/config/SSSDConfig/__init__.py.in:457 msgid "Automounter map entry value attribute" msgstr "Atributo de valor de entrada para mapa de automontador" -#: src/config/SSSDConfig/__init__.py.in:457 +#: src/config/SSSDConfig/__init__.py.in:458 msgid "Base DN for automounter map lookups" msgstr "Base DN para búsquedas de mapa de automontador" -#: src/config/SSSDConfig/__init__.py.in:460 +#: src/config/SSSDConfig/__init__.py.in:461 msgid "Comma separated list of allowed users" msgstr "Lista separada por comas de usuarios autorizados" -#: src/config/SSSDConfig/__init__.py.in:461 +#: src/config/SSSDConfig/__init__.py.in:462 msgid "Comma separated list of prohibited users" msgstr "Lista separada por comas de usuarios prohibidos" -#: src/config/SSSDConfig/__init__.py.in:464 +#: src/config/SSSDConfig/__init__.py.in:465 msgid "Default shell, /bin/bash" msgstr "Shell predeterminado, /bin/bash" -#: src/config/SSSDConfig/__init__.py.in:465 +#: src/config/SSSDConfig/__init__.py.in:466 msgid "Base for home directories" msgstr "Base de los directorios de inicio" -#: src/config/SSSDConfig/__init__.py.in:468 +#: src/config/SSSDConfig/__init__.py.in:469 msgid "The number of preforked proxy children." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:471 +#: src/config/SSSDConfig/__init__.py.in:472 msgid "The name of the NSS library to use" msgstr "Nombre de la biblioteca NSS a usar" -#: src/config/SSSDConfig/__init__.py.in:472 +#: src/config/SSSDConfig/__init__.py.in:473 msgid "Whether to look up canonical group name from cache if possible" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:475 +#: src/config/SSSDConfig/__init__.py.in:476 msgid "PAM stack to use" msgstr "Pila PAM a usar" -#: src/monitor/monitor.c:2469 +#: src/monitor/monitor.c:2449 msgid "Become a daemon (default)" msgstr "Convertirse en demonio (predeterminado)" -#: src/monitor/monitor.c:2471 +#: src/monitor/monitor.c:2451 msgid "Run interactive (not a daemon)" msgstr "Ejecutarse en forma interactiva (no un demonio)" -#: src/monitor/monitor.c:2474 +#: src/monitor/monitor.c:2454 msgid "Disable netlink interface" msgstr "" -#: src/monitor/monitor.c:2476 src/tools/sssctl/sssctl_logs.c:311 +#: src/monitor/monitor.c:2456 src/tools/sssctl/sssctl_logs.c:311 msgid "Specify a non-default config file" msgstr "Indicar un archivo de configuración diferente al predeterminado" -#: src/monitor/monitor.c:2478 +#: src/monitor/monitor.c:2458 msgid "Refresh the configuration database, then exit" msgstr "" -#: src/monitor/monitor.c:2481 +#: src/monitor/monitor.c:2461 msgid "Print version number and exit" msgstr "Muestra el número de versión y finaliza" -#: src/monitor/monitor.c:2645 +#: src/monitor/monitor.c:2627 msgid "SSSD is already running\n" msgstr "" -#: src/providers/krb5/krb5_child.c:3032 src/providers/ldap/ldap_child.c:616 +#: src/providers/krb5/krb5_child.c:3216 src/providers/ldap/ldap_child.c:617 msgid "Debug level" msgstr "Nive de depuración" -#: src/providers/krb5/krb5_child.c:3034 src/providers/ldap/ldap_child.c:618 +#: src/providers/krb5/krb5_child.c:3218 src/providers/ldap/ldap_child.c:619 msgid "Add debug timestamps" msgstr "Agregar marcas de tiempo de depuración" -#: src/providers/krb5/krb5_child.c:3036 src/providers/ldap/ldap_child.c:620 +#: src/providers/krb5/krb5_child.c:3220 src/providers/ldap/ldap_child.c:621 msgid "Show timestamps with microseconds" msgstr "Mostrar marcas de tiempo con microsegundos" -#: src/providers/krb5/krb5_child.c:3038 src/providers/ldap/ldap_child.c:622 +#: src/providers/krb5/krb5_child.c:3222 src/providers/ldap/ldap_child.c:623 msgid "An open file descriptor for the debug logs" msgstr "Un arhivo abierto de descriptor para los registros de depuración" -#: src/providers/krb5/krb5_child.c:3041 src/providers/ldap/ldap_child.c:624 +#: src/providers/krb5/krb5_child.c:3225 src/providers/ldap/ldap_child.c:625 msgid "Send the debug output to stderr directly." msgstr "" -#: src/providers/krb5/krb5_child.c:3043 +#: src/providers/krb5/krb5_child.c:3228 msgid "The user to create FAST ccache as" msgstr "" -#: src/providers/krb5/krb5_child.c:3045 +#: src/providers/krb5/krb5_child.c:3230 msgid "The group to create FAST ccache as" msgstr "" -#: src/providers/krb5/krb5_child.c:3047 +#: src/providers/krb5/krb5_child.c:3232 msgid "Kerberos realm to use" msgstr "" -#: src/providers/krb5/krb5_child.c:3049 +#: src/providers/krb5/krb5_child.c:3234 msgid "Requested lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:3051 +#: src/providers/krb5/krb5_child.c:3236 msgid "Requested renewable lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:3053 +#: src/providers/krb5/krb5_child.c:3238 msgid "FAST options ('never', 'try', 'demand')" msgstr "" -#: src/providers/krb5/krb5_child.c:3056 +#: src/providers/krb5/krb5_child.c:3241 msgid "Specifies the server principal to use for FAST" msgstr "" -#: src/providers/krb5/krb5_child.c:3058 +#: src/providers/krb5/krb5_child.c:3243 msgid "Requests canonicalization of the principal name" msgstr "" -#: src/providers/data_provider_be.c:553 +#: src/providers/krb5/krb5_child.c:3245 +msgid "Use custom version of krb5_get_init_creds_password" +msgstr "" + +#: src/providers/data_provider_be.c:555 msgid "Domain of the information provider (mandatory)" msgstr "Dominio del proveedor de información (obligatorio)" -#: src/sss_client/common.c:1061 +#: src/sss_client/common.c:1066 msgid "Privileged socket has wrong ownership or permissions." msgstr "El zócalo privilegiado posee permisos o pertenencia equivocados." -#: src/sss_client/common.c:1064 +#: src/sss_client/common.c:1069 msgid "Public socket has wrong ownership or permissions." msgstr "El zócalo público posee permisos o pertenencia equivocados." -#: src/sss_client/common.c:1067 +#: src/sss_client/common.c:1072 msgid "Unexpected format of the server credential message." msgstr "Formato no esperado del mensaje de la credencial del servidor." -#: src/sss_client/common.c:1070 +#: src/sss_client/common.c:1075 msgid "SSSD is not run by root." msgstr "SSSD no está siendo ejecutado por el usuario root." -#: src/sss_client/common.c:1075 +#: src/sss_client/common.c:1080 msgid "An error occurred, but no description can be found." msgstr "Ha ocurrido un error, pero no se ha podido encontrar una descripción." -#: src/sss_client/common.c:1081 +#: src/sss_client/common.c:1086 msgid "Unexpected error while looking for an error description" msgstr "" "Ha ocurrido un error no esperado mientras se buscaba la descripción del error" -#: src/sss_client/pam_sss.c:68 +#: src/sss_client/pam_sss.c:76 msgid "Permission denied. " msgstr "" -#: src/sss_client/pam_sss.c:69 src/sss_client/pam_sss.c:746 -#: src/sss_client/pam_sss.c:757 +#: src/sss_client/pam_sss.c:77 src/sss_client/pam_sss.c:782 +#: src/sss_client/pam_sss.c:793 msgid "Server message: " msgstr "Mensaje del servidor:" -#: src/sss_client/pam_sss.c:264 +#: src/sss_client/pam_sss.c:300 msgid "Passwords do not match" msgstr "Las contraseñas no coinciden" -#: src/sss_client/pam_sss.c:452 +#: src/sss_client/pam_sss.c:488 msgid "Password reset by root is not supported." msgstr "No existe soporte para reseteado de la contraseña por el usuario root." -#: src/sss_client/pam_sss.c:493 +#: src/sss_client/pam_sss.c:529 msgid "Authenticated with cached credentials" msgstr "Autenticado mediante credenciales cacheada" -#: src/sss_client/pam_sss.c:494 +#: src/sss_client/pam_sss.c:530 msgid ", your cached password will expire at: " msgstr ", su contraseña cacheada vencerá el:" -#: src/sss_client/pam_sss.c:524 +#: src/sss_client/pam_sss.c:560 #, c-format msgid "Your password has expired. You have %1$d grace login(s) remaining." msgstr "" -#: src/sss_client/pam_sss.c:570 +#: src/sss_client/pam_sss.c:606 #, c-format msgid "Your password will expire in %1$d %2$s." msgstr "" -#: src/sss_client/pam_sss.c:619 +#: src/sss_client/pam_sss.c:655 msgid "Authentication is denied until: " msgstr "La autenticación ha sido denegada hasta:" -#: src/sss_client/pam_sss.c:640 +#: src/sss_client/pam_sss.c:676 msgid "System is offline, password change not possible" msgstr "El sistema está fuera de línea, no se puede cambiar la contraseña" -#: src/sss_client/pam_sss.c:655 +#: src/sss_client/pam_sss.c:691 msgid "" "After changing the OTP password, you need to log out and back in order to " "acquire a ticket" msgstr "" -#: src/sss_client/pam_sss.c:743 src/sss_client/pam_sss.c:756 +#: src/sss_client/pam_sss.c:779 src/sss_client/pam_sss.c:792 msgid "Password change failed. " msgstr "Falló el cambio de contraseña." -#: src/sss_client/pam_sss.c:1670 +#: src/sss_client/pam_sss.c:1926 msgid "New Password: " msgstr "Nueva contraseña: " -#: src/sss_client/pam_sss.c:1671 +#: src/sss_client/pam_sss.c:1927 msgid "Reenter new Password: " msgstr "Reingrese la contraseña nueva:" -#: src/sss_client/pam_sss.c:1783 src/sss_client/pam_sss.c:1786 +#: src/sss_client/pam_sss.c:2039 src/sss_client/pam_sss.c:2042 msgid "First Factor: " msgstr "" -#: src/sss_client/pam_sss.c:1784 +#: src/sss_client/pam_sss.c:2040 src/sss_client/pam_sss.c:2202 msgid "Second Factor (optional): " msgstr "" -#: src/sss_client/pam_sss.c:1787 +#: src/sss_client/pam_sss.c:2043 src/sss_client/pam_sss.c:2205 msgid "Second Factor: " msgstr "" -#: src/sss_client/pam_sss.c:1792 +#: src/sss_client/pam_sss.c:2058 msgid "Password: " msgstr "Contraseña: " -#: src/sss_client/pam_sss.c:1832 +#: src/sss_client/pam_sss.c:2201 src/sss_client/pam_sss.c:2204 +#, fuzzy +msgid "First Factor (Current Password): " +msgstr "Contraseña actual: " + +#: src/sss_client/pam_sss.c:2208 msgid "Current Password: " msgstr "Contraseña actual: " -#: src/sss_client/pam_sss.c:2098 +#: src/sss_client/pam_sss.c:2536 msgid "Password expired. Change your password now." msgstr "La contraseña ha expirado. Modifíquela en este preciso momento." @@ -2362,38 +2378,38 @@ msgstr "" msgid "Cached in InfoPipe" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:511 +#: src/tools/sssctl/sssctl_cache.c:512 #, c-format msgid "Error: Unable to get object [%d]: %s\n" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:527 +#: src/tools/sssctl/sssctl_cache.c:528 #, c-format msgid "%s: Unable to read value [%d]: %s\n" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:555 +#: src/tools/sssctl/sssctl_cache.c:556 msgid "Specify name." msgstr "" -#: src/tools/sssctl/sssctl_cache.c:565 +#: src/tools/sssctl/sssctl_cache.c:566 #, c-format msgid "Unable to parse name %s.\n" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:591 src/tools/sssctl/sssctl_cache.c:638 +#: src/tools/sssctl/sssctl_cache.c:592 src/tools/sssctl/sssctl_cache.c:639 msgid "Search by SID" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:592 +#: src/tools/sssctl/sssctl_cache.c:593 msgid "Search by user ID" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:601 +#: src/tools/sssctl/sssctl_cache.c:602 msgid "Initgroups expiration time" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:639 +#: src/tools/sssctl/sssctl_cache.c:640 msgid "Search by group ID" msgstr "" @@ -2431,7 +2447,7 @@ msgid "Unable to create backup directory [%d]: %s" msgstr "" #: src/tools/sssctl/sssctl_data.c:95 -msgid "SSSD backup of local data already exist, override?" +msgid "SSSD backup of local data already exists, override?" msgstr "" #: src/tools/sssctl/sssctl_data.c:111 diff --git a/po/eu.po b/po/eu.po index 3fb2e5fbc76..9f04c1cdee7 100644 --- a/po/eu.po +++ b/po/eu.po @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2017-10-20 16:16+0200\n" +"POT-Creation-Date: 2018-03-09 12:31+0100\n" "PO-Revision-Date: 2014-12-14 11:45-0500\n" "Last-Translator: Copied by Zanata \n" "Language-Team: Basque (http://www.transifex.com/projects/p/sssd/language/" @@ -492,12 +492,12 @@ msgid "Whether to automatically update the client's DNS entry" msgstr "" #: src/config/SSSDConfig/__init__.py.in:184 -#: src/config/SSSDConfig/__init__.py.in:205 +#: src/config/SSSDConfig/__init__.py.in:206 msgid "The TTL to apply to the client's DNS entry after updating it" msgstr "" #: src/config/SSSDConfig/__init__.py.in:185 -#: src/config/SSSDConfig/__init__.py.in:206 +#: src/config/SSSDConfig/__init__.py.in:207 msgid "The interface whose IP should be used for dynamic DNS updates" msgstr "" @@ -541,1114 +541,1127 @@ msgstr "" msgid "How long can cached credentials be used for cached authentication" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:200 +#: src/config/SSSDConfig/__init__.py.in:198 +msgid "Whether to automatically create private groups for users" +msgstr "" + +#: src/config/SSSDConfig/__init__.py.in:201 msgid "IPA domain" msgstr "IPA domeinua" -#: src/config/SSSDConfig/__init__.py.in:201 +#: src/config/SSSDConfig/__init__.py.in:202 msgid "IPA server address" msgstr "IPA zerbitzariaren helbidea" -#: src/config/SSSDConfig/__init__.py.in:202 +#: src/config/SSSDConfig/__init__.py.in:203 msgid "Address of backup IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:203 +#: src/config/SSSDConfig/__init__.py.in:204 msgid "IPA client hostname" msgstr "IPA bezeroaren ostalari-izena" -#: src/config/SSSDConfig/__init__.py.in:204 +#: src/config/SSSDConfig/__init__.py.in:205 msgid "Whether to automatically update the client's DNS entry in FreeIPA" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:207 +#: src/config/SSSDConfig/__init__.py.in:208 msgid "Search base for HBAC related objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:208 +#: src/config/SSSDConfig/__init__.py.in:209 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:209 +#: src/config/SSSDConfig/__init__.py.in:210 msgid "" "The amount of time in seconds between lookups of the SELinux maps against " "the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:210 +#: src/config/SSSDConfig/__init__.py.in:211 msgid "If set to false, host argument given by PAM will be ignored" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:211 +#: src/config/SSSDConfig/__init__.py.in:212 msgid "The automounter location this IPA client is using" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:212 +#: src/config/SSSDConfig/__init__.py.in:213 msgid "Search base for object containing info about IPA domain" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:213 +#: src/config/SSSDConfig/__init__.py.in:214 msgid "Search base for objects containing info about ID ranges" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:214 -#: src/config/SSSDConfig/__init__.py.in:232 +#: src/config/SSSDConfig/__init__.py.in:215 +#: src/config/SSSDConfig/__init__.py.in:233 msgid "Enable DNS sites - location based service discovery" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:215 +#: src/config/SSSDConfig/__init__.py.in:216 msgid "Search base for view containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:216 +#: src/config/SSSDConfig/__init__.py.in:217 msgid "Objectclass for view containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:217 +#: src/config/SSSDConfig/__init__.py.in:218 msgid "Attribute with the name of the view" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:218 +#: src/config/SSSDConfig/__init__.py.in:219 msgid "Objectclass for override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:219 +#: src/config/SSSDConfig/__init__.py.in:220 msgid "Attribute with the reference to the original object" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:220 +#: src/config/SSSDConfig/__init__.py.in:221 msgid "Objectclass for user override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:221 +#: src/config/SSSDConfig/__init__.py.in:222 msgid "Objectclass for group override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:222 +#: src/config/SSSDConfig/__init__.py.in:223 msgid "Search base for Desktop Profile related objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:223 +#: src/config/SSSDConfig/__init__.py.in:224 msgid "" "The amount of time in seconds between lookups of the Desktop Profile rules " "against the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:224 +#: src/config/SSSDConfig/__init__.py.in:225 msgid "" "The amount of time in minutes between lookups of Desktop Profiles rules " "against the IPA server when the last request did not find any rule" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:227 +#: src/config/SSSDConfig/__init__.py.in:228 msgid "Active Directory domain" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:228 +#: src/config/SSSDConfig/__init__.py.in:229 msgid "Enabled Active Directory domains" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:229 +#: src/config/SSSDConfig/__init__.py.in:230 msgid "Active Directory server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:230 +#: src/config/SSSDConfig/__init__.py.in:231 msgid "Active Directory backup server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:231 +#: src/config/SSSDConfig/__init__.py.in:232 msgid "Active Directory client hostname" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:233 -#: src/config/SSSDConfig/__init__.py.in:419 +#: src/config/SSSDConfig/__init__.py.in:234 +#: src/config/SSSDConfig/__init__.py.in:420 msgid "LDAP filter to determine access privileges" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:234 +#: src/config/SSSDConfig/__init__.py.in:235 msgid "Whether to use the Global Catalog for lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:235 +#: src/config/SSSDConfig/__init__.py.in:236 msgid "Operation mode for GPO-based access control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:236 +#: src/config/SSSDConfig/__init__.py.in:237 msgid "" "The amount of time between lookups of the GPO policy files against the AD " "server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:237 +#: src/config/SSSDConfig/__init__.py.in:238 msgid "" "PAM service names that map to the GPO (Deny)InteractiveLogonRight policy " "settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:238 +#: src/config/SSSDConfig/__init__.py.in:239 msgid "" "PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight " "policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:239 +#: src/config/SSSDConfig/__init__.py.in:240 msgid "" "PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:240 +#: src/config/SSSDConfig/__init__.py.in:241 msgid "" "PAM service names that map to the GPO (Deny)BatchLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:241 +#: src/config/SSSDConfig/__init__.py.in:242 msgid "" "PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:242 +#: src/config/SSSDConfig/__init__.py.in:243 msgid "PAM service names for which GPO-based access is always granted" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:243 +#: src/config/SSSDConfig/__init__.py.in:244 msgid "PAM service names for which GPO-based access is always denied" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:244 +#: src/config/SSSDConfig/__init__.py.in:245 msgid "" "Default logon right (or permit/deny) to use for unmapped PAM service names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:245 +#: src/config/SSSDConfig/__init__.py.in:246 msgid "a particular site to be used by the client" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:246 +#: src/config/SSSDConfig/__init__.py.in:247 msgid "" "Maximum age in days before the machine account password should be renewed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:247 +#: src/config/SSSDConfig/__init__.py.in:248 msgid "Option for tuning the machine account renewal task" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:250 #: src/config/SSSDConfig/__init__.py.in:251 +#: src/config/SSSDConfig/__init__.py.in:252 msgid "Kerberos server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:252 +#: src/config/SSSDConfig/__init__.py.in:253 msgid "Kerberos backup server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:253 +#: src/config/SSSDConfig/__init__.py.in:254 msgid "Kerberos realm" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:254 +#: src/config/SSSDConfig/__init__.py.in:255 msgid "Authentication timeout" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:255 +#: src/config/SSSDConfig/__init__.py.in:256 msgid "Whether to create kdcinfo files" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:256 +#: src/config/SSSDConfig/__init__.py.in:257 msgid "Where to drop krb5 config snippets" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:259 +#: src/config/SSSDConfig/__init__.py.in:260 msgid "Directory to store credential caches" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:260 +#: src/config/SSSDConfig/__init__.py.in:261 msgid "Location of the user's credential cache" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:261 +#: src/config/SSSDConfig/__init__.py.in:262 msgid "Location of the keytab to validate credentials" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:262 +#: src/config/SSSDConfig/__init__.py.in:263 msgid "Enable credential validation" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:263 +#: src/config/SSSDConfig/__init__.py.in:264 msgid "Store password if offline for later online authentication" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:264 +#: src/config/SSSDConfig/__init__.py.in:265 msgid "Renewable lifetime of the TGT" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:265 +#: src/config/SSSDConfig/__init__.py.in:266 msgid "Lifetime of the TGT" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:266 +#: src/config/SSSDConfig/__init__.py.in:267 msgid "Time between two checks for renewal" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:267 +#: src/config/SSSDConfig/__init__.py.in:268 msgid "Enables FAST" msgstr "FAST gaitzen du" -#: src/config/SSSDConfig/__init__.py.in:268 +#: src/config/SSSDConfig/__init__.py.in:269 msgid "Selects the principal to use for FAST" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:269 +#: src/config/SSSDConfig/__init__.py.in:270 msgid "Enables principal canonicalization" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:270 +#: src/config/SSSDConfig/__init__.py.in:271 msgid "Enables enterprise principals" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:271 -msgid "A mapping from user names to kerberos principal names" +#: src/config/SSSDConfig/__init__.py.in:272 +msgid "A mapping from user names to Kerberos principal names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:274 #: src/config/SSSDConfig/__init__.py.in:275 +#: src/config/SSSDConfig/__init__.py.in:276 msgid "Server where the change password service is running if not on the KDC" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:278 +#: src/config/SSSDConfig/__init__.py.in:279 msgid "ldap_uri, The URI of the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:279 +#: src/config/SSSDConfig/__init__.py.in:280 msgid "ldap_backup_uri, The URI of the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:280 +#: src/config/SSSDConfig/__init__.py.in:281 msgid "The default base DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:281 +#: src/config/SSSDConfig/__init__.py.in:282 msgid "The Schema Type in use on the LDAP server, rfc2307" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:282 +#: src/config/SSSDConfig/__init__.py.in:283 msgid "The default bind DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:283 +#: src/config/SSSDConfig/__init__.py.in:284 msgid "The type of the authentication token of the default bind DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:284 +#: src/config/SSSDConfig/__init__.py.in:285 msgid "The authentication token of the default bind DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:285 +#: src/config/SSSDConfig/__init__.py.in:286 msgid "Length of time to attempt connection" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:286 +#: src/config/SSSDConfig/__init__.py.in:287 msgid "Length of time to attempt synchronous LDAP operations" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:287 +#: src/config/SSSDConfig/__init__.py.in:288 msgid "Length of time between attempts to reconnect while offline" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:288 +#: src/config/SSSDConfig/__init__.py.in:289 msgid "Use only the upper case for realm names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:289 +#: src/config/SSSDConfig/__init__.py.in:290 msgid "File that contains CA certificates" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:290 +#: src/config/SSSDConfig/__init__.py.in:291 msgid "Path to CA certificate directory" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:291 +#: src/config/SSSDConfig/__init__.py.in:292 msgid "File that contains the client certificate" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:292 +#: src/config/SSSDConfig/__init__.py.in:293 msgid "File that contains the client key" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:293 +#: src/config/SSSDConfig/__init__.py.in:294 msgid "List of possible ciphers suites" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:294 +#: src/config/SSSDConfig/__init__.py.in:295 msgid "Require TLS certificate verification" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:295 +#: src/config/SSSDConfig/__init__.py.in:296 msgid "Specify the sasl mechanism to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:296 +#: src/config/SSSDConfig/__init__.py.in:297 msgid "Specify the sasl authorization id to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:297 +#: src/config/SSSDConfig/__init__.py.in:298 msgid "Specify the sasl authorization realm to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:298 +#: src/config/SSSDConfig/__init__.py.in:299 msgid "Specify the minimal SSF for LDAP sasl authorization" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:299 +#: src/config/SSSDConfig/__init__.py.in:300 msgid "Kerberos service keytab" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:300 +#: src/config/SSSDConfig/__init__.py.in:301 msgid "Use Kerberos auth for LDAP connection" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:301 +#: src/config/SSSDConfig/__init__.py.in:302 msgid "Follow LDAP referrals" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:302 +#: src/config/SSSDConfig/__init__.py.in:303 msgid "Lifetime of TGT for LDAP connection" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:303 +#: src/config/SSSDConfig/__init__.py.in:304 msgid "How to dereference aliases" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:304 +#: src/config/SSSDConfig/__init__.py.in:305 msgid "Service name for DNS service lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:305 +#: src/config/SSSDConfig/__init__.py.in:306 msgid "The number of records to retrieve in a single LDAP query" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:306 +#: src/config/SSSDConfig/__init__.py.in:307 msgid "The number of members that must be missing to trigger a full deref" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:307 +#: src/config/SSSDConfig/__init__.py.in:308 msgid "" "Whether the LDAP library should perform a reverse lookup to canonicalize the " "host name during a SASL bind" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:309 +#: src/config/SSSDConfig/__init__.py.in:310 msgid "entryUSN attribute" msgstr "entryUSN atributua" -#: src/config/SSSDConfig/__init__.py.in:310 +#: src/config/SSSDConfig/__init__.py.in:311 msgid "lastUSN attribute" msgstr "lastUSN atributua" -#: src/config/SSSDConfig/__init__.py.in:312 +#: src/config/SSSDConfig/__init__.py.in:313 msgid "How long to retain a connection to the LDAP server before disconnecting" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:314 +#: src/config/SSSDConfig/__init__.py.in:315 msgid "Disable the LDAP paging control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:315 +#: src/config/SSSDConfig/__init__.py.in:316 msgid "Disable Active Directory range retrieval" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:318 +#: src/config/SSSDConfig/__init__.py.in:319 msgid "Length of time to wait for a search request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:319 +#: src/config/SSSDConfig/__init__.py.in:320 msgid "Length of time to wait for a enumeration request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:320 +#: src/config/SSSDConfig/__init__.py.in:321 msgid "Length of time between enumeration updates" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:321 +#: src/config/SSSDConfig/__init__.py.in:322 msgid "Length of time between cache cleanups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:322 +#: src/config/SSSDConfig/__init__.py.in:323 msgid "Require TLS for ID lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:323 +#: src/config/SSSDConfig/__init__.py.in:324 msgid "Use ID-mapping of objectSID instead of pre-set IDs" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:324 +#: src/config/SSSDConfig/__init__.py.in:325 msgid "Base DN for user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:325 +#: src/config/SSSDConfig/__init__.py.in:326 msgid "Scope of user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:326 +#: src/config/SSSDConfig/__init__.py.in:327 msgid "Filter for user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:327 +#: src/config/SSSDConfig/__init__.py.in:328 msgid "Objectclass for users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:328 +#: src/config/SSSDConfig/__init__.py.in:329 msgid "Username attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:330 +#: src/config/SSSDConfig/__init__.py.in:331 msgid "UID attribute" msgstr "UID atributua" -#: src/config/SSSDConfig/__init__.py.in:331 +#: src/config/SSSDConfig/__init__.py.in:332 msgid "Primary GID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:332 +#: src/config/SSSDConfig/__init__.py.in:333 msgid "GECOS attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:333 +#: src/config/SSSDConfig/__init__.py.in:334 msgid "Home directory attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:334 +#: src/config/SSSDConfig/__init__.py.in:335 msgid "Shell attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:335 +#: src/config/SSSDConfig/__init__.py.in:336 msgid "UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:336 -#: src/config/SSSDConfig/__init__.py.in:378 +#: src/config/SSSDConfig/__init__.py.in:337 +#: src/config/SSSDConfig/__init__.py.in:379 msgid "objectSID attribute" msgstr "objectSID atributua" -#: src/config/SSSDConfig/__init__.py.in:337 +#: src/config/SSSDConfig/__init__.py.in:338 msgid "Active Directory primary group attribute for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:338 +#: src/config/SSSDConfig/__init__.py.in:339 msgid "User principal attribute (for Kerberos)" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:339 +#: src/config/SSSDConfig/__init__.py.in:340 msgid "Full Name" msgstr "Izen osoa" -#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:341 msgid "memberOf attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:341 +#: src/config/SSSDConfig/__init__.py.in:342 msgid "Modification time attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:343 +#: src/config/SSSDConfig/__init__.py.in:344 msgid "shadowLastChange attribute" msgstr "shadowLastChange atributua" -#: src/config/SSSDConfig/__init__.py.in:344 +#: src/config/SSSDConfig/__init__.py.in:345 msgid "shadowMin attribute" msgstr "shadowMin atributua" -#: src/config/SSSDConfig/__init__.py.in:345 +#: src/config/SSSDConfig/__init__.py.in:346 msgid "shadowMax attribute" msgstr "shadowMax atributua" -#: src/config/SSSDConfig/__init__.py.in:346 +#: src/config/SSSDConfig/__init__.py.in:347 msgid "shadowWarning attribute" msgstr "shadowWarning atributua" -#: src/config/SSSDConfig/__init__.py.in:347 +#: src/config/SSSDConfig/__init__.py.in:348 msgid "shadowInactive attribute" msgstr "shadowInactive atributua" -#: src/config/SSSDConfig/__init__.py.in:348 +#: src/config/SSSDConfig/__init__.py.in:349 msgid "shadowExpire attribute" msgstr "shadowExpire atributua" -#: src/config/SSSDConfig/__init__.py.in:349 +#: src/config/SSSDConfig/__init__.py.in:350 msgid "shadowFlag attribute" msgstr "shadowFlag atributua" -#: src/config/SSSDConfig/__init__.py.in:350 +#: src/config/SSSDConfig/__init__.py.in:351 msgid "Attribute listing authorized PAM services" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:351 +#: src/config/SSSDConfig/__init__.py.in:352 msgid "Attribute listing authorized server hosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:352 +#: src/config/SSSDConfig/__init__.py.in:353 msgid "Attribute listing authorized server rhosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:353 +#: src/config/SSSDConfig/__init__.py.in:354 msgid "krbLastPwdChange attribute" msgstr "krbLastPwdChange atributua" -#: src/config/SSSDConfig/__init__.py.in:354 +#: src/config/SSSDConfig/__init__.py.in:355 msgid "krbPasswordExpiration attribute" msgstr "krbPasswordExpiration atributua" -#: src/config/SSSDConfig/__init__.py.in:355 +#: src/config/SSSDConfig/__init__.py.in:356 msgid "Attribute indicating that server side password policies are active" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:356 +#: src/config/SSSDConfig/__init__.py.in:357 msgid "accountExpires attribute of AD" msgstr "ADren accountExpires atributua" -#: src/config/SSSDConfig/__init__.py.in:357 +#: src/config/SSSDConfig/__init__.py.in:358 msgid "userAccountControl attribute of AD" msgstr "ADren userAccountControl atributua" -#: src/config/SSSDConfig/__init__.py.in:358 +#: src/config/SSSDConfig/__init__.py.in:359 msgid "nsAccountLock attribute" msgstr "nsAccountLock atributua" -#: src/config/SSSDConfig/__init__.py.in:359 +#: src/config/SSSDConfig/__init__.py.in:360 msgid "loginDisabled attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:360 +#: src/config/SSSDConfig/__init__.py.in:361 msgid "loginExpirationTime attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:361 +#: src/config/SSSDConfig/__init__.py.in:362 msgid "loginAllowedTimeMap attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:362 +#: src/config/SSSDConfig/__init__.py.in:363 msgid "SSH public key attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:363 +#: src/config/SSSDConfig/__init__.py.in:364 msgid "attribute listing allowed authentication types for a user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:364 +#: src/config/SSSDConfig/__init__.py.in:365 msgid "attribute containing the X509 certificate of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:365 +#: src/config/SSSDConfig/__init__.py.in:366 msgid "attribute containing the email address of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:367 +#: src/config/SSSDConfig/__init__.py.in:368 msgid "A list of extra attributes to download along with the user entry" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:369 +#: src/config/SSSDConfig/__init__.py.in:370 msgid "Base DN for group lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:372 +#: src/config/SSSDConfig/__init__.py.in:373 msgid "Objectclass for groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:373 +#: src/config/SSSDConfig/__init__.py.in:374 msgid "Group name" msgstr "Talde-izena" -#: src/config/SSSDConfig/__init__.py.in:374 +#: src/config/SSSDConfig/__init__.py.in:375 msgid "Group password" msgstr "Taldearen pasahitza" -#: src/config/SSSDConfig/__init__.py.in:375 +#: src/config/SSSDConfig/__init__.py.in:376 msgid "GID attribute" msgstr "GID atributua" -#: src/config/SSSDConfig/__init__.py.in:376 +#: src/config/SSSDConfig/__init__.py.in:377 msgid "Group member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:377 +#: src/config/SSSDConfig/__init__.py.in:378 msgid "Group UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:379 +#: src/config/SSSDConfig/__init__.py.in:380 msgid "Modification time attribute for groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:380 +#: src/config/SSSDConfig/__init__.py.in:381 msgid "Type of the group and other flags" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:381 +#: src/config/SSSDConfig/__init__.py.in:382 msgid "The LDAP group external member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:383 -msgid "Maximum nesting level SSSd will follow" +#: src/config/SSSDConfig/__init__.py.in:384 +msgid "Maximum nesting level SSSD will follow" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:385 +#: src/config/SSSDConfig/__init__.py.in:386 msgid "Base DN for netgroup lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:386 +#: src/config/SSSDConfig/__init__.py.in:387 msgid "Objectclass for netgroups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:387 +#: src/config/SSSDConfig/__init__.py.in:388 msgid "Netgroup name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:388 +#: src/config/SSSDConfig/__init__.py.in:389 msgid "Netgroups members attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:389 +#: src/config/SSSDConfig/__init__.py.in:390 msgid "Netgroup triple attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:390 +#: src/config/SSSDConfig/__init__.py.in:391 msgid "Modification time attribute for netgroups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:392 +#: src/config/SSSDConfig/__init__.py.in:393 msgid "Base DN for service lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:393 +#: src/config/SSSDConfig/__init__.py.in:394 msgid "Objectclass for services" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:394 +#: src/config/SSSDConfig/__init__.py.in:395 msgid "Service name attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:395 +#: src/config/SSSDConfig/__init__.py.in:396 msgid "Service port attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:396 +#: src/config/SSSDConfig/__init__.py.in:397 msgid "Service protocol attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:399 +#: src/config/SSSDConfig/__init__.py.in:400 msgid "Lower bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:400 +#: src/config/SSSDConfig/__init__.py.in:401 msgid "Upper bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:401 +#: src/config/SSSDConfig/__init__.py.in:402 msgid "Number of IDs for each slice when ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:402 +#: src/config/SSSDConfig/__init__.py.in:403 msgid "Use autorid-compatible algorithm for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:403 +#: src/config/SSSDConfig/__init__.py.in:404 msgid "Name of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:404 +#: src/config/SSSDConfig/__init__.py.in:405 msgid "SID of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:405 +#: src/config/SSSDConfig/__init__.py.in:406 msgid "Number of secondary slices" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:407 +#: src/config/SSSDConfig/__init__.py.in:408 msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:408 +#: src/config/SSSDConfig/__init__.py.in:409 msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:409 +#: src/config/SSSDConfig/__init__.py.in:410 msgid "Whether to use Token-Groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:410 +#: src/config/SSSDConfig/__init__.py.in:411 msgid "Set lower boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:411 +#: src/config/SSSDConfig/__init__.py.in:412 msgid "Set upper boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:412 +#: src/config/SSSDConfig/__init__.py.in:413 msgid "DN for ppolicy queries" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:413 +#: src/config/SSSDConfig/__init__.py.in:414 msgid "How many maximum entries to fetch during a wildcard request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:416 +#: src/config/SSSDConfig/__init__.py.in:417 msgid "Policy to evaluate the password expiration" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:420 +#: src/config/SSSDConfig/__init__.py.in:421 msgid "Which attributes shall be used to evaluate if an account is expired" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:421 +#: src/config/SSSDConfig/__init__.py.in:422 msgid "Which rules should be used to evaluate access control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:424 +#: src/config/SSSDConfig/__init__.py.in:425 msgid "URI of an LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:425 +#: src/config/SSSDConfig/__init__.py.in:426 msgid "URI of a backup LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:426 +#: src/config/SSSDConfig/__init__.py.in:427 msgid "DNS service name for LDAP password change server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:427 +#: src/config/SSSDConfig/__init__.py.in:428 msgid "" "Whether to update the ldap_user_shadow_last_change attribute after a " "password change" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:430 +#: src/config/SSSDConfig/__init__.py.in:431 msgid "Base DN for sudo rules lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:431 +#: src/config/SSSDConfig/__init__.py.in:432 msgid "Automatic full refresh period" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:432 +#: src/config/SSSDConfig/__init__.py.in:433 msgid "Automatic smart refresh period" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:433 +#: src/config/SSSDConfig/__init__.py.in:434 msgid "Whether to filter rules by hostname, IP addresses and network" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:434 +#: src/config/SSSDConfig/__init__.py.in:435 msgid "" "Hostnames and/or fully qualified domain names of this machine to filter sudo " "rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:435 +#: src/config/SSSDConfig/__init__.py.in:436 msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:436 +#: src/config/SSSDConfig/__init__.py.in:437 msgid "Whether to include rules that contains netgroup in host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:437 +#: src/config/SSSDConfig/__init__.py.in:438 msgid "" "Whether to include rules that contains regular expression in host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:438 +#: src/config/SSSDConfig/__init__.py.in:439 msgid "Object class for sudo rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:439 +#: src/config/SSSDConfig/__init__.py.in:440 msgid "Sudo rule name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:440 +#: src/config/SSSDConfig/__init__.py.in:441 msgid "Sudo rule command attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:441 +#: src/config/SSSDConfig/__init__.py.in:442 msgid "Sudo rule host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:442 +#: src/config/SSSDConfig/__init__.py.in:443 msgid "Sudo rule user attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:443 +#: src/config/SSSDConfig/__init__.py.in:444 msgid "Sudo rule option attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:444 +#: src/config/SSSDConfig/__init__.py.in:445 msgid "Sudo rule runas attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:445 +#: src/config/SSSDConfig/__init__.py.in:446 msgid "Sudo rule runasuser attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:446 +#: src/config/SSSDConfig/__init__.py.in:447 msgid "Sudo rule runasgroup attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:447 +#: src/config/SSSDConfig/__init__.py.in:448 msgid "Sudo rule notbefore attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:448 +#: src/config/SSSDConfig/__init__.py.in:449 msgid "Sudo rule notafter attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:449 +#: src/config/SSSDConfig/__init__.py.in:450 msgid "Sudo rule order attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:452 +#: src/config/SSSDConfig/__init__.py.in:453 msgid "Object class for automounter maps" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:453 +#: src/config/SSSDConfig/__init__.py.in:454 msgid "Automounter map name attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:454 +#: src/config/SSSDConfig/__init__.py.in:455 msgid "Object class for automounter map entries" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:455 +#: src/config/SSSDConfig/__init__.py.in:456 msgid "Automounter map entry key attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:456 +#: src/config/SSSDConfig/__init__.py.in:457 msgid "Automounter map entry value attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:457 +#: src/config/SSSDConfig/__init__.py.in:458 msgid "Base DN for automounter map lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:460 +#: src/config/SSSDConfig/__init__.py.in:461 msgid "Comma separated list of allowed users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:461 +#: src/config/SSSDConfig/__init__.py.in:462 msgid "Comma separated list of prohibited users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:464 +#: src/config/SSSDConfig/__init__.py.in:465 msgid "Default shell, /bin/bash" msgstr "Shell lehenetsia, /bin/bash" -#: src/config/SSSDConfig/__init__.py.in:465 +#: src/config/SSSDConfig/__init__.py.in:466 msgid "Base for home directories" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:468 +#: src/config/SSSDConfig/__init__.py.in:469 msgid "The number of preforked proxy children." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:471 +#: src/config/SSSDConfig/__init__.py.in:472 msgid "The name of the NSS library to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:472 +#: src/config/SSSDConfig/__init__.py.in:473 msgid "Whether to look up canonical group name from cache if possible" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:475 +#: src/config/SSSDConfig/__init__.py.in:476 msgid "PAM stack to use" msgstr "" -#: src/monitor/monitor.c:2469 +#: src/monitor/monitor.c:2449 msgid "Become a daemon (default)" msgstr "" -#: src/monitor/monitor.c:2471 +#: src/monitor/monitor.c:2451 msgid "Run interactive (not a daemon)" msgstr "" -#: src/monitor/monitor.c:2474 +#: src/monitor/monitor.c:2454 msgid "Disable netlink interface" msgstr "" -#: src/monitor/monitor.c:2476 src/tools/sssctl/sssctl_logs.c:311 +#: src/monitor/monitor.c:2456 src/tools/sssctl/sssctl_logs.c:311 msgid "Specify a non-default config file" msgstr "" -#: src/monitor/monitor.c:2478 +#: src/monitor/monitor.c:2458 msgid "Refresh the configuration database, then exit" msgstr "" -#: src/monitor/monitor.c:2481 +#: src/monitor/monitor.c:2461 msgid "Print version number and exit" msgstr "Inprimatu bertsio zenbakia eta irten" -#: src/monitor/monitor.c:2645 +#: src/monitor/monitor.c:2627 msgid "SSSD is already running\n" msgstr "" -#: src/providers/krb5/krb5_child.c:3032 src/providers/ldap/ldap_child.c:616 +#: src/providers/krb5/krb5_child.c:3216 src/providers/ldap/ldap_child.c:617 msgid "Debug level" msgstr "Arazketa maila" -#: src/providers/krb5/krb5_child.c:3034 src/providers/ldap/ldap_child.c:618 +#: src/providers/krb5/krb5_child.c:3218 src/providers/ldap/ldap_child.c:619 msgid "Add debug timestamps" msgstr "Gehitu arazketako data-zigiluak" -#: src/providers/krb5/krb5_child.c:3036 src/providers/ldap/ldap_child.c:620 +#: src/providers/krb5/krb5_child.c:3220 src/providers/ldap/ldap_child.c:621 msgid "Show timestamps with microseconds" msgstr "" -#: src/providers/krb5/krb5_child.c:3038 src/providers/ldap/ldap_child.c:622 +#: src/providers/krb5/krb5_child.c:3222 src/providers/ldap/ldap_child.c:623 msgid "An open file descriptor for the debug logs" msgstr "" -#: src/providers/krb5/krb5_child.c:3041 src/providers/ldap/ldap_child.c:624 +#: src/providers/krb5/krb5_child.c:3225 src/providers/ldap/ldap_child.c:625 msgid "Send the debug output to stderr directly." msgstr "" -#: src/providers/krb5/krb5_child.c:3043 +#: src/providers/krb5/krb5_child.c:3228 msgid "The user to create FAST ccache as" msgstr "" -#: src/providers/krb5/krb5_child.c:3045 +#: src/providers/krb5/krb5_child.c:3230 msgid "The group to create FAST ccache as" msgstr "" -#: src/providers/krb5/krb5_child.c:3047 +#: src/providers/krb5/krb5_child.c:3232 msgid "Kerberos realm to use" msgstr "" -#: src/providers/krb5/krb5_child.c:3049 +#: src/providers/krb5/krb5_child.c:3234 msgid "Requested lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:3051 +#: src/providers/krb5/krb5_child.c:3236 msgid "Requested renewable lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:3053 +#: src/providers/krb5/krb5_child.c:3238 msgid "FAST options ('never', 'try', 'demand')" msgstr "" -#: src/providers/krb5/krb5_child.c:3056 +#: src/providers/krb5/krb5_child.c:3241 msgid "Specifies the server principal to use for FAST" msgstr "" -#: src/providers/krb5/krb5_child.c:3058 +#: src/providers/krb5/krb5_child.c:3243 msgid "Requests canonicalization of the principal name" msgstr "" -#: src/providers/data_provider_be.c:553 +#: src/providers/krb5/krb5_child.c:3245 +msgid "Use custom version of krb5_get_init_creds_password" +msgstr "" + +#: src/providers/data_provider_be.c:555 msgid "Domain of the information provider (mandatory)" msgstr "" -#: src/sss_client/common.c:1061 +#: src/sss_client/common.c:1066 msgid "Privileged socket has wrong ownership or permissions." msgstr "" -#: src/sss_client/common.c:1064 +#: src/sss_client/common.c:1069 msgid "Public socket has wrong ownership or permissions." msgstr "" -#: src/sss_client/common.c:1067 +#: src/sss_client/common.c:1072 msgid "Unexpected format of the server credential message." msgstr "" -#: src/sss_client/common.c:1070 +#: src/sss_client/common.c:1075 msgid "SSSD is not run by root." msgstr "" -#: src/sss_client/common.c:1075 +#: src/sss_client/common.c:1080 msgid "An error occurred, but no description can be found." msgstr "" -#: src/sss_client/common.c:1081 +#: src/sss_client/common.c:1086 msgid "Unexpected error while looking for an error description" msgstr "" -#: src/sss_client/pam_sss.c:68 +#: src/sss_client/pam_sss.c:76 msgid "Permission denied. " msgstr "" -#: src/sss_client/pam_sss.c:69 src/sss_client/pam_sss.c:746 -#: src/sss_client/pam_sss.c:757 +#: src/sss_client/pam_sss.c:77 src/sss_client/pam_sss.c:782 +#: src/sss_client/pam_sss.c:793 msgid "Server message: " msgstr "" -#: src/sss_client/pam_sss.c:264 +#: src/sss_client/pam_sss.c:300 msgid "Passwords do not match" msgstr "" -#: src/sss_client/pam_sss.c:452 +#: src/sss_client/pam_sss.c:488 msgid "Password reset by root is not supported." msgstr "" -#: src/sss_client/pam_sss.c:493 +#: src/sss_client/pam_sss.c:529 msgid "Authenticated with cached credentials" msgstr "" -#: src/sss_client/pam_sss.c:494 +#: src/sss_client/pam_sss.c:530 msgid ", your cached password will expire at: " msgstr "" -#: src/sss_client/pam_sss.c:524 +#: src/sss_client/pam_sss.c:560 #, c-format msgid "Your password has expired. You have %1$d grace login(s) remaining." msgstr "" -#: src/sss_client/pam_sss.c:570 +#: src/sss_client/pam_sss.c:606 #, c-format msgid "Your password will expire in %1$d %2$s." msgstr "" -#: src/sss_client/pam_sss.c:619 +#: src/sss_client/pam_sss.c:655 msgid "Authentication is denied until: " msgstr "" -#: src/sss_client/pam_sss.c:640 +#: src/sss_client/pam_sss.c:676 msgid "System is offline, password change not possible" msgstr "" -#: src/sss_client/pam_sss.c:655 +#: src/sss_client/pam_sss.c:691 msgid "" "After changing the OTP password, you need to log out and back in order to " "acquire a ticket" msgstr "" -#: src/sss_client/pam_sss.c:743 src/sss_client/pam_sss.c:756 +#: src/sss_client/pam_sss.c:779 src/sss_client/pam_sss.c:792 msgid "Password change failed. " msgstr "Huts egin du pasahitza aldatzeak. " -#: src/sss_client/pam_sss.c:1670 +#: src/sss_client/pam_sss.c:1926 msgid "New Password: " msgstr "Pasahitz berria: " -#: src/sss_client/pam_sss.c:1671 +#: src/sss_client/pam_sss.c:1927 msgid "Reenter new Password: " msgstr "Berriz sartu pasahitz berria: " -#: src/sss_client/pam_sss.c:1783 src/sss_client/pam_sss.c:1786 +#: src/sss_client/pam_sss.c:2039 src/sss_client/pam_sss.c:2042 msgid "First Factor: " msgstr "" -#: src/sss_client/pam_sss.c:1784 +#: src/sss_client/pam_sss.c:2040 src/sss_client/pam_sss.c:2202 msgid "Second Factor (optional): " msgstr "" -#: src/sss_client/pam_sss.c:1787 +#: src/sss_client/pam_sss.c:2043 src/sss_client/pam_sss.c:2205 msgid "Second Factor: " msgstr "" -#: src/sss_client/pam_sss.c:1792 +#: src/sss_client/pam_sss.c:2058 msgid "Password: " msgstr "Pasahitza: " -#: src/sss_client/pam_sss.c:1832 +#: src/sss_client/pam_sss.c:2201 src/sss_client/pam_sss.c:2204 +#, fuzzy +msgid "First Factor (Current Password): " +msgstr "Uneko pasahitza: " + +#: src/sss_client/pam_sss.c:2208 msgid "Current Password: " msgstr "Uneko pasahitza: " -#: src/sss_client/pam_sss.c:2098 +#: src/sss_client/pam_sss.c:2536 msgid "Password expired. Change your password now." msgstr "Pasahitza iraungita. Aldatu zure pasahitza orain." @@ -2281,38 +2294,38 @@ msgstr "" msgid "Cached in InfoPipe" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:511 +#: src/tools/sssctl/sssctl_cache.c:512 #, c-format msgid "Error: Unable to get object [%d]: %s\n" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:527 +#: src/tools/sssctl/sssctl_cache.c:528 #, c-format msgid "%s: Unable to read value [%d]: %s\n" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:555 +#: src/tools/sssctl/sssctl_cache.c:556 msgid "Specify name." msgstr "" -#: src/tools/sssctl/sssctl_cache.c:565 +#: src/tools/sssctl/sssctl_cache.c:566 #, c-format msgid "Unable to parse name %s.\n" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:591 src/tools/sssctl/sssctl_cache.c:638 +#: src/tools/sssctl/sssctl_cache.c:592 src/tools/sssctl/sssctl_cache.c:639 msgid "Search by SID" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:592 +#: src/tools/sssctl/sssctl_cache.c:593 msgid "Search by user ID" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:601 +#: src/tools/sssctl/sssctl_cache.c:602 msgid "Initgroups expiration time" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:639 +#: src/tools/sssctl/sssctl_cache.c:640 msgid "Search by group ID" msgstr "" @@ -2350,7 +2363,7 @@ msgid "Unable to create backup directory [%d]: %s" msgstr "" #: src/tools/sssctl/sssctl_data.c:95 -msgid "SSSD backup of local data already exist, override?" +msgid "SSSD backup of local data already exists, override?" msgstr "" #: src/tools/sssctl/sssctl_data.c:111 diff --git a/po/fr.po b/po/fr.po index 2fd7ce3fc00..654437a2628 100644 --- a/po/fr.po +++ b/po/fr.po @@ -13,7 +13,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2017-10-20 16:16+0200\n" +"POT-Creation-Date: 2018-03-09 12:31+0100\n" "PO-Revision-Date: 2016-02-24 03:43-0500\n" "Last-Translator: Jérôme Fenal \n" "Language-Team: French (http://www.transifex.com/projects/p/sssd/language/" @@ -540,12 +540,12 @@ msgid "Whether to automatically update the client's DNS entry" msgstr "Choisir de mettre à jour automatiquement l'entrée DNS du client" #: src/config/SSSDConfig/__init__.py.in:184 -#: src/config/SSSDConfig/__init__.py.in:205 +#: src/config/SSSDConfig/__init__.py.in:206 msgid "The TTL to apply to the client's DNS entry after updating it" msgstr "Le TTL à appliquer à l'entrée DNS du client après modification" #: src/config/SSSDConfig/__init__.py.in:185 -#: src/config/SSSDConfig/__init__.py.in:206 +#: src/config/SSSDConfig/__init__.py.in:207 msgid "The interface whose IP should be used for dynamic DNS updates" msgstr "" "L'interface dont l'adresse IP doit être utilisée pour les mises à jour " @@ -595,149 +595,154 @@ msgstr "" msgid "How long can cached credentials be used for cached authentication" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:200 +#: src/config/SSSDConfig/__init__.py.in:198 +#, fuzzy +msgid "Whether to automatically create private groups for users" +msgstr "Choisir de mettre à jour automatiquement l'entrée DNS du client" + +#: src/config/SSSDConfig/__init__.py.in:201 msgid "IPA domain" msgstr "Domaine IPA" -#: src/config/SSSDConfig/__init__.py.in:201 +#: src/config/SSSDConfig/__init__.py.in:202 msgid "IPA server address" msgstr "Adresse du serveur IPA" -#: src/config/SSSDConfig/__init__.py.in:202 +#: src/config/SSSDConfig/__init__.py.in:203 msgid "Address of backup IPA server" msgstr "Adresse du serveur IPA de secours" -#: src/config/SSSDConfig/__init__.py.in:203 +#: src/config/SSSDConfig/__init__.py.in:204 msgid "IPA client hostname" msgstr "Nom de système du client IPA" -#: src/config/SSSDConfig/__init__.py.in:204 +#: src/config/SSSDConfig/__init__.py.in:205 msgid "Whether to automatically update the client's DNS entry in FreeIPA" msgstr "" "Choisir de mettre à jour automatiquement l'entrée DNS du client dans FreeIPA" -#: src/config/SSSDConfig/__init__.py.in:207 +#: src/config/SSSDConfig/__init__.py.in:208 msgid "Search base for HBAC related objects" msgstr "Base de recherche pour les objets HBAC" -#: src/config/SSSDConfig/__init__.py.in:208 +#: src/config/SSSDConfig/__init__.py.in:209 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server" msgstr "Délai entre les recherches de règles HBAC sur le serveur IPA" -#: src/config/SSSDConfig/__init__.py.in:209 +#: src/config/SSSDConfig/__init__.py.in:210 msgid "" "The amount of time in seconds between lookups of the SELinux maps against " "the IPA server" msgstr "Délai entre les recherches de cartes SELinux sur le serveur IPA" -#: src/config/SSSDConfig/__init__.py.in:210 +#: src/config/SSSDConfig/__init__.py.in:211 msgid "If set to false, host argument given by PAM will be ignored" msgstr "Si mit à false, l’argument de l'hôte donné par PAM est ignoré" -#: src/config/SSSDConfig/__init__.py.in:211 +#: src/config/SSSDConfig/__init__.py.in:212 msgid "The automounter location this IPA client is using" msgstr "" "L'emplacement de la carte de montage automatique utilisée par le client IPA" -#: src/config/SSSDConfig/__init__.py.in:212 +#: src/config/SSSDConfig/__init__.py.in:213 msgid "Search base for object containing info about IPA domain" msgstr "" "Base de recherche pour l'objet contenant les informations de base à propos " "du domaine IPA" -#: src/config/SSSDConfig/__init__.py.in:213 +#: src/config/SSSDConfig/__init__.py.in:214 msgid "Search base for objects containing info about ID ranges" msgstr "" "Base de recherche pour les objets contenant les informations à propos des " "plages d'ID" -#: src/config/SSSDConfig/__init__.py.in:214 -#: src/config/SSSDConfig/__init__.py.in:232 +#: src/config/SSSDConfig/__init__.py.in:215 +#: src/config/SSSDConfig/__init__.py.in:233 msgid "Enable DNS sites - location based service discovery" msgstr "Activer les sites DNS - découverte de service basée sur l'emplacement" -#: src/config/SSSDConfig/__init__.py.in:215 +#: src/config/SSSDConfig/__init__.py.in:216 msgid "Search base for view containers" msgstr "Base de recherche des conteneurs de vues" -#: src/config/SSSDConfig/__init__.py.in:216 +#: src/config/SSSDConfig/__init__.py.in:217 msgid "Objectclass for view containers" msgstr "Classe d'objet pour les conteneurs de vues" -#: src/config/SSSDConfig/__init__.py.in:217 +#: src/config/SSSDConfig/__init__.py.in:218 msgid "Attribute with the name of the view" msgstr "Attribut avec le nom de la vue" -#: src/config/SSSDConfig/__init__.py.in:218 +#: src/config/SSSDConfig/__init__.py.in:219 msgid "Objectclass for override objects" msgstr "Classe d'objet surchargeant les objets" -#: src/config/SSSDConfig/__init__.py.in:219 +#: src/config/SSSDConfig/__init__.py.in:220 msgid "Attribute with the reference to the original object" msgstr "Attribut faisant référence à l'objet originel " -#: src/config/SSSDConfig/__init__.py.in:220 +#: src/config/SSSDConfig/__init__.py.in:221 msgid "Objectclass for user override objects" msgstr "Classe d'objet surchargeant les utilisateurs" -#: src/config/SSSDConfig/__init__.py.in:221 +#: src/config/SSSDConfig/__init__.py.in:222 msgid "Objectclass for group override objects" msgstr "Classe d'objet surchargeant les groupes" -#: src/config/SSSDConfig/__init__.py.in:222 +#: src/config/SSSDConfig/__init__.py.in:223 #, fuzzy msgid "Search base for Desktop Profile related objects" msgstr "Base de recherche pour les objets HBAC" -#: src/config/SSSDConfig/__init__.py.in:223 +#: src/config/SSSDConfig/__init__.py.in:224 #, fuzzy msgid "" "The amount of time in seconds between lookups of the Desktop Profile rules " "against the IPA server" msgstr "Délai entre les recherches de cartes SELinux sur le serveur IPA" -#: src/config/SSSDConfig/__init__.py.in:224 +#: src/config/SSSDConfig/__init__.py.in:225 #, fuzzy msgid "" "The amount of time in minutes between lookups of Desktop Profiles rules " "against the IPA server when the last request did not find any rule" msgstr "Délai entre les recherches de règles HBAC sur le serveur IPA" -#: src/config/SSSDConfig/__init__.py.in:227 +#: src/config/SSSDConfig/__init__.py.in:228 msgid "Active Directory domain" msgstr "Domaine Active Directory" -#: src/config/SSSDConfig/__init__.py.in:228 +#: src/config/SSSDConfig/__init__.py.in:229 msgid "Enabled Active Directory domains" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:229 +#: src/config/SSSDConfig/__init__.py.in:230 msgid "Active Directory server address" msgstr "Adresse du serveur Active Directory" -#: src/config/SSSDConfig/__init__.py.in:230 +#: src/config/SSSDConfig/__init__.py.in:231 msgid "Active Directory backup server address" msgstr "Adresse du serveur Active Directory de secours" -#: src/config/SSSDConfig/__init__.py.in:231 +#: src/config/SSSDConfig/__init__.py.in:232 msgid "Active Directory client hostname" msgstr "Nom de système du client Active Directory" -#: src/config/SSSDConfig/__init__.py.in:233 -#: src/config/SSSDConfig/__init__.py.in:419 +#: src/config/SSSDConfig/__init__.py.in:234 +#: src/config/SSSDConfig/__init__.py.in:420 msgid "LDAP filter to determine access privileges" msgstr "Filtre LDAP pour déterminer les autorisations d'accès" -#: src/config/SSSDConfig/__init__.py.in:234 +#: src/config/SSSDConfig/__init__.py.in:235 msgid "Whether to use the Global Catalog for lookups" msgstr "Choisir d'utiliser ou non le catalogue global pour les recherches" -#: src/config/SSSDConfig/__init__.py.in:235 +#: src/config/SSSDConfig/__init__.py.in:236 msgid "Operation mode for GPO-based access control" msgstr "Mode opératoire pour les contrôles d'accès basé sur les GPO" -#: src/config/SSSDConfig/__init__.py.in:236 +#: src/config/SSSDConfig/__init__.py.in:237 msgid "" "The amount of time between lookups of the GPO policy files against the AD " "server" @@ -745,7 +750,7 @@ msgstr "" "Durée entre les recherches de fichiers de politiques de GPO dans le serveur " "AD" -#: src/config/SSSDConfig/__init__.py.in:237 +#: src/config/SSSDConfig/__init__.py.in:238 msgid "" "PAM service names that map to the GPO (Deny)InteractiveLogonRight policy " "settings" @@ -753,7 +758,7 @@ msgstr "" "Noms de services PAM correspondant à la configuration de la politique " "(Deny)InteractiveLogonRight de la GPO" -#: src/config/SSSDConfig/__init__.py.in:238 +#: src/config/SSSDConfig/__init__.py.in:239 msgid "" "PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight " "policy settings" @@ -761,266 +766,267 @@ msgstr "" "Noms de services PAM correspondant à la configuration de la politique " "(Deny)RemoteInteractiveLogonRight de la GPO" -#: src/config/SSSDConfig/__init__.py.in:239 +#: src/config/SSSDConfig/__init__.py.in:240 msgid "" "PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings" msgstr "" "Noms de services PAM correspondant à la configuration de la politique " "(Deny)NetworkLogonRight de la GPO" -#: src/config/SSSDConfig/__init__.py.in:240 +#: src/config/SSSDConfig/__init__.py.in:241 msgid "" "PAM service names that map to the GPO (Deny)BatchLogonRight policy settings" msgstr "" "Noms de services PAM correspondant à la configuration de la politique " "(Deny)BatchLogonRight de la GPO" -#: src/config/SSSDConfig/__init__.py.in:241 +#: src/config/SSSDConfig/__init__.py.in:242 msgid "" "PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings" msgstr "" "Noms de services PAM correspondant à la configuration de la politique " "(Deny)ServiceLogonRight de la GPO" -#: src/config/SSSDConfig/__init__.py.in:242 +#: src/config/SSSDConfig/__init__.py.in:243 msgid "PAM service names for which GPO-based access is always granted" msgstr "" "Noms de services PAM pour lesquels les accès s'appuyant sur la GPO sont " "toujours autorisés" -#: src/config/SSSDConfig/__init__.py.in:243 +#: src/config/SSSDConfig/__init__.py.in:244 msgid "PAM service names for which GPO-based access is always denied" msgstr "" "Noms de services PAM pour lesquels les accès s'appuyant sur la GPO sont " "toujours interdits" -#: src/config/SSSDConfig/__init__.py.in:244 +#: src/config/SSSDConfig/__init__.py.in:245 msgid "" "Default logon right (or permit/deny) to use for unmapped PAM service names" msgstr "" "Droit de connexion par défaut (ou permission/interdiction) à utiliser pour " "les noms de services sans correspondance" -#: src/config/SSSDConfig/__init__.py.in:245 +#: src/config/SSSDConfig/__init__.py.in:246 msgid "a particular site to be used by the client" msgstr "un site particulier utilisé par le client" -#: src/config/SSSDConfig/__init__.py.in:246 +#: src/config/SSSDConfig/__init__.py.in:247 msgid "" "Maximum age in days before the machine account password should be renewed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:247 +#: src/config/SSSDConfig/__init__.py.in:248 msgid "Option for tuning the machine account renewal task" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:250 #: src/config/SSSDConfig/__init__.py.in:251 +#: src/config/SSSDConfig/__init__.py.in:252 msgid "Kerberos server address" msgstr "Adresse du serveur Kerberos" -#: src/config/SSSDConfig/__init__.py.in:252 +#: src/config/SSSDConfig/__init__.py.in:253 msgid "Kerberos backup server address" msgstr "Adresse du serveur Kerberos de secours" -#: src/config/SSSDConfig/__init__.py.in:253 +#: src/config/SSSDConfig/__init__.py.in:254 msgid "Kerberos realm" msgstr "Domaine Kerberos" -#: src/config/SSSDConfig/__init__.py.in:254 +#: src/config/SSSDConfig/__init__.py.in:255 msgid "Authentication timeout" msgstr "Délai avant expiration de l'authentification" -#: src/config/SSSDConfig/__init__.py.in:255 +#: src/config/SSSDConfig/__init__.py.in:256 msgid "Whether to create kdcinfo files" msgstr "Choisir de créer ou non les fichiers kdcinfo" -#: src/config/SSSDConfig/__init__.py.in:256 +#: src/config/SSSDConfig/__init__.py.in:257 msgid "Where to drop krb5 config snippets" msgstr "Où déposer les extraits de configuration krb5" -#: src/config/SSSDConfig/__init__.py.in:259 +#: src/config/SSSDConfig/__init__.py.in:260 msgid "Directory to store credential caches" msgstr "Répertoire pour stocker les caches de crédits" -#: src/config/SSSDConfig/__init__.py.in:260 +#: src/config/SSSDConfig/__init__.py.in:261 msgid "Location of the user's credential cache" msgstr "Emplacement du cache de crédits de l'utilisateur" -#: src/config/SSSDConfig/__init__.py.in:261 +#: src/config/SSSDConfig/__init__.py.in:262 msgid "Location of the keytab to validate credentials" msgstr "Emplacement du fichier keytab de validation des crédits" -#: src/config/SSSDConfig/__init__.py.in:262 +#: src/config/SSSDConfig/__init__.py.in:263 msgid "Enable credential validation" msgstr "Activer la validation des crédits" -#: src/config/SSSDConfig/__init__.py.in:263 +#: src/config/SSSDConfig/__init__.py.in:264 msgid "Store password if offline for later online authentication" msgstr "" "Stocker le mot de passe, si hors-ligne, pour une authentification ultérieure " "en ligne" -#: src/config/SSSDConfig/__init__.py.in:264 +#: src/config/SSSDConfig/__init__.py.in:265 msgid "Renewable lifetime of the TGT" msgstr "Durée de vie renouvelable du TGT" -#: src/config/SSSDConfig/__init__.py.in:265 +#: src/config/SSSDConfig/__init__.py.in:266 msgid "Lifetime of the TGT" msgstr "Durée de vie du TGT" -#: src/config/SSSDConfig/__init__.py.in:266 +#: src/config/SSSDConfig/__init__.py.in:267 msgid "Time between two checks for renewal" msgstr "Durée entre deux vérifications pour le renouvellement" -#: src/config/SSSDConfig/__init__.py.in:267 +#: src/config/SSSDConfig/__init__.py.in:268 msgid "Enables FAST" msgstr "Active FAST" -#: src/config/SSSDConfig/__init__.py.in:268 +#: src/config/SSSDConfig/__init__.py.in:269 msgid "Selects the principal to use for FAST" msgstr "Sélectionne le principal à utiliser avec FAST" -#: src/config/SSSDConfig/__init__.py.in:269 +#: src/config/SSSDConfig/__init__.py.in:270 msgid "Enables principal canonicalization" msgstr "Active la canonisation du principal" -#: src/config/SSSDConfig/__init__.py.in:270 +#: src/config/SSSDConfig/__init__.py.in:271 msgid "Enables enterprise principals" msgstr "Active les principals d'entreprise" -#: src/config/SSSDConfig/__init__.py.in:271 -msgid "A mapping from user names to kerberos principal names" +#: src/config/SSSDConfig/__init__.py.in:272 +#, fuzzy +msgid "A mapping from user names to Kerberos principal names" msgstr "" "Une liste de correspondances entre noms d'utilisateurs et noms de principaux " "kerberos" -#: src/config/SSSDConfig/__init__.py.in:274 #: src/config/SSSDConfig/__init__.py.in:275 +#: src/config/SSSDConfig/__init__.py.in:276 msgid "Server where the change password service is running if not on the KDC" msgstr "" "Serveur où tourne le service de changement de mot de passe s'il n'est pas " "sur le KDC" -#: src/config/SSSDConfig/__init__.py.in:278 +#: src/config/SSSDConfig/__init__.py.in:279 msgid "ldap_uri, The URI of the LDAP server" msgstr "ldap_uri, l'adresse du serveur LDAP" -#: src/config/SSSDConfig/__init__.py.in:279 +#: src/config/SSSDConfig/__init__.py.in:280 msgid "ldap_backup_uri, The URI of the LDAP server" msgstr "ldap_backup_uri, l'URI du serveur LDAP" -#: src/config/SSSDConfig/__init__.py.in:280 +#: src/config/SSSDConfig/__init__.py.in:281 msgid "The default base DN" msgstr "La base DN par défaut" -#: src/config/SSSDConfig/__init__.py.in:281 +#: src/config/SSSDConfig/__init__.py.in:282 msgid "The Schema Type in use on the LDAP server, rfc2307" msgstr "Le type de schéma utilisé sur le serveur LDAP, rfc2307" -#: src/config/SSSDConfig/__init__.py.in:282 +#: src/config/SSSDConfig/__init__.py.in:283 msgid "The default bind DN" msgstr "Le DN de connexion par défaut" -#: src/config/SSSDConfig/__init__.py.in:283 +#: src/config/SSSDConfig/__init__.py.in:284 msgid "The type of the authentication token of the default bind DN" msgstr "Le type de jeton d'authentification du DN de connexion par défaut" -#: src/config/SSSDConfig/__init__.py.in:284 +#: src/config/SSSDConfig/__init__.py.in:285 msgid "The authentication token of the default bind DN" msgstr "Le jeton d'authentification du DN de connexion par défaut" -#: src/config/SSSDConfig/__init__.py.in:285 +#: src/config/SSSDConfig/__init__.py.in:286 msgid "Length of time to attempt connection" msgstr "Durée pendant laquelle il sera tenté d'établir la connexion" -#: src/config/SSSDConfig/__init__.py.in:286 +#: src/config/SSSDConfig/__init__.py.in:287 msgid "Length of time to attempt synchronous LDAP operations" msgstr "Durée pendant laquelle il sera tenté des opérations LDAP synchrones" -#: src/config/SSSDConfig/__init__.py.in:287 +#: src/config/SSSDConfig/__init__.py.in:288 msgid "Length of time between attempts to reconnect while offline" msgstr "Durée d'attente entre deux essais de reconnexion en mode hors-ligne" -#: src/config/SSSDConfig/__init__.py.in:288 +#: src/config/SSSDConfig/__init__.py.in:289 msgid "Use only the upper case for realm names" msgstr "N'utiliser que des majuscules pour les noms de domaine" -#: src/config/SSSDConfig/__init__.py.in:289 +#: src/config/SSSDConfig/__init__.py.in:290 msgid "File that contains CA certificates" msgstr "Fichier contenant les certificats des CA" -#: src/config/SSSDConfig/__init__.py.in:290 +#: src/config/SSSDConfig/__init__.py.in:291 msgid "Path to CA certificate directory" msgstr "Chemin vers le répertoire de certificats des CA" -#: src/config/SSSDConfig/__init__.py.in:291 +#: src/config/SSSDConfig/__init__.py.in:292 msgid "File that contains the client certificate" msgstr "Fichier contenant le certificat client" -#: src/config/SSSDConfig/__init__.py.in:292 +#: src/config/SSSDConfig/__init__.py.in:293 msgid "File that contains the client key" msgstr "Fichier contenant la clé du client" -#: src/config/SSSDConfig/__init__.py.in:293 +#: src/config/SSSDConfig/__init__.py.in:294 msgid "List of possible ciphers suites" msgstr "Liste des suites de chiffrement possibles" -#: src/config/SSSDConfig/__init__.py.in:294 +#: src/config/SSSDConfig/__init__.py.in:295 msgid "Require TLS certificate verification" msgstr "Requiert une vérification de certificat TLS" -#: src/config/SSSDConfig/__init__.py.in:295 +#: src/config/SSSDConfig/__init__.py.in:296 msgid "Specify the sasl mechanism to use" msgstr "Spécifier le mécanisme SASL à utiliser" -#: src/config/SSSDConfig/__init__.py.in:296 +#: src/config/SSSDConfig/__init__.py.in:297 msgid "Specify the sasl authorization id to use" msgstr "Spécifier l'identité d'authorisation SASL à utiliser" -#: src/config/SSSDConfig/__init__.py.in:297 +#: src/config/SSSDConfig/__init__.py.in:298 msgid "Specify the sasl authorization realm to use" msgstr "Spécifier le domaine d'authorisation SASL à utiliser" -#: src/config/SSSDConfig/__init__.py.in:298 +#: src/config/SSSDConfig/__init__.py.in:299 msgid "Specify the minimal SSF for LDAP sasl authorization" msgstr "Spécifie le minimum SSF pour l'autorisation sasl LDAP" -#: src/config/SSSDConfig/__init__.py.in:299 +#: src/config/SSSDConfig/__init__.py.in:300 msgid "Kerberos service keytab" msgstr "Service du fichier keytab de Kerberos" -#: src/config/SSSDConfig/__init__.py.in:300 +#: src/config/SSSDConfig/__init__.py.in:301 msgid "Use Kerberos auth for LDAP connection" msgstr "Utiliser l'authentification Kerberos pour la connexion LDAP" -#: src/config/SSSDConfig/__init__.py.in:301 +#: src/config/SSSDConfig/__init__.py.in:302 msgid "Follow LDAP referrals" msgstr "Suivre les référents LDAP" -#: src/config/SSSDConfig/__init__.py.in:302 +#: src/config/SSSDConfig/__init__.py.in:303 msgid "Lifetime of TGT for LDAP connection" msgstr "Durée de vie du TGT pour la connexion LDAP" -#: src/config/SSSDConfig/__init__.py.in:303 +#: src/config/SSSDConfig/__init__.py.in:304 msgid "How to dereference aliases" msgstr "Comment déréférencer les alias" -#: src/config/SSSDConfig/__init__.py.in:304 +#: src/config/SSSDConfig/__init__.py.in:305 msgid "Service name for DNS service lookups" msgstr "Nom du service pour les recherches DNS" -#: src/config/SSSDConfig/__init__.py.in:305 +#: src/config/SSSDConfig/__init__.py.in:306 msgid "The number of records to retrieve in a single LDAP query" msgstr "Le nombre d'enregistrements à récupérer dans une requête LDAP unique" -#: src/config/SSSDConfig/__init__.py.in:306 +#: src/config/SSSDConfig/__init__.py.in:307 msgid "The number of members that must be missing to trigger a full deref" msgstr "" "Nombre de membres qui doivent être manquants pour activer un déréférencement " "complet" -#: src/config/SSSDConfig/__init__.py.in:307 +#: src/config/SSSDConfig/__init__.py.in:308 msgid "" "Whether the LDAP library should perform a reverse lookup to canonicalize the " "host name during a SASL bind" @@ -1028,400 +1034,401 @@ msgstr "" "Est-ce que la bibliothèque LDAP doit effectuer une requête pour canoniser le " "nom d'hôte pendant une connexion SASL ?" -#: src/config/SSSDConfig/__init__.py.in:309 +#: src/config/SSSDConfig/__init__.py.in:310 msgid "entryUSN attribute" msgstr "attribut entryUSN" -#: src/config/SSSDConfig/__init__.py.in:310 +#: src/config/SSSDConfig/__init__.py.in:311 msgid "lastUSN attribute" msgstr "attribut lastUSN" -#: src/config/SSSDConfig/__init__.py.in:312 +#: src/config/SSSDConfig/__init__.py.in:313 msgid "How long to retain a connection to the LDAP server before disconnecting" msgstr "" "Combien de temps conserver la connexion au serveur LDAP avant de se " "déconnecter" -#: src/config/SSSDConfig/__init__.py.in:314 +#: src/config/SSSDConfig/__init__.py.in:315 msgid "Disable the LDAP paging control" msgstr "Désactiver le contrôle des pages LDAP" -#: src/config/SSSDConfig/__init__.py.in:315 +#: src/config/SSSDConfig/__init__.py.in:316 msgid "Disable Active Directory range retrieval" msgstr "Désactiver la récupération de plage Active Directory." -#: src/config/SSSDConfig/__init__.py.in:318 +#: src/config/SSSDConfig/__init__.py.in:319 msgid "Length of time to wait for a search request" msgstr "Durée d'attente pour une requête de recherche" -#: src/config/SSSDConfig/__init__.py.in:319 +#: src/config/SSSDConfig/__init__.py.in:320 msgid "Length of time to wait for a enumeration request" msgstr "Durée d'attente pour une requête d'énumération" -#: src/config/SSSDConfig/__init__.py.in:320 +#: src/config/SSSDConfig/__init__.py.in:321 msgid "Length of time between enumeration updates" msgstr "Durée entre deux mises à jour d'énumération" -#: src/config/SSSDConfig/__init__.py.in:321 +#: src/config/SSSDConfig/__init__.py.in:322 msgid "Length of time between cache cleanups" msgstr "Durée entre les nettoyages de cache" -#: src/config/SSSDConfig/__init__.py.in:322 +#: src/config/SSSDConfig/__init__.py.in:323 msgid "Require TLS for ID lookups" msgstr "TLS est requis pour les recherches d'identifiants" -#: src/config/SSSDConfig/__init__.py.in:323 +#: src/config/SSSDConfig/__init__.py.in:324 msgid "Use ID-mapping of objectSID instead of pre-set IDs" msgstr "" "Utilisation de la correspondance d'ID pour les objectSID au lieu d'ID pré-" "établis" -#: src/config/SSSDConfig/__init__.py.in:324 +#: src/config/SSSDConfig/__init__.py.in:325 msgid "Base DN for user lookups" msgstr "Base DN pour les recherches d'utilisateurs" -#: src/config/SSSDConfig/__init__.py.in:325 +#: src/config/SSSDConfig/__init__.py.in:326 msgid "Scope of user lookups" msgstr "Scope des recherches d'utilisateurs" -#: src/config/SSSDConfig/__init__.py.in:326 +#: src/config/SSSDConfig/__init__.py.in:327 msgid "Filter for user lookups" msgstr "Filtre pour les recherches d'utilisateurs" -#: src/config/SSSDConfig/__init__.py.in:327 +#: src/config/SSSDConfig/__init__.py.in:328 msgid "Objectclass for users" msgstr "Classe d'objet pour les utilisateurs" -#: src/config/SSSDConfig/__init__.py.in:328 +#: src/config/SSSDConfig/__init__.py.in:329 msgid "Username attribute" msgstr "Attribut de nom d'utilisateur" -#: src/config/SSSDConfig/__init__.py.in:330 +#: src/config/SSSDConfig/__init__.py.in:331 msgid "UID attribute" msgstr "Attribut UID" -#: src/config/SSSDConfig/__init__.py.in:331 +#: src/config/SSSDConfig/__init__.py.in:332 msgid "Primary GID attribute" msgstr "Attribut de GID primaire" -#: src/config/SSSDConfig/__init__.py.in:332 +#: src/config/SSSDConfig/__init__.py.in:333 msgid "GECOS attribute" msgstr "Attribut GECOS" -#: src/config/SSSDConfig/__init__.py.in:333 +#: src/config/SSSDConfig/__init__.py.in:334 msgid "Home directory attribute" msgstr "Attribut de répertoire utilisateur" -#: src/config/SSSDConfig/__init__.py.in:334 +#: src/config/SSSDConfig/__init__.py.in:335 msgid "Shell attribute" msgstr "Attribut d'interpréteur de commandes" -#: src/config/SSSDConfig/__init__.py.in:335 +#: src/config/SSSDConfig/__init__.py.in:336 msgid "UUID attribute" msgstr "attribut UUID" -#: src/config/SSSDConfig/__init__.py.in:336 -#: src/config/SSSDConfig/__init__.py.in:378 +#: src/config/SSSDConfig/__init__.py.in:337 +#: src/config/SSSDConfig/__init__.py.in:379 msgid "objectSID attribute" msgstr "attribut objectSID" -#: src/config/SSSDConfig/__init__.py.in:337 +#: src/config/SSSDConfig/__init__.py.in:338 msgid "Active Directory primary group attribute for ID-mapping" msgstr "Groupe primaire Active Directory pour la correspondance d'ID" -#: src/config/SSSDConfig/__init__.py.in:338 +#: src/config/SSSDConfig/__init__.py.in:339 msgid "User principal attribute (for Kerberos)" msgstr "Attribut d'utilisateur principal (pour Kerberos)" -#: src/config/SSSDConfig/__init__.py.in:339 +#: src/config/SSSDConfig/__init__.py.in:340 msgid "Full Name" msgstr "Nom complet" -#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:341 msgid "memberOf attribute" msgstr "Attribut memberOf" -#: src/config/SSSDConfig/__init__.py.in:341 +#: src/config/SSSDConfig/__init__.py.in:342 msgid "Modification time attribute" msgstr "Attribut de date de modification" -#: src/config/SSSDConfig/__init__.py.in:343 +#: src/config/SSSDConfig/__init__.py.in:344 msgid "shadowLastChange attribute" msgstr "Attribut shadowLastChange" -#: src/config/SSSDConfig/__init__.py.in:344 +#: src/config/SSSDConfig/__init__.py.in:345 msgid "shadowMin attribute" msgstr "Attribut shadowMin" -#: src/config/SSSDConfig/__init__.py.in:345 +#: src/config/SSSDConfig/__init__.py.in:346 msgid "shadowMax attribute" msgstr "Attribut shadowMax" -#: src/config/SSSDConfig/__init__.py.in:346 +#: src/config/SSSDConfig/__init__.py.in:347 msgid "shadowWarning attribute" msgstr "Attribut shadowWarning" -#: src/config/SSSDConfig/__init__.py.in:347 +#: src/config/SSSDConfig/__init__.py.in:348 msgid "shadowInactive attribute" msgstr "Attribut shadowInactive" -#: src/config/SSSDConfig/__init__.py.in:348 +#: src/config/SSSDConfig/__init__.py.in:349 msgid "shadowExpire attribute" msgstr "Attribut shadowExpire" -#: src/config/SSSDConfig/__init__.py.in:349 +#: src/config/SSSDConfig/__init__.py.in:350 msgid "shadowFlag attribute" msgstr "Attribut shadowFlag" -#: src/config/SSSDConfig/__init__.py.in:350 +#: src/config/SSSDConfig/__init__.py.in:351 msgid "Attribute listing authorized PAM services" msgstr "Attribut listant les services PAM autorisés" -#: src/config/SSSDConfig/__init__.py.in:351 +#: src/config/SSSDConfig/__init__.py.in:352 msgid "Attribute listing authorized server hosts" msgstr "Attribut listant les systèmes serveurs autorisés" -#: src/config/SSSDConfig/__init__.py.in:352 +#: src/config/SSSDConfig/__init__.py.in:353 #, fuzzy msgid "Attribute listing authorized server rhosts" msgstr "Attribut listant les systèmes serveurs autorisés" -#: src/config/SSSDConfig/__init__.py.in:353 +#: src/config/SSSDConfig/__init__.py.in:354 msgid "krbLastPwdChange attribute" msgstr "Attribut krbLastPwdChange" -#: src/config/SSSDConfig/__init__.py.in:354 +#: src/config/SSSDConfig/__init__.py.in:355 msgid "krbPasswordExpiration attribute" msgstr "Attribut krbPasswordExpiration" -#: src/config/SSSDConfig/__init__.py.in:355 +#: src/config/SSSDConfig/__init__.py.in:356 msgid "Attribute indicating that server side password policies are active" msgstr "" "Attribut indiquant que la stratégie de mot de passe du serveur est active" -#: src/config/SSSDConfig/__init__.py.in:356 +#: src/config/SSSDConfig/__init__.py.in:357 msgid "accountExpires attribute of AD" msgstr "Attribut AD accountExpires" -#: src/config/SSSDConfig/__init__.py.in:357 +#: src/config/SSSDConfig/__init__.py.in:358 msgid "userAccountControl attribute of AD" msgstr "Attribut AD userAccountControl" -#: src/config/SSSDConfig/__init__.py.in:358 +#: src/config/SSSDConfig/__init__.py.in:359 msgid "nsAccountLock attribute" msgstr "Attribut nsAccountLock" -#: src/config/SSSDConfig/__init__.py.in:359 +#: src/config/SSSDConfig/__init__.py.in:360 msgid "loginDisabled attribute of NDS" msgstr "Attribut NDS loginDisabled" -#: src/config/SSSDConfig/__init__.py.in:360 +#: src/config/SSSDConfig/__init__.py.in:361 msgid "loginExpirationTime attribute of NDS" msgstr "Attribut NDS loginExpirationTime" -#: src/config/SSSDConfig/__init__.py.in:361 +#: src/config/SSSDConfig/__init__.py.in:362 msgid "loginAllowedTimeMap attribute of NDS" msgstr "Attribut NDS loginAllowedTimeMap" -#: src/config/SSSDConfig/__init__.py.in:362 +#: src/config/SSSDConfig/__init__.py.in:363 msgid "SSH public key attribute" msgstr "Attribut de clé public SSH" -#: src/config/SSSDConfig/__init__.py.in:363 +#: src/config/SSSDConfig/__init__.py.in:364 msgid "attribute listing allowed authentication types for a user" msgstr "" "attribut énumérant les types d'authentification autorisés pour un utilisateur" -#: src/config/SSSDConfig/__init__.py.in:364 +#: src/config/SSSDConfig/__init__.py.in:365 msgid "attribute containing the X509 certificate of the user" msgstr "attribut contenant le certificat X509 de l'utilisateur" -#: src/config/SSSDConfig/__init__.py.in:365 +#: src/config/SSSDConfig/__init__.py.in:366 msgid "attribute containing the email address of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:367 +#: src/config/SSSDConfig/__init__.py.in:368 msgid "A list of extra attributes to download along with the user entry" msgstr "" "Une liste des attributs supplémentaires à télécharger avec l'entrée de " "l'utilisateur" -#: src/config/SSSDConfig/__init__.py.in:369 +#: src/config/SSSDConfig/__init__.py.in:370 msgid "Base DN for group lookups" msgstr "DN de base pour les recherches de groupes" -#: src/config/SSSDConfig/__init__.py.in:372 +#: src/config/SSSDConfig/__init__.py.in:373 msgid "Objectclass for groups" msgstr "Classe d'objet pour les groupes" -#: src/config/SSSDConfig/__init__.py.in:373 +#: src/config/SSSDConfig/__init__.py.in:374 msgid "Group name" msgstr "Nom du groupe" -#: src/config/SSSDConfig/__init__.py.in:374 +#: src/config/SSSDConfig/__init__.py.in:375 msgid "Group password" msgstr "Mot de passe du groupe" -#: src/config/SSSDConfig/__init__.py.in:375 +#: src/config/SSSDConfig/__init__.py.in:376 msgid "GID attribute" msgstr "Attribut GID" -#: src/config/SSSDConfig/__init__.py.in:376 +#: src/config/SSSDConfig/__init__.py.in:377 msgid "Group member attribute" msgstr "Attribut membre du groupe" -#: src/config/SSSDConfig/__init__.py.in:377 +#: src/config/SSSDConfig/__init__.py.in:378 msgid "Group UUID attribute" msgstr "attribut de l'UUID du groupe" -#: src/config/SSSDConfig/__init__.py.in:379 +#: src/config/SSSDConfig/__init__.py.in:380 msgid "Modification time attribute for groups" msgstr "Attribut de date de modification pour les groupes" -#: src/config/SSSDConfig/__init__.py.in:380 +#: src/config/SSSDConfig/__init__.py.in:381 msgid "Type of the group and other flags" msgstr "Type de groupe et autres indicateurs" -#: src/config/SSSDConfig/__init__.py.in:381 +#: src/config/SSSDConfig/__init__.py.in:382 msgid "The LDAP group external member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:383 -msgid "Maximum nesting level SSSd will follow" +#: src/config/SSSDConfig/__init__.py.in:384 +#, fuzzy +msgid "Maximum nesting level SSSD will follow" msgstr "Niveau de récursion maximum que SSSd doit suivre" -#: src/config/SSSDConfig/__init__.py.in:385 +#: src/config/SSSDConfig/__init__.py.in:386 msgid "Base DN for netgroup lookups" msgstr "DN de base pour les recherches de netgroup" -#: src/config/SSSDConfig/__init__.py.in:386 +#: src/config/SSSDConfig/__init__.py.in:387 msgid "Objectclass for netgroups" msgstr "Classe d'objet pour les groupes réseau" -#: src/config/SSSDConfig/__init__.py.in:387 +#: src/config/SSSDConfig/__init__.py.in:388 msgid "Netgroup name" msgstr "Nom du groupe réseau" -#: src/config/SSSDConfig/__init__.py.in:388 +#: src/config/SSSDConfig/__init__.py.in:389 msgid "Netgroups members attribute" msgstr "Attribut des membres des groupes réseau" -#: src/config/SSSDConfig/__init__.py.in:389 +#: src/config/SSSDConfig/__init__.py.in:390 msgid "Netgroup triple attribute" msgstr "Attribut triplet du groupe réseau" -#: src/config/SSSDConfig/__init__.py.in:390 +#: src/config/SSSDConfig/__init__.py.in:391 msgid "Modification time attribute for netgroups" msgstr "Attribut date de modification pour les groupes réseau" -#: src/config/SSSDConfig/__init__.py.in:392 +#: src/config/SSSDConfig/__init__.py.in:393 msgid "Base DN for service lookups" msgstr "Nom de domaine (DN) de base pour les recherches de service" -#: src/config/SSSDConfig/__init__.py.in:393 +#: src/config/SSSDConfig/__init__.py.in:394 msgid "Objectclass for services" msgstr "Classe objet pour les services" -#: src/config/SSSDConfig/__init__.py.in:394 +#: src/config/SSSDConfig/__init__.py.in:395 msgid "Service name attribute" msgstr "Attribut de nom de service" -#: src/config/SSSDConfig/__init__.py.in:395 +#: src/config/SSSDConfig/__init__.py.in:396 msgid "Service port attribute" msgstr "Attribut de port du service" -#: src/config/SSSDConfig/__init__.py.in:396 +#: src/config/SSSDConfig/__init__.py.in:397 msgid "Service protocol attribute" msgstr "Attribut de service du protocole" -#: src/config/SSSDConfig/__init__.py.in:399 +#: src/config/SSSDConfig/__init__.py.in:400 msgid "Lower bound for ID-mapping" msgstr "Limite inférieure pour la correspondance d'ID" -#: src/config/SSSDConfig/__init__.py.in:400 +#: src/config/SSSDConfig/__init__.py.in:401 msgid "Upper bound for ID-mapping" msgstr "Limite supérieure pour la correspondance d'ID" -#: src/config/SSSDConfig/__init__.py.in:401 +#: src/config/SSSDConfig/__init__.py.in:402 msgid "Number of IDs for each slice when ID-mapping" msgstr "Nombre d'ID par tranche pour la correspondance d'ID" -#: src/config/SSSDConfig/__init__.py.in:402 +#: src/config/SSSDConfig/__init__.py.in:403 msgid "Use autorid-compatible algorithm for ID-mapping" msgstr "" "Utilisation d'un algorithme compatible autorid pour la correspondance d'ID" -#: src/config/SSSDConfig/__init__.py.in:403 +#: src/config/SSSDConfig/__init__.py.in:404 msgid "Name of the default domain for ID-mapping" msgstr "Nom du domaine par défaut pour la correspondance d'ID" -#: src/config/SSSDConfig/__init__.py.in:404 +#: src/config/SSSDConfig/__init__.py.in:405 msgid "SID of the default domain for ID-mapping" msgstr "SID du domaine par défaut pour la correspondance d'ID" -#: src/config/SSSDConfig/__init__.py.in:405 +#: src/config/SSSDConfig/__init__.py.in:406 msgid "Number of secondary slices" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:407 +#: src/config/SSSDConfig/__init__.py.in:408 msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups" msgstr "Utiliser LDAP_MATCHING_RULE_IN_CHAIN pour les recherches de groupes" -#: src/config/SSSDConfig/__init__.py.in:408 +#: src/config/SSSDConfig/__init__.py.in:409 msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups" msgstr "" "Utiliser LDAP_MATCHING_RULE_IN_CHAIN pour les recherches de groupes " "d'initialisation" -#: src/config/SSSDConfig/__init__.py.in:409 +#: src/config/SSSDConfig/__init__.py.in:410 msgid "Whether to use Token-Groups" msgstr "Choisir d'utiliser ou non les groupes de jetons" -#: src/config/SSSDConfig/__init__.py.in:410 +#: src/config/SSSDConfig/__init__.py.in:411 msgid "Set lower boundary for allowed IDs from the LDAP server" msgstr "" "Définir la limite inférieure d'identifiants autorisés pour l'annuaire LDAP" -#: src/config/SSSDConfig/__init__.py.in:411 +#: src/config/SSSDConfig/__init__.py.in:412 msgid "Set upper boundary for allowed IDs from the LDAP server" msgstr "" "Définir la limite supérieure d'identifiants autorisés pour l'annuaire LDAP" -#: src/config/SSSDConfig/__init__.py.in:412 +#: src/config/SSSDConfig/__init__.py.in:413 msgid "DN for ppolicy queries" msgstr "DN pour les requêtes sur ppolicy" -#: src/config/SSSDConfig/__init__.py.in:413 +#: src/config/SSSDConfig/__init__.py.in:414 msgid "How many maximum entries to fetch during a wildcard request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:416 +#: src/config/SSSDConfig/__init__.py.in:417 msgid "Policy to evaluate the password expiration" msgstr "Stratégie d'évaluation de l'expiration du mot de passe" -#: src/config/SSSDConfig/__init__.py.in:420 +#: src/config/SSSDConfig/__init__.py.in:421 msgid "Which attributes shall be used to evaluate if an account is expired" msgstr "Quels attributs utiliser pour déterminer si un compte a expiré" -#: src/config/SSSDConfig/__init__.py.in:421 +#: src/config/SSSDConfig/__init__.py.in:422 msgid "Which rules should be used to evaluate access control" msgstr "Quelles règles utiliser pour évaluer le contrôle d'accès" -#: src/config/SSSDConfig/__init__.py.in:424 +#: src/config/SSSDConfig/__init__.py.in:425 msgid "URI of an LDAP server where password changes are allowed" msgstr "URI d'un serveur LDAP où les changements de mot de passe sont acceptés" -#: src/config/SSSDConfig/__init__.py.in:425 +#: src/config/SSSDConfig/__init__.py.in:426 msgid "URI of a backup LDAP server where password changes are allowed" msgstr "" "URI d'un serveur LDAP de secours où sont autorisées les modifications de mot " "de passe" -#: src/config/SSSDConfig/__init__.py.in:426 +#: src/config/SSSDConfig/__init__.py.in:427 msgid "DNS service name for LDAP password change server" msgstr "Nom du service DNS pour le serveur de changement de mot de passe LDAP" -#: src/config/SSSDConfig/__init__.py.in:427 +#: src/config/SSSDConfig/__init__.py.in:428 msgid "" "Whether to update the ldap_user_shadow_last_change attribute after a " "password change" @@ -1429,23 +1436,23 @@ msgstr "" "Choix de mise à jour de l'attribut ldap_user_shadow_last_change après un " "changement de mot de passe" -#: src/config/SSSDConfig/__init__.py.in:430 +#: src/config/SSSDConfig/__init__.py.in:431 msgid "Base DN for sudo rules lookups" msgstr "Nom de domaine (DN) de base pour les recherches de règles sudo" -#: src/config/SSSDConfig/__init__.py.in:431 +#: src/config/SSSDConfig/__init__.py.in:432 msgid "Automatic full refresh period" msgstr "Périodicité de rafraichissement total" -#: src/config/SSSDConfig/__init__.py.in:432 +#: src/config/SSSDConfig/__init__.py.in:433 msgid "Automatic smart refresh period" msgstr "Périodicité de rafraichissement intelligent" -#: src/config/SSSDConfig/__init__.py.in:433 +#: src/config/SSSDConfig/__init__.py.in:434 msgid "Whether to filter rules by hostname, IP addresses and network" msgstr "Filter ou non sur les noms de systèmes, adresses IP et réseaux" -#: src/config/SSSDConfig/__init__.py.in:434 +#: src/config/SSSDConfig/__init__.py.in:435 msgid "" "Hostnames and/or fully qualified domain names of this machine to filter sudo " "rules" @@ -1453,285 +1460,289 @@ msgstr "" "Noms de systèmes et/ou noms pleinement qualifiés de cette machine pour " "filtrer les règles sudo" -#: src/config/SSSDConfig/__init__.py.in:435 +#: src/config/SSSDConfig/__init__.py.in:436 msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" msgstr "" "Adresses ou réseaux IPv4 ou IPv6 de cette machine pour filtrer les règles " "sudo" -#: src/config/SSSDConfig/__init__.py.in:436 +#: src/config/SSSDConfig/__init__.py.in:437 msgid "Whether to include rules that contains netgroup in host attribute" msgstr "" "Inclure ou non les règles qui contiennent un netgroup dans l'attribut host" -#: src/config/SSSDConfig/__init__.py.in:437 +#: src/config/SSSDConfig/__init__.py.in:438 msgid "" "Whether to include rules that contains regular expression in host attribute" msgstr "" "Inclure ou non les règles qui contiennent une expression rationnelle dans " "l'attribut host" -#: src/config/SSSDConfig/__init__.py.in:438 +#: src/config/SSSDConfig/__init__.py.in:439 msgid "Object class for sudo rules" msgstr "Classe objet pour les règles sudo" -#: src/config/SSSDConfig/__init__.py.in:439 +#: src/config/SSSDConfig/__init__.py.in:440 msgid "Sudo rule name" msgstr "Règle de nom sudo" -#: src/config/SSSDConfig/__init__.py.in:440 +#: src/config/SSSDConfig/__init__.py.in:441 msgid "Sudo rule command attribute" msgstr "Attribut de commande de règle sudo" -#: src/config/SSSDConfig/__init__.py.in:441 +#: src/config/SSSDConfig/__init__.py.in:442 msgid "Sudo rule host attribute" msgstr "Attribut hôte de la règle sudo" -#: src/config/SSSDConfig/__init__.py.in:442 +#: src/config/SSSDConfig/__init__.py.in:443 msgid "Sudo rule user attribute" msgstr "Attribut utilisateur de la règle sudo" -#: src/config/SSSDConfig/__init__.py.in:443 +#: src/config/SSSDConfig/__init__.py.in:444 msgid "Sudo rule option attribute" msgstr "Attribut option de la règle sudo" -#: src/config/SSSDConfig/__init__.py.in:444 +#: src/config/SSSDConfig/__init__.py.in:445 msgid "Sudo rule runas attribute" msgstr "Attribut de règle sudo runas" -#: src/config/SSSDConfig/__init__.py.in:445 +#: src/config/SSSDConfig/__init__.py.in:446 msgid "Sudo rule runasuser attribute" msgstr "Attribut runasuser de la règle sudo" -#: src/config/SSSDConfig/__init__.py.in:446 +#: src/config/SSSDConfig/__init__.py.in:447 msgid "Sudo rule runasgroup attribute" msgstr "Attribut runasgroup de la règle sudo" -#: src/config/SSSDConfig/__init__.py.in:447 +#: src/config/SSSDConfig/__init__.py.in:448 msgid "Sudo rule notbefore attribute" msgstr "Attribut notbefore de la règle sudo" -#: src/config/SSSDConfig/__init__.py.in:448 +#: src/config/SSSDConfig/__init__.py.in:449 msgid "Sudo rule notafter attribute" msgstr "Attribut notafter de règle sudo" -#: src/config/SSSDConfig/__init__.py.in:449 +#: src/config/SSSDConfig/__init__.py.in:450 msgid "Sudo rule order attribute" msgstr "Attribut d'ordre de règle sudo" -#: src/config/SSSDConfig/__init__.py.in:452 +#: src/config/SSSDConfig/__init__.py.in:453 msgid "Object class for automounter maps" msgstr "Classe objet pour la carte de montage automatique" -#: src/config/SSSDConfig/__init__.py.in:453 +#: src/config/SSSDConfig/__init__.py.in:454 msgid "Automounter map name attribute" msgstr "Nom de l'attribut de carte de montage automatique" -#: src/config/SSSDConfig/__init__.py.in:454 +#: src/config/SSSDConfig/__init__.py.in:455 msgid "Object class for automounter map entries" msgstr "Classe objet pour l'entrée de référence de montage automatique" -#: src/config/SSSDConfig/__init__.py.in:455 +#: src/config/SSSDConfig/__init__.py.in:456 msgid "Automounter map entry key attribute" msgstr "Attribut de clé d'entrée pour la carte de montage automatique" -#: src/config/SSSDConfig/__init__.py.in:456 +#: src/config/SSSDConfig/__init__.py.in:457 msgid "Automounter map entry value attribute" msgstr "Attribut de valeur pour la carte de montage automatique" -#: src/config/SSSDConfig/__init__.py.in:457 +#: src/config/SSSDConfig/__init__.py.in:458 msgid "Base DN for automounter map lookups" msgstr "Base DN pour les requêtes de carte de montage automatique" -#: src/config/SSSDConfig/__init__.py.in:460 +#: src/config/SSSDConfig/__init__.py.in:461 msgid "Comma separated list of allowed users" msgstr "Liste, séparée par des virgules, d'utilisateurs autorisés" -#: src/config/SSSDConfig/__init__.py.in:461 +#: src/config/SSSDConfig/__init__.py.in:462 msgid "Comma separated list of prohibited users" msgstr "Liste, séparée par des virgules, d'utilisateurs interdits" -#: src/config/SSSDConfig/__init__.py.in:464 +#: src/config/SSSDConfig/__init__.py.in:465 msgid "Default shell, /bin/bash" msgstr "Interpréteur de commande par défaut : /bin/bash" -#: src/config/SSSDConfig/__init__.py.in:465 +#: src/config/SSSDConfig/__init__.py.in:466 msgid "Base for home directories" msgstr "Base pour les répertoires utilisateur" -#: src/config/SSSDConfig/__init__.py.in:468 +#: src/config/SSSDConfig/__init__.py.in:469 msgid "The number of preforked proxy children." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:471 +#: src/config/SSSDConfig/__init__.py.in:472 msgid "The name of the NSS library to use" msgstr "Nom de la bibliothèque NSS à utiliser" -#: src/config/SSSDConfig/__init__.py.in:472 +#: src/config/SSSDConfig/__init__.py.in:473 msgid "Whether to look up canonical group name from cache if possible" msgstr "Rechercher le nom canonique du groupe dans le cache si possible" -#: src/config/SSSDConfig/__init__.py.in:475 +#: src/config/SSSDConfig/__init__.py.in:476 msgid "PAM stack to use" msgstr "Pile PAM à utiliser" -#: src/monitor/monitor.c:2469 +#: src/monitor/monitor.c:2449 msgid "Become a daemon (default)" msgstr "Devenir un démon (par défaut)" -#: src/monitor/monitor.c:2471 +#: src/monitor/monitor.c:2451 msgid "Run interactive (not a daemon)" msgstr "Fonctionner en interactif (non démon)" -#: src/monitor/monitor.c:2474 +#: src/monitor/monitor.c:2454 msgid "Disable netlink interface" msgstr "" -#: src/monitor/monitor.c:2476 src/tools/sssctl/sssctl_logs.c:311 +#: src/monitor/monitor.c:2456 src/tools/sssctl/sssctl_logs.c:311 msgid "Specify a non-default config file" msgstr "Définir un fichier de configuration différent de celui par défaut" -#: src/monitor/monitor.c:2478 +#: src/monitor/monitor.c:2458 msgid "Refresh the configuration database, then exit" msgstr "" -#: src/monitor/monitor.c:2481 +#: src/monitor/monitor.c:2461 msgid "Print version number and exit" msgstr "Afficher le numéro de version et quitte" -#: src/monitor/monitor.c:2645 +#: src/monitor/monitor.c:2627 msgid "SSSD is already running\n" msgstr "" -#: src/providers/krb5/krb5_child.c:3032 src/providers/ldap/ldap_child.c:616 +#: src/providers/krb5/krb5_child.c:3216 src/providers/ldap/ldap_child.c:617 msgid "Debug level" msgstr "Niveau de débogage" -#: src/providers/krb5/krb5_child.c:3034 src/providers/ldap/ldap_child.c:618 +#: src/providers/krb5/krb5_child.c:3218 src/providers/ldap/ldap_child.c:619 msgid "Add debug timestamps" msgstr "Ajouter l'horodatage au débogage" -#: src/providers/krb5/krb5_child.c:3036 src/providers/ldap/ldap_child.c:620 +#: src/providers/krb5/krb5_child.c:3220 src/providers/ldap/ldap_child.c:621 msgid "Show timestamps with microseconds" msgstr "Afficher l'horodatage en microsecondes" -#: src/providers/krb5/krb5_child.c:3038 src/providers/ldap/ldap_child.c:622 +#: src/providers/krb5/krb5_child.c:3222 src/providers/ldap/ldap_child.c:623 msgid "An open file descriptor for the debug logs" msgstr "Un descripteur de fichier ouvert pour les journaux de débogage" -#: src/providers/krb5/krb5_child.c:3041 src/providers/ldap/ldap_child.c:624 +#: src/providers/krb5/krb5_child.c:3225 src/providers/ldap/ldap_child.c:625 msgid "Send the debug output to stderr directly." msgstr "Envoyer la sortie de débogage directement vers l'erreur standard." -#: src/providers/krb5/krb5_child.c:3043 +#: src/providers/krb5/krb5_child.c:3228 msgid "The user to create FAST ccache as" msgstr "L'utilisateur à utiliser pour la création du ccache FAST" -#: src/providers/krb5/krb5_child.c:3045 +#: src/providers/krb5/krb5_child.c:3230 msgid "The group to create FAST ccache as" msgstr "Le groupe à utiliser pour la création du ccache FAST" -#: src/providers/krb5/krb5_child.c:3047 +#: src/providers/krb5/krb5_child.c:3232 msgid "Kerberos realm to use" msgstr "" -#: src/providers/krb5/krb5_child.c:3049 +#: src/providers/krb5/krb5_child.c:3234 msgid "Requested lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:3051 +#: src/providers/krb5/krb5_child.c:3236 msgid "Requested renewable lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:3053 +#: src/providers/krb5/krb5_child.c:3238 msgid "FAST options ('never', 'try', 'demand')" msgstr "" -#: src/providers/krb5/krb5_child.c:3056 +#: src/providers/krb5/krb5_child.c:3241 msgid "Specifies the server principal to use for FAST" msgstr "" -#: src/providers/krb5/krb5_child.c:3058 +#: src/providers/krb5/krb5_child.c:3243 msgid "Requests canonicalization of the principal name" msgstr "" -#: src/providers/data_provider_be.c:553 +#: src/providers/krb5/krb5_child.c:3245 +msgid "Use custom version of krb5_get_init_creds_password" +msgstr "" + +#: src/providers/data_provider_be.c:555 msgid "Domain of the information provider (mandatory)" msgstr "Domaine du fournisseur d'informations (obligatoire)" -#: src/sss_client/common.c:1061 +#: src/sss_client/common.c:1066 msgid "Privileged socket has wrong ownership or permissions." msgstr "" "Le socket privilégié a de mauvaises permissions ou un mauvais propriétaire." -#: src/sss_client/common.c:1064 +#: src/sss_client/common.c:1069 msgid "Public socket has wrong ownership or permissions." msgstr "" "Le socket public a de mauvaises permissions ou un mauvais propriétaire." -#: src/sss_client/common.c:1067 +#: src/sss_client/common.c:1072 msgid "Unexpected format of the server credential message." msgstr "Le message du serveur de crédits a un format inattendu." -#: src/sss_client/common.c:1070 +#: src/sss_client/common.c:1075 msgid "SSSD is not run by root." msgstr "SSSD n'est pas démarré par root." -#: src/sss_client/common.c:1075 +#: src/sss_client/common.c:1080 msgid "An error occurred, but no description can be found." msgstr "Une erreur est survenue mais aucune description n'est trouvée." -#: src/sss_client/common.c:1081 +#: src/sss_client/common.c:1086 msgid "Unexpected error while looking for an error description" msgstr "Erreur inattendue lors de la recherche de la description de l'erreur" -#: src/sss_client/pam_sss.c:68 +#: src/sss_client/pam_sss.c:76 msgid "Permission denied. " msgstr "Accès refusé." -#: src/sss_client/pam_sss.c:69 src/sss_client/pam_sss.c:746 -#: src/sss_client/pam_sss.c:757 +#: src/sss_client/pam_sss.c:77 src/sss_client/pam_sss.c:782 +#: src/sss_client/pam_sss.c:793 msgid "Server message: " msgstr "Message du serveur : " -#: src/sss_client/pam_sss.c:264 +#: src/sss_client/pam_sss.c:300 msgid "Passwords do not match" msgstr "Les mots de passe ne correspondent pas" -#: src/sss_client/pam_sss.c:452 +#: src/sss_client/pam_sss.c:488 msgid "Password reset by root is not supported." msgstr "" "La réinitialisation du mot de passe par root n'est pas prise en charge." -#: src/sss_client/pam_sss.c:493 +#: src/sss_client/pam_sss.c:529 msgid "Authenticated with cached credentials" msgstr "Authentifié avec les crédits mis en cache" -#: src/sss_client/pam_sss.c:494 +#: src/sss_client/pam_sss.c:530 msgid ", your cached password will expire at: " msgstr ", votre mot de passe en cache expirera à :" -#: src/sss_client/pam_sss.c:524 +#: src/sss_client/pam_sss.c:560 #, c-format msgid "Your password has expired. You have %1$d grace login(s) remaining." msgstr "" "Votre mot de passe a expiré. Il vous reste %1$d connexion(s) autorisée(s)." -#: src/sss_client/pam_sss.c:570 +#: src/sss_client/pam_sss.c:606 #, c-format msgid "Your password will expire in %1$d %2$s." msgstr "Votre mot de passe expirera dans %1$d %2$s." -#: src/sss_client/pam_sss.c:619 +#: src/sss_client/pam_sss.c:655 msgid "Authentication is denied until: " msgstr "L'authentification est refusée jusque :" -#: src/sss_client/pam_sss.c:640 +#: src/sss_client/pam_sss.c:676 msgid "System is offline, password change not possible" msgstr "" "Le système est hors-ligne, les modifications du mot de passe sont impossibles" -#: src/sss_client/pam_sss.c:655 +#: src/sss_client/pam_sss.c:691 msgid "" "After changing the OTP password, you need to log out and back in order to " "acquire a ticket" @@ -1739,39 +1750,44 @@ msgstr "" "Après avoir modifié le mot de passe OTP, vous devez vous déconnecter et vous " "reconnecter afin d'acquérir un ticket" -#: src/sss_client/pam_sss.c:743 src/sss_client/pam_sss.c:756 +#: src/sss_client/pam_sss.c:779 src/sss_client/pam_sss.c:792 msgid "Password change failed. " msgstr "Échec du changement de mot de passe." -#: src/sss_client/pam_sss.c:1670 +#: src/sss_client/pam_sss.c:1926 msgid "New Password: " msgstr "Nouveau mot de passe : " -#: src/sss_client/pam_sss.c:1671 +#: src/sss_client/pam_sss.c:1927 msgid "Reenter new Password: " msgstr "Retaper le nouveau mot de passe : " -#: src/sss_client/pam_sss.c:1783 src/sss_client/pam_sss.c:1786 +#: src/sss_client/pam_sss.c:2039 src/sss_client/pam_sss.c:2042 msgid "First Factor: " msgstr "Premier facteur :" -#: src/sss_client/pam_sss.c:1784 +#: src/sss_client/pam_sss.c:2040 src/sss_client/pam_sss.c:2202 msgid "Second Factor (optional): " msgstr "" -#: src/sss_client/pam_sss.c:1787 +#: src/sss_client/pam_sss.c:2043 src/sss_client/pam_sss.c:2205 msgid "Second Factor: " msgstr "Second facteur :" -#: src/sss_client/pam_sss.c:1792 +#: src/sss_client/pam_sss.c:2058 msgid "Password: " msgstr "Mot de passe : " -#: src/sss_client/pam_sss.c:1832 +#: src/sss_client/pam_sss.c:2201 src/sss_client/pam_sss.c:2204 +#, fuzzy +msgid "First Factor (Current Password): " +msgstr "Mot de passe actuel : " + +#: src/sss_client/pam_sss.c:2208 msgid "Current Password: " msgstr "Mot de passe actuel : " -#: src/sss_client/pam_sss.c:2098 +#: src/sss_client/pam_sss.c:2536 msgid "Password expired. Change your password now." msgstr "Mot de passe expiré. Changez votre mot de passe maintenant." @@ -2453,38 +2469,38 @@ msgstr "" msgid "Cached in InfoPipe" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:511 +#: src/tools/sssctl/sssctl_cache.c:512 #, c-format msgid "Error: Unable to get object [%d]: %s\n" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:527 +#: src/tools/sssctl/sssctl_cache.c:528 #, c-format msgid "%s: Unable to read value [%d]: %s\n" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:555 +#: src/tools/sssctl/sssctl_cache.c:556 msgid "Specify name." msgstr "" -#: src/tools/sssctl/sssctl_cache.c:565 +#: src/tools/sssctl/sssctl_cache.c:566 #, c-format msgid "Unable to parse name %s.\n" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:591 src/tools/sssctl/sssctl_cache.c:638 +#: src/tools/sssctl/sssctl_cache.c:592 src/tools/sssctl/sssctl_cache.c:639 msgid "Search by SID" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:592 +#: src/tools/sssctl/sssctl_cache.c:593 msgid "Search by user ID" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:601 +#: src/tools/sssctl/sssctl_cache.c:602 msgid "Initgroups expiration time" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:639 +#: src/tools/sssctl/sssctl_cache.c:640 msgid "Search by group ID" msgstr "" @@ -2522,7 +2538,7 @@ msgid "Unable to create backup directory [%d]: %s" msgstr "" #: src/tools/sssctl/sssctl_data.c:95 -msgid "SSSD backup of local data already exist, override?" +msgid "SSSD backup of local data already exists, override?" msgstr "" #: src/tools/sssctl/sssctl_data.c:111 diff --git a/po/hu.po b/po/hu.po index 579997fa8d2..738201d5e4e 100644 --- a/po/hu.po +++ b/po/hu.po @@ -10,7 +10,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2017-10-20 16:16+0200\n" +"POT-Creation-Date: 2018-03-09 12:31+0100\n" "PO-Revision-Date: 2014-12-14 11:45-0500\n" "Last-Translator: Copied by Zanata \n" "Language-Team: Hungarian (http://www.transifex.com/projects/p/sssd/language/" @@ -494,12 +494,12 @@ msgid "Whether to automatically update the client's DNS entry" msgstr "" #: src/config/SSSDConfig/__init__.py.in:184 -#: src/config/SSSDConfig/__init__.py.in:205 +#: src/config/SSSDConfig/__init__.py.in:206 msgid "The TTL to apply to the client's DNS entry after updating it" msgstr "" #: src/config/SSSDConfig/__init__.py.in:185 -#: src/config/SSSDConfig/__init__.py.in:206 +#: src/config/SSSDConfig/__init__.py.in:207 msgid "The interface whose IP should be used for dynamic DNS updates" msgstr "" @@ -543,1114 +543,1127 @@ msgstr "" msgid "How long can cached credentials be used for cached authentication" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:200 +#: src/config/SSSDConfig/__init__.py.in:198 +msgid "Whether to automatically create private groups for users" +msgstr "" + +#: src/config/SSSDConfig/__init__.py.in:201 msgid "IPA domain" msgstr "IPA-tartomány" -#: src/config/SSSDConfig/__init__.py.in:201 +#: src/config/SSSDConfig/__init__.py.in:202 msgid "IPA server address" msgstr "IPA kiszolgáló címe" -#: src/config/SSSDConfig/__init__.py.in:202 +#: src/config/SSSDConfig/__init__.py.in:203 msgid "Address of backup IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:203 +#: src/config/SSSDConfig/__init__.py.in:204 msgid "IPA client hostname" msgstr "IPA kliens hosztneve" -#: src/config/SSSDConfig/__init__.py.in:204 +#: src/config/SSSDConfig/__init__.py.in:205 msgid "Whether to automatically update the client's DNS entry in FreeIPA" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:207 +#: src/config/SSSDConfig/__init__.py.in:208 msgid "Search base for HBAC related objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:208 +#: src/config/SSSDConfig/__init__.py.in:209 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:209 +#: src/config/SSSDConfig/__init__.py.in:210 msgid "" "The amount of time in seconds between lookups of the SELinux maps against " "the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:210 +#: src/config/SSSDConfig/__init__.py.in:211 msgid "If set to false, host argument given by PAM will be ignored" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:211 +#: src/config/SSSDConfig/__init__.py.in:212 msgid "The automounter location this IPA client is using" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:212 +#: src/config/SSSDConfig/__init__.py.in:213 msgid "Search base for object containing info about IPA domain" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:213 +#: src/config/SSSDConfig/__init__.py.in:214 msgid "Search base for objects containing info about ID ranges" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:214 -#: src/config/SSSDConfig/__init__.py.in:232 +#: src/config/SSSDConfig/__init__.py.in:215 +#: src/config/SSSDConfig/__init__.py.in:233 msgid "Enable DNS sites - location based service discovery" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:215 +#: src/config/SSSDConfig/__init__.py.in:216 msgid "Search base for view containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:216 +#: src/config/SSSDConfig/__init__.py.in:217 msgid "Objectclass for view containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:217 +#: src/config/SSSDConfig/__init__.py.in:218 msgid "Attribute with the name of the view" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:218 +#: src/config/SSSDConfig/__init__.py.in:219 msgid "Objectclass for override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:219 +#: src/config/SSSDConfig/__init__.py.in:220 msgid "Attribute with the reference to the original object" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:220 +#: src/config/SSSDConfig/__init__.py.in:221 msgid "Objectclass for user override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:221 +#: src/config/SSSDConfig/__init__.py.in:222 msgid "Objectclass for group override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:222 +#: src/config/SSSDConfig/__init__.py.in:223 msgid "Search base for Desktop Profile related objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:223 +#: src/config/SSSDConfig/__init__.py.in:224 msgid "" "The amount of time in seconds between lookups of the Desktop Profile rules " "against the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:224 +#: src/config/SSSDConfig/__init__.py.in:225 msgid "" "The amount of time in minutes between lookups of Desktop Profiles rules " "against the IPA server when the last request did not find any rule" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:227 +#: src/config/SSSDConfig/__init__.py.in:228 msgid "Active Directory domain" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:228 +#: src/config/SSSDConfig/__init__.py.in:229 msgid "Enabled Active Directory domains" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:229 +#: src/config/SSSDConfig/__init__.py.in:230 msgid "Active Directory server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:230 +#: src/config/SSSDConfig/__init__.py.in:231 msgid "Active Directory backup server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:231 +#: src/config/SSSDConfig/__init__.py.in:232 msgid "Active Directory client hostname" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:233 -#: src/config/SSSDConfig/__init__.py.in:419 +#: src/config/SSSDConfig/__init__.py.in:234 +#: src/config/SSSDConfig/__init__.py.in:420 msgid "LDAP filter to determine access privileges" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:234 +#: src/config/SSSDConfig/__init__.py.in:235 msgid "Whether to use the Global Catalog for lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:235 +#: src/config/SSSDConfig/__init__.py.in:236 msgid "Operation mode for GPO-based access control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:236 +#: src/config/SSSDConfig/__init__.py.in:237 msgid "" "The amount of time between lookups of the GPO policy files against the AD " "server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:237 +#: src/config/SSSDConfig/__init__.py.in:238 msgid "" "PAM service names that map to the GPO (Deny)InteractiveLogonRight policy " "settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:238 +#: src/config/SSSDConfig/__init__.py.in:239 msgid "" "PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight " "policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:239 +#: src/config/SSSDConfig/__init__.py.in:240 msgid "" "PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:240 +#: src/config/SSSDConfig/__init__.py.in:241 msgid "" "PAM service names that map to the GPO (Deny)BatchLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:241 +#: src/config/SSSDConfig/__init__.py.in:242 msgid "" "PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:242 +#: src/config/SSSDConfig/__init__.py.in:243 msgid "PAM service names for which GPO-based access is always granted" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:243 +#: src/config/SSSDConfig/__init__.py.in:244 msgid "PAM service names for which GPO-based access is always denied" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:244 +#: src/config/SSSDConfig/__init__.py.in:245 msgid "" "Default logon right (or permit/deny) to use for unmapped PAM service names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:245 +#: src/config/SSSDConfig/__init__.py.in:246 msgid "a particular site to be used by the client" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:246 +#: src/config/SSSDConfig/__init__.py.in:247 msgid "" "Maximum age in days before the machine account password should be renewed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:247 +#: src/config/SSSDConfig/__init__.py.in:248 msgid "Option for tuning the machine account renewal task" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:250 #: src/config/SSSDConfig/__init__.py.in:251 +#: src/config/SSSDConfig/__init__.py.in:252 msgid "Kerberos server address" msgstr "Kerberos-kiszolgáló címe" -#: src/config/SSSDConfig/__init__.py.in:252 +#: src/config/SSSDConfig/__init__.py.in:253 msgid "Kerberos backup server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:253 +#: src/config/SSSDConfig/__init__.py.in:254 msgid "Kerberos realm" msgstr "Kerberos-tartomány" -#: src/config/SSSDConfig/__init__.py.in:254 +#: src/config/SSSDConfig/__init__.py.in:255 msgid "Authentication timeout" msgstr "Időtúllépés azonosításkor" -#: src/config/SSSDConfig/__init__.py.in:255 +#: src/config/SSSDConfig/__init__.py.in:256 msgid "Whether to create kdcinfo files" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:256 +#: src/config/SSSDConfig/__init__.py.in:257 msgid "Where to drop krb5 config snippets" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:259 +#: src/config/SSSDConfig/__init__.py.in:260 msgid "Directory to store credential caches" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:260 +#: src/config/SSSDConfig/__init__.py.in:261 msgid "Location of the user's credential cache" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:261 +#: src/config/SSSDConfig/__init__.py.in:262 msgid "Location of the keytab to validate credentials" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:262 +#: src/config/SSSDConfig/__init__.py.in:263 msgid "Enable credential validation" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:263 +#: src/config/SSSDConfig/__init__.py.in:264 msgid "Store password if offline for later online authentication" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:264 +#: src/config/SSSDConfig/__init__.py.in:265 msgid "Renewable lifetime of the TGT" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:265 +#: src/config/SSSDConfig/__init__.py.in:266 msgid "Lifetime of the TGT" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:266 +#: src/config/SSSDConfig/__init__.py.in:267 msgid "Time between two checks for renewal" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:267 +#: src/config/SSSDConfig/__init__.py.in:268 msgid "Enables FAST" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:268 +#: src/config/SSSDConfig/__init__.py.in:269 msgid "Selects the principal to use for FAST" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:269 +#: src/config/SSSDConfig/__init__.py.in:270 msgid "Enables principal canonicalization" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:270 +#: src/config/SSSDConfig/__init__.py.in:271 msgid "Enables enterprise principals" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:271 -msgid "A mapping from user names to kerberos principal names" +#: src/config/SSSDConfig/__init__.py.in:272 +msgid "A mapping from user names to Kerberos principal names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:274 #: src/config/SSSDConfig/__init__.py.in:275 +#: src/config/SSSDConfig/__init__.py.in:276 msgid "Server where the change password service is running if not on the KDC" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:278 +#: src/config/SSSDConfig/__init__.py.in:279 msgid "ldap_uri, The URI of the LDAP server" msgstr "ldap_uri, az LDAP szerver URI-ja" -#: src/config/SSSDConfig/__init__.py.in:279 +#: src/config/SSSDConfig/__init__.py.in:280 msgid "ldap_backup_uri, The URI of the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:280 +#: src/config/SSSDConfig/__init__.py.in:281 msgid "The default base DN" msgstr "Alapértelmezett LDAP alap-DN-je" -#: src/config/SSSDConfig/__init__.py.in:281 +#: src/config/SSSDConfig/__init__.py.in:282 msgid "The Schema Type in use on the LDAP server, rfc2307" msgstr "Az LDAP szerveren használt séma-típus, rfc2307" -#: src/config/SSSDConfig/__init__.py.in:282 +#: src/config/SSSDConfig/__init__.py.in:283 msgid "The default bind DN" msgstr "Az alapértelmezett bind DN" -#: src/config/SSSDConfig/__init__.py.in:283 +#: src/config/SSSDConfig/__init__.py.in:284 msgid "The type of the authentication token of the default bind DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:284 +#: src/config/SSSDConfig/__init__.py.in:285 msgid "The authentication token of the default bind DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:285 +#: src/config/SSSDConfig/__init__.py.in:286 msgid "Length of time to attempt connection" msgstr "A kapcsolódási próbálkozás időtartama" -#: src/config/SSSDConfig/__init__.py.in:286 +#: src/config/SSSDConfig/__init__.py.in:287 msgid "Length of time to attempt synchronous LDAP operations" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:287 +#: src/config/SSSDConfig/__init__.py.in:288 msgid "Length of time between attempts to reconnect while offline" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:288 +#: src/config/SSSDConfig/__init__.py.in:289 msgid "Use only the upper case for realm names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:289 +#: src/config/SSSDConfig/__init__.py.in:290 msgid "File that contains CA certificates" msgstr "A CA tanusítványokat tartalmazó fájl" -#: src/config/SSSDConfig/__init__.py.in:290 +#: src/config/SSSDConfig/__init__.py.in:291 msgid "Path to CA certificate directory" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:291 +#: src/config/SSSDConfig/__init__.py.in:292 msgid "File that contains the client certificate" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:292 +#: src/config/SSSDConfig/__init__.py.in:293 msgid "File that contains the client key" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:293 +#: src/config/SSSDConfig/__init__.py.in:294 msgid "List of possible ciphers suites" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:294 +#: src/config/SSSDConfig/__init__.py.in:295 msgid "Require TLS certificate verification" msgstr "TLS tanusítvány ellenőrzése" -#: src/config/SSSDConfig/__init__.py.in:295 +#: src/config/SSSDConfig/__init__.py.in:296 msgid "Specify the sasl mechanism to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:296 +#: src/config/SSSDConfig/__init__.py.in:297 msgid "Specify the sasl authorization id to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:297 +#: src/config/SSSDConfig/__init__.py.in:298 msgid "Specify the sasl authorization realm to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:298 +#: src/config/SSSDConfig/__init__.py.in:299 msgid "Specify the minimal SSF for LDAP sasl authorization" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:299 +#: src/config/SSSDConfig/__init__.py.in:300 msgid "Kerberos service keytab" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:300 +#: src/config/SSSDConfig/__init__.py.in:301 msgid "Use Kerberos auth for LDAP connection" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:301 +#: src/config/SSSDConfig/__init__.py.in:302 msgid "Follow LDAP referrals" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:302 +#: src/config/SSSDConfig/__init__.py.in:303 msgid "Lifetime of TGT for LDAP connection" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:303 +#: src/config/SSSDConfig/__init__.py.in:304 msgid "How to dereference aliases" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:304 +#: src/config/SSSDConfig/__init__.py.in:305 msgid "Service name for DNS service lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:305 +#: src/config/SSSDConfig/__init__.py.in:306 msgid "The number of records to retrieve in a single LDAP query" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:306 +#: src/config/SSSDConfig/__init__.py.in:307 msgid "The number of members that must be missing to trigger a full deref" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:307 +#: src/config/SSSDConfig/__init__.py.in:308 msgid "" "Whether the LDAP library should perform a reverse lookup to canonicalize the " "host name during a SASL bind" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:309 +#: src/config/SSSDConfig/__init__.py.in:310 msgid "entryUSN attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:310 +#: src/config/SSSDConfig/__init__.py.in:311 msgid "lastUSN attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:312 +#: src/config/SSSDConfig/__init__.py.in:313 msgid "How long to retain a connection to the LDAP server before disconnecting" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:314 +#: src/config/SSSDConfig/__init__.py.in:315 msgid "Disable the LDAP paging control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:315 +#: src/config/SSSDConfig/__init__.py.in:316 msgid "Disable Active Directory range retrieval" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:318 +#: src/config/SSSDConfig/__init__.py.in:319 msgid "Length of time to wait for a search request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:319 +#: src/config/SSSDConfig/__init__.py.in:320 msgid "Length of time to wait for a enumeration request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:320 +#: src/config/SSSDConfig/__init__.py.in:321 msgid "Length of time between enumeration updates" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:321 +#: src/config/SSSDConfig/__init__.py.in:322 msgid "Length of time between cache cleanups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:322 +#: src/config/SSSDConfig/__init__.py.in:323 msgid "Require TLS for ID lookups" msgstr "TLS megkövetelése ID keresésekor" -#: src/config/SSSDConfig/__init__.py.in:323 +#: src/config/SSSDConfig/__init__.py.in:324 msgid "Use ID-mapping of objectSID instead of pre-set IDs" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:324 +#: src/config/SSSDConfig/__init__.py.in:325 msgid "Base DN for user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:325 +#: src/config/SSSDConfig/__init__.py.in:326 msgid "Scope of user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:326 +#: src/config/SSSDConfig/__init__.py.in:327 msgid "Filter for user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:327 +#: src/config/SSSDConfig/__init__.py.in:328 msgid "Objectclass for users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:328 +#: src/config/SSSDConfig/__init__.py.in:329 msgid "Username attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:330 +#: src/config/SSSDConfig/__init__.py.in:331 msgid "UID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:331 +#: src/config/SSSDConfig/__init__.py.in:332 msgid "Primary GID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:332 +#: src/config/SSSDConfig/__init__.py.in:333 msgid "GECOS attribute" msgstr "GECOS attribútum" -#: src/config/SSSDConfig/__init__.py.in:333 +#: src/config/SSSDConfig/__init__.py.in:334 msgid "Home directory attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:334 +#: src/config/SSSDConfig/__init__.py.in:335 msgid "Shell attribute" msgstr "Shell attribútum" -#: src/config/SSSDConfig/__init__.py.in:335 +#: src/config/SSSDConfig/__init__.py.in:336 msgid "UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:336 -#: src/config/SSSDConfig/__init__.py.in:378 +#: src/config/SSSDConfig/__init__.py.in:337 +#: src/config/SSSDConfig/__init__.py.in:379 msgid "objectSID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:337 +#: src/config/SSSDConfig/__init__.py.in:338 msgid "Active Directory primary group attribute for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:338 +#: src/config/SSSDConfig/__init__.py.in:339 msgid "User principal attribute (for Kerberos)" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:339 +#: src/config/SSSDConfig/__init__.py.in:340 msgid "Full Name" msgstr "Teljes név" -#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:341 msgid "memberOf attribute" msgstr "memberOf attribútum" -#: src/config/SSSDConfig/__init__.py.in:341 +#: src/config/SSSDConfig/__init__.py.in:342 msgid "Modification time attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:343 +#: src/config/SSSDConfig/__init__.py.in:344 msgid "shadowLastChange attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:344 +#: src/config/SSSDConfig/__init__.py.in:345 msgid "shadowMin attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:345 +#: src/config/SSSDConfig/__init__.py.in:346 msgid "shadowMax attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:346 +#: src/config/SSSDConfig/__init__.py.in:347 msgid "shadowWarning attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:347 +#: src/config/SSSDConfig/__init__.py.in:348 msgid "shadowInactive attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:348 +#: src/config/SSSDConfig/__init__.py.in:349 msgid "shadowExpire attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:349 +#: src/config/SSSDConfig/__init__.py.in:350 msgid "shadowFlag attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:350 +#: src/config/SSSDConfig/__init__.py.in:351 msgid "Attribute listing authorized PAM services" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:351 +#: src/config/SSSDConfig/__init__.py.in:352 msgid "Attribute listing authorized server hosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:352 +#: src/config/SSSDConfig/__init__.py.in:353 msgid "Attribute listing authorized server rhosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:353 +#: src/config/SSSDConfig/__init__.py.in:354 msgid "krbLastPwdChange attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:354 +#: src/config/SSSDConfig/__init__.py.in:355 msgid "krbPasswordExpiration attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:355 +#: src/config/SSSDConfig/__init__.py.in:356 msgid "Attribute indicating that server side password policies are active" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:356 +#: src/config/SSSDConfig/__init__.py.in:357 msgid "accountExpires attribute of AD" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:357 +#: src/config/SSSDConfig/__init__.py.in:358 msgid "userAccountControl attribute of AD" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:358 +#: src/config/SSSDConfig/__init__.py.in:359 msgid "nsAccountLock attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:359 +#: src/config/SSSDConfig/__init__.py.in:360 msgid "loginDisabled attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:360 +#: src/config/SSSDConfig/__init__.py.in:361 msgid "loginExpirationTime attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:361 +#: src/config/SSSDConfig/__init__.py.in:362 msgid "loginAllowedTimeMap attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:362 +#: src/config/SSSDConfig/__init__.py.in:363 msgid "SSH public key attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:363 +#: src/config/SSSDConfig/__init__.py.in:364 msgid "attribute listing allowed authentication types for a user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:364 +#: src/config/SSSDConfig/__init__.py.in:365 msgid "attribute containing the X509 certificate of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:365 +#: src/config/SSSDConfig/__init__.py.in:366 msgid "attribute containing the email address of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:367 +#: src/config/SSSDConfig/__init__.py.in:368 msgid "A list of extra attributes to download along with the user entry" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:369 +#: src/config/SSSDConfig/__init__.py.in:370 msgid "Base DN for group lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:372 +#: src/config/SSSDConfig/__init__.py.in:373 msgid "Objectclass for groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:373 +#: src/config/SSSDConfig/__init__.py.in:374 msgid "Group name" msgstr "Csoport neve" -#: src/config/SSSDConfig/__init__.py.in:374 +#: src/config/SSSDConfig/__init__.py.in:375 msgid "Group password" msgstr "Csoport jelszava" -#: src/config/SSSDConfig/__init__.py.in:375 +#: src/config/SSSDConfig/__init__.py.in:376 msgid "GID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:376 +#: src/config/SSSDConfig/__init__.py.in:377 msgid "Group member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:377 +#: src/config/SSSDConfig/__init__.py.in:378 msgid "Group UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:379 +#: src/config/SSSDConfig/__init__.py.in:380 msgid "Modification time attribute for groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:380 +#: src/config/SSSDConfig/__init__.py.in:381 msgid "Type of the group and other flags" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:381 +#: src/config/SSSDConfig/__init__.py.in:382 msgid "The LDAP group external member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:383 -msgid "Maximum nesting level SSSd will follow" +#: src/config/SSSDConfig/__init__.py.in:384 +msgid "Maximum nesting level SSSD will follow" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:385 +#: src/config/SSSDConfig/__init__.py.in:386 msgid "Base DN for netgroup lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:386 +#: src/config/SSSDConfig/__init__.py.in:387 msgid "Objectclass for netgroups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:387 +#: src/config/SSSDConfig/__init__.py.in:388 msgid "Netgroup name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:388 +#: src/config/SSSDConfig/__init__.py.in:389 msgid "Netgroups members attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:389 +#: src/config/SSSDConfig/__init__.py.in:390 msgid "Netgroup triple attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:390 +#: src/config/SSSDConfig/__init__.py.in:391 msgid "Modification time attribute for netgroups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:392 +#: src/config/SSSDConfig/__init__.py.in:393 msgid "Base DN for service lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:393 +#: src/config/SSSDConfig/__init__.py.in:394 msgid "Objectclass for services" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:394 +#: src/config/SSSDConfig/__init__.py.in:395 msgid "Service name attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:395 +#: src/config/SSSDConfig/__init__.py.in:396 msgid "Service port attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:396 +#: src/config/SSSDConfig/__init__.py.in:397 msgid "Service protocol attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:399 +#: src/config/SSSDConfig/__init__.py.in:400 msgid "Lower bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:400 +#: src/config/SSSDConfig/__init__.py.in:401 msgid "Upper bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:401 +#: src/config/SSSDConfig/__init__.py.in:402 msgid "Number of IDs for each slice when ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:402 +#: src/config/SSSDConfig/__init__.py.in:403 msgid "Use autorid-compatible algorithm for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:403 +#: src/config/SSSDConfig/__init__.py.in:404 msgid "Name of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:404 +#: src/config/SSSDConfig/__init__.py.in:405 msgid "SID of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:405 +#: src/config/SSSDConfig/__init__.py.in:406 msgid "Number of secondary slices" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:407 +#: src/config/SSSDConfig/__init__.py.in:408 msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:408 +#: src/config/SSSDConfig/__init__.py.in:409 msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:409 +#: src/config/SSSDConfig/__init__.py.in:410 msgid "Whether to use Token-Groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:410 +#: src/config/SSSDConfig/__init__.py.in:411 msgid "Set lower boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:411 +#: src/config/SSSDConfig/__init__.py.in:412 msgid "Set upper boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:412 +#: src/config/SSSDConfig/__init__.py.in:413 msgid "DN for ppolicy queries" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:413 +#: src/config/SSSDConfig/__init__.py.in:414 msgid "How many maximum entries to fetch during a wildcard request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:416 +#: src/config/SSSDConfig/__init__.py.in:417 msgid "Policy to evaluate the password expiration" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:420 +#: src/config/SSSDConfig/__init__.py.in:421 msgid "Which attributes shall be used to evaluate if an account is expired" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:421 +#: src/config/SSSDConfig/__init__.py.in:422 msgid "Which rules should be used to evaluate access control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:424 +#: src/config/SSSDConfig/__init__.py.in:425 msgid "URI of an LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:425 +#: src/config/SSSDConfig/__init__.py.in:426 msgid "URI of a backup LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:426 +#: src/config/SSSDConfig/__init__.py.in:427 msgid "DNS service name for LDAP password change server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:427 +#: src/config/SSSDConfig/__init__.py.in:428 msgid "" "Whether to update the ldap_user_shadow_last_change attribute after a " "password change" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:430 +#: src/config/SSSDConfig/__init__.py.in:431 msgid "Base DN for sudo rules lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:431 +#: src/config/SSSDConfig/__init__.py.in:432 msgid "Automatic full refresh period" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:432 +#: src/config/SSSDConfig/__init__.py.in:433 msgid "Automatic smart refresh period" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:433 +#: src/config/SSSDConfig/__init__.py.in:434 msgid "Whether to filter rules by hostname, IP addresses and network" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:434 +#: src/config/SSSDConfig/__init__.py.in:435 msgid "" "Hostnames and/or fully qualified domain names of this machine to filter sudo " "rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:435 +#: src/config/SSSDConfig/__init__.py.in:436 msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:436 +#: src/config/SSSDConfig/__init__.py.in:437 msgid "Whether to include rules that contains netgroup in host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:437 +#: src/config/SSSDConfig/__init__.py.in:438 msgid "" "Whether to include rules that contains regular expression in host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:438 +#: src/config/SSSDConfig/__init__.py.in:439 msgid "Object class for sudo rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:439 +#: src/config/SSSDConfig/__init__.py.in:440 msgid "Sudo rule name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:440 +#: src/config/SSSDConfig/__init__.py.in:441 msgid "Sudo rule command attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:441 +#: src/config/SSSDConfig/__init__.py.in:442 msgid "Sudo rule host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:442 +#: src/config/SSSDConfig/__init__.py.in:443 msgid "Sudo rule user attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:443 +#: src/config/SSSDConfig/__init__.py.in:444 msgid "Sudo rule option attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:444 +#: src/config/SSSDConfig/__init__.py.in:445 msgid "Sudo rule runas attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:445 +#: src/config/SSSDConfig/__init__.py.in:446 msgid "Sudo rule runasuser attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:446 +#: src/config/SSSDConfig/__init__.py.in:447 msgid "Sudo rule runasgroup attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:447 +#: src/config/SSSDConfig/__init__.py.in:448 msgid "Sudo rule notbefore attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:448 +#: src/config/SSSDConfig/__init__.py.in:449 msgid "Sudo rule notafter attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:449 +#: src/config/SSSDConfig/__init__.py.in:450 msgid "Sudo rule order attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:452 +#: src/config/SSSDConfig/__init__.py.in:453 msgid "Object class for automounter maps" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:453 +#: src/config/SSSDConfig/__init__.py.in:454 msgid "Automounter map name attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:454 +#: src/config/SSSDConfig/__init__.py.in:455 msgid "Object class for automounter map entries" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:455 +#: src/config/SSSDConfig/__init__.py.in:456 msgid "Automounter map entry key attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:456 +#: src/config/SSSDConfig/__init__.py.in:457 msgid "Automounter map entry value attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:457 +#: src/config/SSSDConfig/__init__.py.in:458 msgid "Base DN for automounter map lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:460 +#: src/config/SSSDConfig/__init__.py.in:461 msgid "Comma separated list of allowed users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:461 +#: src/config/SSSDConfig/__init__.py.in:462 msgid "Comma separated list of prohibited users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:464 +#: src/config/SSSDConfig/__init__.py.in:465 msgid "Default shell, /bin/bash" msgstr "Alapértelmezett shell, /bin/bash" -#: src/config/SSSDConfig/__init__.py.in:465 +#: src/config/SSSDConfig/__init__.py.in:466 msgid "Base for home directories" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:468 +#: src/config/SSSDConfig/__init__.py.in:469 msgid "The number of preforked proxy children." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:471 +#: src/config/SSSDConfig/__init__.py.in:472 msgid "The name of the NSS library to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:472 +#: src/config/SSSDConfig/__init__.py.in:473 msgid "Whether to look up canonical group name from cache if possible" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:475 +#: src/config/SSSDConfig/__init__.py.in:476 msgid "PAM stack to use" msgstr "" -#: src/monitor/monitor.c:2469 +#: src/monitor/monitor.c:2449 msgid "Become a daemon (default)" msgstr "" -#: src/monitor/monitor.c:2471 +#: src/monitor/monitor.c:2451 msgid "Run interactive (not a daemon)" msgstr "" -#: src/monitor/monitor.c:2474 +#: src/monitor/monitor.c:2454 msgid "Disable netlink interface" msgstr "" -#: src/monitor/monitor.c:2476 src/tools/sssctl/sssctl_logs.c:311 +#: src/monitor/monitor.c:2456 src/tools/sssctl/sssctl_logs.c:311 msgid "Specify a non-default config file" msgstr "" -#: src/monitor/monitor.c:2478 +#: src/monitor/monitor.c:2458 msgid "Refresh the configuration database, then exit" msgstr "" -#: src/monitor/monitor.c:2481 +#: src/monitor/monitor.c:2461 msgid "Print version number and exit" msgstr "" -#: src/monitor/monitor.c:2645 +#: src/monitor/monitor.c:2627 msgid "SSSD is already running\n" msgstr "" -#: src/providers/krb5/krb5_child.c:3032 src/providers/ldap/ldap_child.c:616 +#: src/providers/krb5/krb5_child.c:3216 src/providers/ldap/ldap_child.c:617 msgid "Debug level" msgstr "" -#: src/providers/krb5/krb5_child.c:3034 src/providers/ldap/ldap_child.c:618 +#: src/providers/krb5/krb5_child.c:3218 src/providers/ldap/ldap_child.c:619 msgid "Add debug timestamps" msgstr "Időbélyegek a hibakeresési kimenetben" -#: src/providers/krb5/krb5_child.c:3036 src/providers/ldap/ldap_child.c:620 +#: src/providers/krb5/krb5_child.c:3220 src/providers/ldap/ldap_child.c:621 msgid "Show timestamps with microseconds" msgstr "Mikroszekundum pontosságú időbélyegek" -#: src/providers/krb5/krb5_child.c:3038 src/providers/ldap/ldap_child.c:622 +#: src/providers/krb5/krb5_child.c:3222 src/providers/ldap/ldap_child.c:623 msgid "An open file descriptor for the debug logs" msgstr "" -#: src/providers/krb5/krb5_child.c:3041 src/providers/ldap/ldap_child.c:624 +#: src/providers/krb5/krb5_child.c:3225 src/providers/ldap/ldap_child.c:625 msgid "Send the debug output to stderr directly." msgstr "" -#: src/providers/krb5/krb5_child.c:3043 +#: src/providers/krb5/krb5_child.c:3228 msgid "The user to create FAST ccache as" msgstr "" -#: src/providers/krb5/krb5_child.c:3045 +#: src/providers/krb5/krb5_child.c:3230 msgid "The group to create FAST ccache as" msgstr "" -#: src/providers/krb5/krb5_child.c:3047 +#: src/providers/krb5/krb5_child.c:3232 msgid "Kerberos realm to use" msgstr "" -#: src/providers/krb5/krb5_child.c:3049 +#: src/providers/krb5/krb5_child.c:3234 msgid "Requested lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:3051 +#: src/providers/krb5/krb5_child.c:3236 msgid "Requested renewable lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:3053 +#: src/providers/krb5/krb5_child.c:3238 msgid "FAST options ('never', 'try', 'demand')" msgstr "" -#: src/providers/krb5/krb5_child.c:3056 +#: src/providers/krb5/krb5_child.c:3241 msgid "Specifies the server principal to use for FAST" msgstr "" -#: src/providers/krb5/krb5_child.c:3058 +#: src/providers/krb5/krb5_child.c:3243 msgid "Requests canonicalization of the principal name" msgstr "" -#: src/providers/data_provider_be.c:553 +#: src/providers/krb5/krb5_child.c:3245 +msgid "Use custom version of krb5_get_init_creds_password" +msgstr "" + +#: src/providers/data_provider_be.c:555 msgid "Domain of the information provider (mandatory)" msgstr "" -#: src/sss_client/common.c:1061 +#: src/sss_client/common.c:1066 msgid "Privileged socket has wrong ownership or permissions." msgstr "" -#: src/sss_client/common.c:1064 +#: src/sss_client/common.c:1069 msgid "Public socket has wrong ownership or permissions." msgstr "" -#: src/sss_client/common.c:1067 +#: src/sss_client/common.c:1072 msgid "Unexpected format of the server credential message." msgstr "" -#: src/sss_client/common.c:1070 +#: src/sss_client/common.c:1075 msgid "SSSD is not run by root." msgstr "Az SSSD nem root-ként fut." -#: src/sss_client/common.c:1075 +#: src/sss_client/common.c:1080 msgid "An error occurred, but no description can be found." msgstr "Hiba lépett fel, de nem érhetőek el részletek." -#: src/sss_client/common.c:1081 +#: src/sss_client/common.c:1086 msgid "Unexpected error while looking for an error description" msgstr "" -#: src/sss_client/pam_sss.c:68 +#: src/sss_client/pam_sss.c:76 msgid "Permission denied. " msgstr "" -#: src/sss_client/pam_sss.c:69 src/sss_client/pam_sss.c:746 -#: src/sss_client/pam_sss.c:757 +#: src/sss_client/pam_sss.c:77 src/sss_client/pam_sss.c:782 +#: src/sss_client/pam_sss.c:793 msgid "Server message: " msgstr "Szerver üzenete:" -#: src/sss_client/pam_sss.c:264 +#: src/sss_client/pam_sss.c:300 msgid "Passwords do not match" msgstr "A jelszavak nem egyeznek" -#: src/sss_client/pam_sss.c:452 +#: src/sss_client/pam_sss.c:488 msgid "Password reset by root is not supported." msgstr "A jelszó root általi visszaállítása nem támogatott." -#: src/sss_client/pam_sss.c:493 +#: src/sss_client/pam_sss.c:529 msgid "Authenticated with cached credentials" msgstr "Azonosítva gyorsítótárazott adatbázisból" -#: src/sss_client/pam_sss.c:494 +#: src/sss_client/pam_sss.c:530 msgid ", your cached password will expire at: " msgstr ", a gyorsítótárazott jelszó lejár ekkor: " -#: src/sss_client/pam_sss.c:524 +#: src/sss_client/pam_sss.c:560 #, c-format msgid "Your password has expired. You have %1$d grace login(s) remaining." msgstr "" -#: src/sss_client/pam_sss.c:570 +#: src/sss_client/pam_sss.c:606 #, c-format msgid "Your password will expire in %1$d %2$s." msgstr "" -#: src/sss_client/pam_sss.c:619 +#: src/sss_client/pam_sss.c:655 msgid "Authentication is denied until: " msgstr "A bejelentkezés tiltott eddig:" -#: src/sss_client/pam_sss.c:640 +#: src/sss_client/pam_sss.c:676 msgid "System is offline, password change not possible" msgstr "A rendszer nem érhető el, a jelszó megváltoztatása nem lehetséges" -#: src/sss_client/pam_sss.c:655 +#: src/sss_client/pam_sss.c:691 msgid "" "After changing the OTP password, you need to log out and back in order to " "acquire a ticket" msgstr "" -#: src/sss_client/pam_sss.c:743 src/sss_client/pam_sss.c:756 +#: src/sss_client/pam_sss.c:779 src/sss_client/pam_sss.c:792 msgid "Password change failed. " msgstr "A jelszó megváltoztatása nem sikerült." -#: src/sss_client/pam_sss.c:1670 +#: src/sss_client/pam_sss.c:1926 msgid "New Password: " msgstr "Új jelszó:" -#: src/sss_client/pam_sss.c:1671 +#: src/sss_client/pam_sss.c:1927 msgid "Reenter new Password: " msgstr "Jelszó mégegyszer: " -#: src/sss_client/pam_sss.c:1783 src/sss_client/pam_sss.c:1786 +#: src/sss_client/pam_sss.c:2039 src/sss_client/pam_sss.c:2042 msgid "First Factor: " msgstr "" -#: src/sss_client/pam_sss.c:1784 +#: src/sss_client/pam_sss.c:2040 src/sss_client/pam_sss.c:2202 msgid "Second Factor (optional): " msgstr "" -#: src/sss_client/pam_sss.c:1787 +#: src/sss_client/pam_sss.c:2043 src/sss_client/pam_sss.c:2205 msgid "Second Factor: " msgstr "" -#: src/sss_client/pam_sss.c:1792 +#: src/sss_client/pam_sss.c:2058 msgid "Password: " msgstr "Jelszó: " -#: src/sss_client/pam_sss.c:1832 +#: src/sss_client/pam_sss.c:2201 src/sss_client/pam_sss.c:2204 +#, fuzzy +msgid "First Factor (Current Password): " +msgstr "Jelenlegi jelszó:" + +#: src/sss_client/pam_sss.c:2208 msgid "Current Password: " msgstr "Jelenlegi jelszó:" -#: src/sss_client/pam_sss.c:2098 +#: src/sss_client/pam_sss.c:2536 msgid "Password expired. Change your password now." msgstr "A jelszava lejárt, változtass meg most." @@ -2285,38 +2298,38 @@ msgstr "" msgid "Cached in InfoPipe" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:511 +#: src/tools/sssctl/sssctl_cache.c:512 #, c-format msgid "Error: Unable to get object [%d]: %s\n" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:527 +#: src/tools/sssctl/sssctl_cache.c:528 #, c-format msgid "%s: Unable to read value [%d]: %s\n" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:555 +#: src/tools/sssctl/sssctl_cache.c:556 msgid "Specify name." msgstr "" -#: src/tools/sssctl/sssctl_cache.c:565 +#: src/tools/sssctl/sssctl_cache.c:566 #, c-format msgid "Unable to parse name %s.\n" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:591 src/tools/sssctl/sssctl_cache.c:638 +#: src/tools/sssctl/sssctl_cache.c:592 src/tools/sssctl/sssctl_cache.c:639 msgid "Search by SID" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:592 +#: src/tools/sssctl/sssctl_cache.c:593 msgid "Search by user ID" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:601 +#: src/tools/sssctl/sssctl_cache.c:602 msgid "Initgroups expiration time" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:639 +#: src/tools/sssctl/sssctl_cache.c:640 msgid "Search by group ID" msgstr "" @@ -2354,7 +2367,7 @@ msgid "Unable to create backup directory [%d]: %s" msgstr "" #: src/tools/sssctl/sssctl_data.c:95 -msgid "SSSD backup of local data already exist, override?" +msgid "SSSD backup of local data already exists, override?" msgstr "" #: src/tools/sssctl/sssctl_data.c:111 diff --git a/po/id.po b/po/id.po index 602c3411183..d8fed3114f2 100644 --- a/po/id.po +++ b/po/id.po @@ -7,7 +7,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2017-10-20 16:16+0200\n" +"POT-Creation-Date: 2018-03-09 12:31+0100\n" "PO-Revision-Date: 2014-12-14 11:46-0500\n" "Last-Translator: Copied by Zanata \n" "Language-Team: Indonesian (http://www.transifex.com/projects/p/sssd/language/" @@ -492,12 +492,12 @@ msgid "Whether to automatically update the client's DNS entry" msgstr "" #: src/config/SSSDConfig/__init__.py.in:184 -#: src/config/SSSDConfig/__init__.py.in:205 +#: src/config/SSSDConfig/__init__.py.in:206 msgid "The TTL to apply to the client's DNS entry after updating it" msgstr "" #: src/config/SSSDConfig/__init__.py.in:185 -#: src/config/SSSDConfig/__init__.py.in:206 +#: src/config/SSSDConfig/__init__.py.in:207 msgid "The interface whose IP should be used for dynamic DNS updates" msgstr "" @@ -541,1114 +541,1127 @@ msgstr "" msgid "How long can cached credentials be used for cached authentication" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:200 +#: src/config/SSSDConfig/__init__.py.in:198 +msgid "Whether to automatically create private groups for users" +msgstr "" + +#: src/config/SSSDConfig/__init__.py.in:201 msgid "IPA domain" msgstr "Domain IPA" -#: src/config/SSSDConfig/__init__.py.in:201 +#: src/config/SSSDConfig/__init__.py.in:202 msgid "IPA server address" msgstr "Alamat server IPA" -#: src/config/SSSDConfig/__init__.py.in:202 +#: src/config/SSSDConfig/__init__.py.in:203 msgid "Address of backup IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:203 +#: src/config/SSSDConfig/__init__.py.in:204 msgid "IPA client hostname" msgstr "Nama host klien IPA" -#: src/config/SSSDConfig/__init__.py.in:204 +#: src/config/SSSDConfig/__init__.py.in:205 msgid "Whether to automatically update the client's DNS entry in FreeIPA" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:207 +#: src/config/SSSDConfig/__init__.py.in:208 msgid "Search base for HBAC related objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:208 +#: src/config/SSSDConfig/__init__.py.in:209 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:209 +#: src/config/SSSDConfig/__init__.py.in:210 msgid "" "The amount of time in seconds between lookups of the SELinux maps against " "the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:210 +#: src/config/SSSDConfig/__init__.py.in:211 msgid "If set to false, host argument given by PAM will be ignored" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:211 +#: src/config/SSSDConfig/__init__.py.in:212 msgid "The automounter location this IPA client is using" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:212 +#: src/config/SSSDConfig/__init__.py.in:213 msgid "Search base for object containing info about IPA domain" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:213 +#: src/config/SSSDConfig/__init__.py.in:214 msgid "Search base for objects containing info about ID ranges" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:214 -#: src/config/SSSDConfig/__init__.py.in:232 +#: src/config/SSSDConfig/__init__.py.in:215 +#: src/config/SSSDConfig/__init__.py.in:233 msgid "Enable DNS sites - location based service discovery" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:215 +#: src/config/SSSDConfig/__init__.py.in:216 msgid "Search base for view containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:216 +#: src/config/SSSDConfig/__init__.py.in:217 msgid "Objectclass for view containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:217 +#: src/config/SSSDConfig/__init__.py.in:218 msgid "Attribute with the name of the view" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:218 +#: src/config/SSSDConfig/__init__.py.in:219 msgid "Objectclass for override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:219 +#: src/config/SSSDConfig/__init__.py.in:220 msgid "Attribute with the reference to the original object" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:220 +#: src/config/SSSDConfig/__init__.py.in:221 msgid "Objectclass for user override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:221 +#: src/config/SSSDConfig/__init__.py.in:222 msgid "Objectclass for group override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:222 +#: src/config/SSSDConfig/__init__.py.in:223 msgid "Search base for Desktop Profile related objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:223 +#: src/config/SSSDConfig/__init__.py.in:224 msgid "" "The amount of time in seconds between lookups of the Desktop Profile rules " "against the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:224 +#: src/config/SSSDConfig/__init__.py.in:225 msgid "" "The amount of time in minutes between lookups of Desktop Profiles rules " "against the IPA server when the last request did not find any rule" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:227 +#: src/config/SSSDConfig/__init__.py.in:228 msgid "Active Directory domain" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:228 +#: src/config/SSSDConfig/__init__.py.in:229 msgid "Enabled Active Directory domains" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:229 +#: src/config/SSSDConfig/__init__.py.in:230 msgid "Active Directory server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:230 +#: src/config/SSSDConfig/__init__.py.in:231 msgid "Active Directory backup server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:231 +#: src/config/SSSDConfig/__init__.py.in:232 msgid "Active Directory client hostname" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:233 -#: src/config/SSSDConfig/__init__.py.in:419 +#: src/config/SSSDConfig/__init__.py.in:234 +#: src/config/SSSDConfig/__init__.py.in:420 msgid "LDAP filter to determine access privileges" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:234 +#: src/config/SSSDConfig/__init__.py.in:235 msgid "Whether to use the Global Catalog for lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:235 +#: src/config/SSSDConfig/__init__.py.in:236 msgid "Operation mode for GPO-based access control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:236 +#: src/config/SSSDConfig/__init__.py.in:237 msgid "" "The amount of time between lookups of the GPO policy files against the AD " "server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:237 +#: src/config/SSSDConfig/__init__.py.in:238 msgid "" "PAM service names that map to the GPO (Deny)InteractiveLogonRight policy " "settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:238 +#: src/config/SSSDConfig/__init__.py.in:239 msgid "" "PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight " "policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:239 +#: src/config/SSSDConfig/__init__.py.in:240 msgid "" "PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:240 +#: src/config/SSSDConfig/__init__.py.in:241 msgid "" "PAM service names that map to the GPO (Deny)BatchLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:241 +#: src/config/SSSDConfig/__init__.py.in:242 msgid "" "PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:242 +#: src/config/SSSDConfig/__init__.py.in:243 msgid "PAM service names for which GPO-based access is always granted" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:243 +#: src/config/SSSDConfig/__init__.py.in:244 msgid "PAM service names for which GPO-based access is always denied" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:244 +#: src/config/SSSDConfig/__init__.py.in:245 msgid "" "Default logon right (or permit/deny) to use for unmapped PAM service names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:245 +#: src/config/SSSDConfig/__init__.py.in:246 msgid "a particular site to be used by the client" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:246 +#: src/config/SSSDConfig/__init__.py.in:247 msgid "" "Maximum age in days before the machine account password should be renewed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:247 +#: src/config/SSSDConfig/__init__.py.in:248 msgid "Option for tuning the machine account renewal task" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:250 #: src/config/SSSDConfig/__init__.py.in:251 +#: src/config/SSSDConfig/__init__.py.in:252 msgid "Kerberos server address" msgstr "Alamat server Kerberos" -#: src/config/SSSDConfig/__init__.py.in:252 +#: src/config/SSSDConfig/__init__.py.in:253 msgid "Kerberos backup server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:253 +#: src/config/SSSDConfig/__init__.py.in:254 msgid "Kerberos realm" msgstr "Realm Kerberos" -#: src/config/SSSDConfig/__init__.py.in:254 +#: src/config/SSSDConfig/__init__.py.in:255 msgid "Authentication timeout" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:255 +#: src/config/SSSDConfig/__init__.py.in:256 msgid "Whether to create kdcinfo files" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:256 +#: src/config/SSSDConfig/__init__.py.in:257 msgid "Where to drop krb5 config snippets" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:259 +#: src/config/SSSDConfig/__init__.py.in:260 msgid "Directory to store credential caches" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:260 +#: src/config/SSSDConfig/__init__.py.in:261 msgid "Location of the user's credential cache" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:261 +#: src/config/SSSDConfig/__init__.py.in:262 msgid "Location of the keytab to validate credentials" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:262 +#: src/config/SSSDConfig/__init__.py.in:263 msgid "Enable credential validation" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:263 +#: src/config/SSSDConfig/__init__.py.in:264 msgid "Store password if offline for later online authentication" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:264 +#: src/config/SSSDConfig/__init__.py.in:265 msgid "Renewable lifetime of the TGT" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:265 +#: src/config/SSSDConfig/__init__.py.in:266 msgid "Lifetime of the TGT" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:266 +#: src/config/SSSDConfig/__init__.py.in:267 msgid "Time between two checks for renewal" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:267 +#: src/config/SSSDConfig/__init__.py.in:268 msgid "Enables FAST" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:268 +#: src/config/SSSDConfig/__init__.py.in:269 msgid "Selects the principal to use for FAST" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:269 +#: src/config/SSSDConfig/__init__.py.in:270 msgid "Enables principal canonicalization" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:270 +#: src/config/SSSDConfig/__init__.py.in:271 msgid "Enables enterprise principals" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:271 -msgid "A mapping from user names to kerberos principal names" +#: src/config/SSSDConfig/__init__.py.in:272 +msgid "A mapping from user names to Kerberos principal names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:274 #: src/config/SSSDConfig/__init__.py.in:275 +#: src/config/SSSDConfig/__init__.py.in:276 msgid "Server where the change password service is running if not on the KDC" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:278 +#: src/config/SSSDConfig/__init__.py.in:279 msgid "ldap_uri, The URI of the LDAP server" msgstr "ldap_uri, URI server LDAP" -#: src/config/SSSDConfig/__init__.py.in:279 +#: src/config/SSSDConfig/__init__.py.in:280 msgid "ldap_backup_uri, The URI of the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:280 +#: src/config/SSSDConfig/__init__.py.in:281 msgid "The default base DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:281 +#: src/config/SSSDConfig/__init__.py.in:282 msgid "The Schema Type in use on the LDAP server, rfc2307" msgstr "Jenis Skema yang digunakan pada server LDAP, rfc2307" -#: src/config/SSSDConfig/__init__.py.in:282 +#: src/config/SSSDConfig/__init__.py.in:283 msgid "The default bind DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:283 +#: src/config/SSSDConfig/__init__.py.in:284 msgid "The type of the authentication token of the default bind DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:284 +#: src/config/SSSDConfig/__init__.py.in:285 msgid "The authentication token of the default bind DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:285 +#: src/config/SSSDConfig/__init__.py.in:286 msgid "Length of time to attempt connection" msgstr "Lamanya waktu untuk mencoba koneksi" -#: src/config/SSSDConfig/__init__.py.in:286 +#: src/config/SSSDConfig/__init__.py.in:287 msgid "Length of time to attempt synchronous LDAP operations" msgstr "Lamanya waktu untuk mencoba operasi LDAP yang sinkron" -#: src/config/SSSDConfig/__init__.py.in:287 +#: src/config/SSSDConfig/__init__.py.in:288 msgid "Length of time between attempts to reconnect while offline" msgstr "Lamanya waktu antara upaya untuk menyambung kembali saat luring" -#: src/config/SSSDConfig/__init__.py.in:288 +#: src/config/SSSDConfig/__init__.py.in:289 msgid "Use only the upper case for realm names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:289 +#: src/config/SSSDConfig/__init__.py.in:290 msgid "File that contains CA certificates" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:290 +#: src/config/SSSDConfig/__init__.py.in:291 msgid "Path to CA certificate directory" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:291 +#: src/config/SSSDConfig/__init__.py.in:292 msgid "File that contains the client certificate" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:292 +#: src/config/SSSDConfig/__init__.py.in:293 msgid "File that contains the client key" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:293 +#: src/config/SSSDConfig/__init__.py.in:294 msgid "List of possible ciphers suites" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:294 +#: src/config/SSSDConfig/__init__.py.in:295 msgid "Require TLS certificate verification" msgstr "Membutuhkan verifikasi sertifikat TLS" -#: src/config/SSSDConfig/__init__.py.in:295 +#: src/config/SSSDConfig/__init__.py.in:296 msgid "Specify the sasl mechanism to use" msgstr "Tentukan mekanisme sasl yang digunakan" -#: src/config/SSSDConfig/__init__.py.in:296 +#: src/config/SSSDConfig/__init__.py.in:297 msgid "Specify the sasl authorization id to use" msgstr "Tentukan id otorisasi sasl yang digunakan" -#: src/config/SSSDConfig/__init__.py.in:297 +#: src/config/SSSDConfig/__init__.py.in:298 msgid "Specify the sasl authorization realm to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:298 +#: src/config/SSSDConfig/__init__.py.in:299 msgid "Specify the minimal SSF for LDAP sasl authorization" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:299 +#: src/config/SSSDConfig/__init__.py.in:300 msgid "Kerberos service keytab" msgstr "Keytab layanan Kerberos" -#: src/config/SSSDConfig/__init__.py.in:300 +#: src/config/SSSDConfig/__init__.py.in:301 msgid "Use Kerberos auth for LDAP connection" msgstr "Gunakan otentikasi Kerberos untuk koneksi LDAP" -#: src/config/SSSDConfig/__init__.py.in:301 +#: src/config/SSSDConfig/__init__.py.in:302 msgid "Follow LDAP referrals" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:302 +#: src/config/SSSDConfig/__init__.py.in:303 msgid "Lifetime of TGT for LDAP connection" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:303 +#: src/config/SSSDConfig/__init__.py.in:304 msgid "How to dereference aliases" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:304 +#: src/config/SSSDConfig/__init__.py.in:305 msgid "Service name for DNS service lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:305 +#: src/config/SSSDConfig/__init__.py.in:306 msgid "The number of records to retrieve in a single LDAP query" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:306 +#: src/config/SSSDConfig/__init__.py.in:307 msgid "The number of members that must be missing to trigger a full deref" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:307 +#: src/config/SSSDConfig/__init__.py.in:308 msgid "" "Whether the LDAP library should perform a reverse lookup to canonicalize the " "host name during a SASL bind" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:309 +#: src/config/SSSDConfig/__init__.py.in:310 msgid "entryUSN attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:310 +#: src/config/SSSDConfig/__init__.py.in:311 msgid "lastUSN attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:312 +#: src/config/SSSDConfig/__init__.py.in:313 msgid "How long to retain a connection to the LDAP server before disconnecting" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:314 +#: src/config/SSSDConfig/__init__.py.in:315 msgid "Disable the LDAP paging control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:315 +#: src/config/SSSDConfig/__init__.py.in:316 msgid "Disable Active Directory range retrieval" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:318 +#: src/config/SSSDConfig/__init__.py.in:319 msgid "Length of time to wait for a search request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:319 +#: src/config/SSSDConfig/__init__.py.in:320 msgid "Length of time to wait for a enumeration request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:320 +#: src/config/SSSDConfig/__init__.py.in:321 msgid "Length of time between enumeration updates" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:321 +#: src/config/SSSDConfig/__init__.py.in:322 msgid "Length of time between cache cleanups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:322 +#: src/config/SSSDConfig/__init__.py.in:323 msgid "Require TLS for ID lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:323 +#: src/config/SSSDConfig/__init__.py.in:324 msgid "Use ID-mapping of objectSID instead of pre-set IDs" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:324 +#: src/config/SSSDConfig/__init__.py.in:325 msgid "Base DN for user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:325 +#: src/config/SSSDConfig/__init__.py.in:326 msgid "Scope of user lookups" msgstr "Lingkup pencarian pengguna" -#: src/config/SSSDConfig/__init__.py.in:326 +#: src/config/SSSDConfig/__init__.py.in:327 msgid "Filter for user lookups" msgstr "Filter pencarian pengguna" -#: src/config/SSSDConfig/__init__.py.in:327 +#: src/config/SSSDConfig/__init__.py.in:328 msgid "Objectclass for users" msgstr "Objectclass untuk pengguna" -#: src/config/SSSDConfig/__init__.py.in:328 +#: src/config/SSSDConfig/__init__.py.in:329 msgid "Username attribute" msgstr "Atribut Nama pengguna" -#: src/config/SSSDConfig/__init__.py.in:330 +#: src/config/SSSDConfig/__init__.py.in:331 msgid "UID attribute" msgstr "Atribut UID" -#: src/config/SSSDConfig/__init__.py.in:331 +#: src/config/SSSDConfig/__init__.py.in:332 msgid "Primary GID attribute" msgstr "Atribut GID Primer" -#: src/config/SSSDConfig/__init__.py.in:332 +#: src/config/SSSDConfig/__init__.py.in:333 msgid "GECOS attribute" msgstr "Atribut GECOS" -#: src/config/SSSDConfig/__init__.py.in:333 +#: src/config/SSSDConfig/__init__.py.in:334 msgid "Home directory attribute" msgstr "Atribut direktori Home" -#: src/config/SSSDConfig/__init__.py.in:334 +#: src/config/SSSDConfig/__init__.py.in:335 msgid "Shell attribute" msgstr "Atribut Shell" -#: src/config/SSSDConfig/__init__.py.in:335 +#: src/config/SSSDConfig/__init__.py.in:336 msgid "UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:336 -#: src/config/SSSDConfig/__init__.py.in:378 +#: src/config/SSSDConfig/__init__.py.in:337 +#: src/config/SSSDConfig/__init__.py.in:379 msgid "objectSID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:337 +#: src/config/SSSDConfig/__init__.py.in:338 msgid "Active Directory primary group attribute for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:338 +#: src/config/SSSDConfig/__init__.py.in:339 msgid "User principal attribute (for Kerberos)" msgstr "Atribut utama pengguna (untuk Kerberos)" -#: src/config/SSSDConfig/__init__.py.in:339 +#: src/config/SSSDConfig/__init__.py.in:340 msgid "Full Name" msgstr "Nama Lengkap" -#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:341 msgid "memberOf attribute" msgstr "Atribut memberOf" -#: src/config/SSSDConfig/__init__.py.in:341 +#: src/config/SSSDConfig/__init__.py.in:342 msgid "Modification time attribute" msgstr "Atribut waktu modifikasi" -#: src/config/SSSDConfig/__init__.py.in:343 +#: src/config/SSSDConfig/__init__.py.in:344 msgid "shadowLastChange attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:344 +#: src/config/SSSDConfig/__init__.py.in:345 msgid "shadowMin attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:345 +#: src/config/SSSDConfig/__init__.py.in:346 msgid "shadowMax attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:346 +#: src/config/SSSDConfig/__init__.py.in:347 msgid "shadowWarning attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:347 +#: src/config/SSSDConfig/__init__.py.in:348 msgid "shadowInactive attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:348 +#: src/config/SSSDConfig/__init__.py.in:349 msgid "shadowExpire attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:349 +#: src/config/SSSDConfig/__init__.py.in:350 msgid "shadowFlag attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:350 +#: src/config/SSSDConfig/__init__.py.in:351 msgid "Attribute listing authorized PAM services" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:351 +#: src/config/SSSDConfig/__init__.py.in:352 msgid "Attribute listing authorized server hosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:352 +#: src/config/SSSDConfig/__init__.py.in:353 msgid "Attribute listing authorized server rhosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:353 +#: src/config/SSSDConfig/__init__.py.in:354 msgid "krbLastPwdChange attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:354 +#: src/config/SSSDConfig/__init__.py.in:355 msgid "krbPasswordExpiration attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:355 +#: src/config/SSSDConfig/__init__.py.in:356 msgid "Attribute indicating that server side password policies are active" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:356 +#: src/config/SSSDConfig/__init__.py.in:357 msgid "accountExpires attribute of AD" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:357 +#: src/config/SSSDConfig/__init__.py.in:358 msgid "userAccountControl attribute of AD" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:358 +#: src/config/SSSDConfig/__init__.py.in:359 msgid "nsAccountLock attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:359 +#: src/config/SSSDConfig/__init__.py.in:360 msgid "loginDisabled attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:360 +#: src/config/SSSDConfig/__init__.py.in:361 msgid "loginExpirationTime attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:361 +#: src/config/SSSDConfig/__init__.py.in:362 msgid "loginAllowedTimeMap attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:362 +#: src/config/SSSDConfig/__init__.py.in:363 msgid "SSH public key attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:363 +#: src/config/SSSDConfig/__init__.py.in:364 msgid "attribute listing allowed authentication types for a user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:364 +#: src/config/SSSDConfig/__init__.py.in:365 msgid "attribute containing the X509 certificate of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:365 +#: src/config/SSSDConfig/__init__.py.in:366 msgid "attribute containing the email address of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:367 +#: src/config/SSSDConfig/__init__.py.in:368 msgid "A list of extra attributes to download along with the user entry" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:369 +#: src/config/SSSDConfig/__init__.py.in:370 msgid "Base DN for group lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:372 +#: src/config/SSSDConfig/__init__.py.in:373 msgid "Objectclass for groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:373 +#: src/config/SSSDConfig/__init__.py.in:374 msgid "Group name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:374 +#: src/config/SSSDConfig/__init__.py.in:375 msgid "Group password" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:375 +#: src/config/SSSDConfig/__init__.py.in:376 msgid "GID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:376 +#: src/config/SSSDConfig/__init__.py.in:377 msgid "Group member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:377 +#: src/config/SSSDConfig/__init__.py.in:378 msgid "Group UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:379 +#: src/config/SSSDConfig/__init__.py.in:380 msgid "Modification time attribute for groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:380 +#: src/config/SSSDConfig/__init__.py.in:381 msgid "Type of the group and other flags" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:381 +#: src/config/SSSDConfig/__init__.py.in:382 msgid "The LDAP group external member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:383 -msgid "Maximum nesting level SSSd will follow" +#: src/config/SSSDConfig/__init__.py.in:384 +msgid "Maximum nesting level SSSD will follow" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:385 +#: src/config/SSSDConfig/__init__.py.in:386 msgid "Base DN for netgroup lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:386 +#: src/config/SSSDConfig/__init__.py.in:387 msgid "Objectclass for netgroups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:387 +#: src/config/SSSDConfig/__init__.py.in:388 msgid "Netgroup name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:388 +#: src/config/SSSDConfig/__init__.py.in:389 msgid "Netgroups members attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:389 +#: src/config/SSSDConfig/__init__.py.in:390 msgid "Netgroup triple attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:390 +#: src/config/SSSDConfig/__init__.py.in:391 msgid "Modification time attribute for netgroups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:392 +#: src/config/SSSDConfig/__init__.py.in:393 msgid "Base DN for service lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:393 +#: src/config/SSSDConfig/__init__.py.in:394 msgid "Objectclass for services" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:394 +#: src/config/SSSDConfig/__init__.py.in:395 msgid "Service name attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:395 +#: src/config/SSSDConfig/__init__.py.in:396 msgid "Service port attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:396 +#: src/config/SSSDConfig/__init__.py.in:397 msgid "Service protocol attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:399 +#: src/config/SSSDConfig/__init__.py.in:400 msgid "Lower bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:400 +#: src/config/SSSDConfig/__init__.py.in:401 msgid "Upper bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:401 +#: src/config/SSSDConfig/__init__.py.in:402 msgid "Number of IDs for each slice when ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:402 +#: src/config/SSSDConfig/__init__.py.in:403 msgid "Use autorid-compatible algorithm for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:403 +#: src/config/SSSDConfig/__init__.py.in:404 msgid "Name of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:404 +#: src/config/SSSDConfig/__init__.py.in:405 msgid "SID of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:405 +#: src/config/SSSDConfig/__init__.py.in:406 msgid "Number of secondary slices" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:407 +#: src/config/SSSDConfig/__init__.py.in:408 msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:408 +#: src/config/SSSDConfig/__init__.py.in:409 msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:409 +#: src/config/SSSDConfig/__init__.py.in:410 msgid "Whether to use Token-Groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:410 +#: src/config/SSSDConfig/__init__.py.in:411 msgid "Set lower boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:411 +#: src/config/SSSDConfig/__init__.py.in:412 msgid "Set upper boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:412 +#: src/config/SSSDConfig/__init__.py.in:413 msgid "DN for ppolicy queries" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:413 +#: src/config/SSSDConfig/__init__.py.in:414 msgid "How many maximum entries to fetch during a wildcard request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:416 +#: src/config/SSSDConfig/__init__.py.in:417 msgid "Policy to evaluate the password expiration" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:420 +#: src/config/SSSDConfig/__init__.py.in:421 msgid "Which attributes shall be used to evaluate if an account is expired" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:421 +#: src/config/SSSDConfig/__init__.py.in:422 msgid "Which rules should be used to evaluate access control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:424 +#: src/config/SSSDConfig/__init__.py.in:425 msgid "URI of an LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:425 +#: src/config/SSSDConfig/__init__.py.in:426 msgid "URI of a backup LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:426 +#: src/config/SSSDConfig/__init__.py.in:427 msgid "DNS service name for LDAP password change server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:427 +#: src/config/SSSDConfig/__init__.py.in:428 msgid "" "Whether to update the ldap_user_shadow_last_change attribute after a " "password change" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:430 +#: src/config/SSSDConfig/__init__.py.in:431 msgid "Base DN for sudo rules lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:431 +#: src/config/SSSDConfig/__init__.py.in:432 msgid "Automatic full refresh period" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:432 +#: src/config/SSSDConfig/__init__.py.in:433 msgid "Automatic smart refresh period" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:433 +#: src/config/SSSDConfig/__init__.py.in:434 msgid "Whether to filter rules by hostname, IP addresses and network" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:434 +#: src/config/SSSDConfig/__init__.py.in:435 msgid "" "Hostnames and/or fully qualified domain names of this machine to filter sudo " "rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:435 +#: src/config/SSSDConfig/__init__.py.in:436 msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:436 +#: src/config/SSSDConfig/__init__.py.in:437 msgid "Whether to include rules that contains netgroup in host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:437 +#: src/config/SSSDConfig/__init__.py.in:438 msgid "" "Whether to include rules that contains regular expression in host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:438 +#: src/config/SSSDConfig/__init__.py.in:439 msgid "Object class for sudo rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:439 +#: src/config/SSSDConfig/__init__.py.in:440 msgid "Sudo rule name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:440 +#: src/config/SSSDConfig/__init__.py.in:441 msgid "Sudo rule command attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:441 +#: src/config/SSSDConfig/__init__.py.in:442 msgid "Sudo rule host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:442 +#: src/config/SSSDConfig/__init__.py.in:443 msgid "Sudo rule user attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:443 +#: src/config/SSSDConfig/__init__.py.in:444 msgid "Sudo rule option attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:444 +#: src/config/SSSDConfig/__init__.py.in:445 msgid "Sudo rule runas attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:445 +#: src/config/SSSDConfig/__init__.py.in:446 msgid "Sudo rule runasuser attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:446 +#: src/config/SSSDConfig/__init__.py.in:447 msgid "Sudo rule runasgroup attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:447 +#: src/config/SSSDConfig/__init__.py.in:448 msgid "Sudo rule notbefore attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:448 +#: src/config/SSSDConfig/__init__.py.in:449 msgid "Sudo rule notafter attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:449 +#: src/config/SSSDConfig/__init__.py.in:450 msgid "Sudo rule order attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:452 +#: src/config/SSSDConfig/__init__.py.in:453 msgid "Object class for automounter maps" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:453 +#: src/config/SSSDConfig/__init__.py.in:454 msgid "Automounter map name attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:454 +#: src/config/SSSDConfig/__init__.py.in:455 msgid "Object class for automounter map entries" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:455 +#: src/config/SSSDConfig/__init__.py.in:456 msgid "Automounter map entry key attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:456 +#: src/config/SSSDConfig/__init__.py.in:457 msgid "Automounter map entry value attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:457 +#: src/config/SSSDConfig/__init__.py.in:458 msgid "Base DN for automounter map lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:460 +#: src/config/SSSDConfig/__init__.py.in:461 msgid "Comma separated list of allowed users" msgstr "Daftar pengguna yang diijinkan dalam format yang dipisahkan koma" -#: src/config/SSSDConfig/__init__.py.in:461 +#: src/config/SSSDConfig/__init__.py.in:462 msgid "Comma separated list of prohibited users" msgstr "Daftar pengguna yang tidak diijinkan dalam format yang dipisahkan koma" -#: src/config/SSSDConfig/__init__.py.in:464 +#: src/config/SSSDConfig/__init__.py.in:465 msgid "Default shell, /bin/bash" msgstr "Shell default, /bin/bash" -#: src/config/SSSDConfig/__init__.py.in:465 +#: src/config/SSSDConfig/__init__.py.in:466 msgid "Base for home directories" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:468 +#: src/config/SSSDConfig/__init__.py.in:469 msgid "The number of preforked proxy children." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:471 +#: src/config/SSSDConfig/__init__.py.in:472 msgid "The name of the NSS library to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:472 +#: src/config/SSSDConfig/__init__.py.in:473 msgid "Whether to look up canonical group name from cache if possible" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:475 +#: src/config/SSSDConfig/__init__.py.in:476 msgid "PAM stack to use" msgstr "" -#: src/monitor/monitor.c:2469 +#: src/monitor/monitor.c:2449 msgid "Become a daemon (default)" msgstr "" -#: src/monitor/monitor.c:2471 +#: src/monitor/monitor.c:2451 msgid "Run interactive (not a daemon)" msgstr "" -#: src/monitor/monitor.c:2474 +#: src/monitor/monitor.c:2454 msgid "Disable netlink interface" msgstr "" -#: src/monitor/monitor.c:2476 src/tools/sssctl/sssctl_logs.c:311 +#: src/monitor/monitor.c:2456 src/tools/sssctl/sssctl_logs.c:311 msgid "Specify a non-default config file" msgstr "" -#: src/monitor/monitor.c:2478 +#: src/monitor/monitor.c:2458 msgid "Refresh the configuration database, then exit" msgstr "" -#: src/monitor/monitor.c:2481 +#: src/monitor/monitor.c:2461 msgid "Print version number and exit" msgstr "" -#: src/monitor/monitor.c:2645 +#: src/monitor/monitor.c:2627 msgid "SSSD is already running\n" msgstr "" -#: src/providers/krb5/krb5_child.c:3032 src/providers/ldap/ldap_child.c:616 +#: src/providers/krb5/krb5_child.c:3216 src/providers/ldap/ldap_child.c:617 msgid "Debug level" msgstr "" -#: src/providers/krb5/krb5_child.c:3034 src/providers/ldap/ldap_child.c:618 +#: src/providers/krb5/krb5_child.c:3218 src/providers/ldap/ldap_child.c:619 msgid "Add debug timestamps" msgstr "" -#: src/providers/krb5/krb5_child.c:3036 src/providers/ldap/ldap_child.c:620 +#: src/providers/krb5/krb5_child.c:3220 src/providers/ldap/ldap_child.c:621 msgid "Show timestamps with microseconds" msgstr "" -#: src/providers/krb5/krb5_child.c:3038 src/providers/ldap/ldap_child.c:622 +#: src/providers/krb5/krb5_child.c:3222 src/providers/ldap/ldap_child.c:623 msgid "An open file descriptor for the debug logs" msgstr "" -#: src/providers/krb5/krb5_child.c:3041 src/providers/ldap/ldap_child.c:624 +#: src/providers/krb5/krb5_child.c:3225 src/providers/ldap/ldap_child.c:625 msgid "Send the debug output to stderr directly." msgstr "" -#: src/providers/krb5/krb5_child.c:3043 +#: src/providers/krb5/krb5_child.c:3228 msgid "The user to create FAST ccache as" msgstr "" -#: src/providers/krb5/krb5_child.c:3045 +#: src/providers/krb5/krb5_child.c:3230 msgid "The group to create FAST ccache as" msgstr "" -#: src/providers/krb5/krb5_child.c:3047 +#: src/providers/krb5/krb5_child.c:3232 msgid "Kerberos realm to use" msgstr "" -#: src/providers/krb5/krb5_child.c:3049 +#: src/providers/krb5/krb5_child.c:3234 msgid "Requested lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:3051 +#: src/providers/krb5/krb5_child.c:3236 msgid "Requested renewable lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:3053 +#: src/providers/krb5/krb5_child.c:3238 msgid "FAST options ('never', 'try', 'demand')" msgstr "" -#: src/providers/krb5/krb5_child.c:3056 +#: src/providers/krb5/krb5_child.c:3241 msgid "Specifies the server principal to use for FAST" msgstr "" -#: src/providers/krb5/krb5_child.c:3058 +#: src/providers/krb5/krb5_child.c:3243 msgid "Requests canonicalization of the principal name" msgstr "" -#: src/providers/data_provider_be.c:553 +#: src/providers/krb5/krb5_child.c:3245 +msgid "Use custom version of krb5_get_init_creds_password" +msgstr "" + +#: src/providers/data_provider_be.c:555 msgid "Domain of the information provider (mandatory)" msgstr "" -#: src/sss_client/common.c:1061 +#: src/sss_client/common.c:1066 msgid "Privileged socket has wrong ownership or permissions." msgstr "" -#: src/sss_client/common.c:1064 +#: src/sss_client/common.c:1069 msgid "Public socket has wrong ownership or permissions." msgstr "" -#: src/sss_client/common.c:1067 +#: src/sss_client/common.c:1072 msgid "Unexpected format of the server credential message." msgstr "" -#: src/sss_client/common.c:1070 +#: src/sss_client/common.c:1075 msgid "SSSD is not run by root." msgstr "" -#: src/sss_client/common.c:1075 +#: src/sss_client/common.c:1080 msgid "An error occurred, but no description can be found." msgstr "" -#: src/sss_client/common.c:1081 +#: src/sss_client/common.c:1086 msgid "Unexpected error while looking for an error description" msgstr "" -#: src/sss_client/pam_sss.c:68 +#: src/sss_client/pam_sss.c:76 msgid "Permission denied. " msgstr "" -#: src/sss_client/pam_sss.c:69 src/sss_client/pam_sss.c:746 -#: src/sss_client/pam_sss.c:757 +#: src/sss_client/pam_sss.c:77 src/sss_client/pam_sss.c:782 +#: src/sss_client/pam_sss.c:793 msgid "Server message: " msgstr "Pesan server:" -#: src/sss_client/pam_sss.c:264 +#: src/sss_client/pam_sss.c:300 msgid "Passwords do not match" msgstr "Kata sandi tidak cocok" -#: src/sss_client/pam_sss.c:452 +#: src/sss_client/pam_sss.c:488 msgid "Password reset by root is not supported." msgstr "" -#: src/sss_client/pam_sss.c:493 +#: src/sss_client/pam_sss.c:529 msgid "Authenticated with cached credentials" msgstr "" -#: src/sss_client/pam_sss.c:494 +#: src/sss_client/pam_sss.c:530 msgid ", your cached password will expire at: " msgstr "" -#: src/sss_client/pam_sss.c:524 +#: src/sss_client/pam_sss.c:560 #, c-format msgid "Your password has expired. You have %1$d grace login(s) remaining." msgstr "" -#: src/sss_client/pam_sss.c:570 +#: src/sss_client/pam_sss.c:606 #, c-format msgid "Your password will expire in %1$d %2$s." msgstr "" -#: src/sss_client/pam_sss.c:619 +#: src/sss_client/pam_sss.c:655 msgid "Authentication is denied until: " msgstr "" -#: src/sss_client/pam_sss.c:640 +#: src/sss_client/pam_sss.c:676 msgid "System is offline, password change not possible" msgstr "Sistem sedang luring, perubahan kata sandi tidak dimungkinkan" -#: src/sss_client/pam_sss.c:655 +#: src/sss_client/pam_sss.c:691 msgid "" "After changing the OTP password, you need to log out and back in order to " "acquire a ticket" msgstr "" -#: src/sss_client/pam_sss.c:743 src/sss_client/pam_sss.c:756 +#: src/sss_client/pam_sss.c:779 src/sss_client/pam_sss.c:792 msgid "Password change failed. " msgstr "Perubahan kata sandi gagal." -#: src/sss_client/pam_sss.c:1670 +#: src/sss_client/pam_sss.c:1926 msgid "New Password: " msgstr "Kata Sandi Baru: " -#: src/sss_client/pam_sss.c:1671 +#: src/sss_client/pam_sss.c:1927 msgid "Reenter new Password: " msgstr "Masukkan lagi kata sandi baru:" -#: src/sss_client/pam_sss.c:1783 src/sss_client/pam_sss.c:1786 +#: src/sss_client/pam_sss.c:2039 src/sss_client/pam_sss.c:2042 msgid "First Factor: " msgstr "" -#: src/sss_client/pam_sss.c:1784 +#: src/sss_client/pam_sss.c:2040 src/sss_client/pam_sss.c:2202 msgid "Second Factor (optional): " msgstr "" -#: src/sss_client/pam_sss.c:1787 +#: src/sss_client/pam_sss.c:2043 src/sss_client/pam_sss.c:2205 msgid "Second Factor: " msgstr "" -#: src/sss_client/pam_sss.c:1792 +#: src/sss_client/pam_sss.c:2058 msgid "Password: " msgstr "Kata sandi:" -#: src/sss_client/pam_sss.c:1832 +#: src/sss_client/pam_sss.c:2201 src/sss_client/pam_sss.c:2204 +#, fuzzy +msgid "First Factor (Current Password): " +msgstr "Kata sandi saat ini:" + +#: src/sss_client/pam_sss.c:2208 msgid "Current Password: " msgstr "Kata sandi saat ini:" -#: src/sss_client/pam_sss.c:2098 +#: src/sss_client/pam_sss.c:2536 msgid "Password expired. Change your password now." msgstr "" @@ -2295,38 +2308,38 @@ msgstr "" msgid "Cached in InfoPipe" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:511 +#: src/tools/sssctl/sssctl_cache.c:512 #, c-format msgid "Error: Unable to get object [%d]: %s\n" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:527 +#: src/tools/sssctl/sssctl_cache.c:528 #, c-format msgid "%s: Unable to read value [%d]: %s\n" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:555 +#: src/tools/sssctl/sssctl_cache.c:556 msgid "Specify name." msgstr "" -#: src/tools/sssctl/sssctl_cache.c:565 +#: src/tools/sssctl/sssctl_cache.c:566 #, c-format msgid "Unable to parse name %s.\n" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:591 src/tools/sssctl/sssctl_cache.c:638 +#: src/tools/sssctl/sssctl_cache.c:592 src/tools/sssctl/sssctl_cache.c:639 msgid "Search by SID" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:592 +#: src/tools/sssctl/sssctl_cache.c:593 msgid "Search by user ID" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:601 +#: src/tools/sssctl/sssctl_cache.c:602 msgid "Initgroups expiration time" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:639 +#: src/tools/sssctl/sssctl_cache.c:640 msgid "Search by group ID" msgstr "" @@ -2364,7 +2377,7 @@ msgid "Unable to create backup directory [%d]: %s" msgstr "" #: src/tools/sssctl/sssctl_data.c:95 -msgid "SSSD backup of local data already exist, override?" +msgid "SSSD backup of local data already exists, override?" msgstr "" #: src/tools/sssctl/sssctl_data.c:111 diff --git a/po/it.po b/po/it.po index 2f052f381dc..35510a32582 100644 --- a/po/it.po +++ b/po/it.po @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2017-10-20 16:16+0200\n" +"POT-Creation-Date: 2018-03-09 12:31+0100\n" "PO-Revision-Date: 2014-12-14 11:46-0500\n" "Last-Translator: Copied by Zanata \n" "Language-Team: Italian (http://www.transifex.com/projects/p/sssd/language/" @@ -500,12 +500,12 @@ msgid "Whether to automatically update the client's DNS entry" msgstr "" #: src/config/SSSDConfig/__init__.py.in:184 -#: src/config/SSSDConfig/__init__.py.in:205 +#: src/config/SSSDConfig/__init__.py.in:206 msgid "The TTL to apply to the client's DNS entry after updating it" msgstr "" #: src/config/SSSDConfig/__init__.py.in:185 -#: src/config/SSSDConfig/__init__.py.in:206 +#: src/config/SSSDConfig/__init__.py.in:207 msgid "The interface whose IP should be used for dynamic DNS updates" msgstr "" "L'interfaccia il cui indirizzo IP dovrebbe essere usato per aggiornamenti " @@ -551,1115 +551,1128 @@ msgstr "" msgid "How long can cached credentials be used for cached authentication" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:200 +#: src/config/SSSDConfig/__init__.py.in:198 +msgid "Whether to automatically create private groups for users" +msgstr "" + +#: src/config/SSSDConfig/__init__.py.in:201 msgid "IPA domain" msgstr "Dominio IPA" -#: src/config/SSSDConfig/__init__.py.in:201 +#: src/config/SSSDConfig/__init__.py.in:202 msgid "IPA server address" msgstr "Indirizzo del server IPA" -#: src/config/SSSDConfig/__init__.py.in:202 +#: src/config/SSSDConfig/__init__.py.in:203 msgid "Address of backup IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:203 +#: src/config/SSSDConfig/__init__.py.in:204 msgid "IPA client hostname" msgstr "Hostname del client IPA" -#: src/config/SSSDConfig/__init__.py.in:204 +#: src/config/SSSDConfig/__init__.py.in:205 msgid "Whether to automatically update the client's DNS entry in FreeIPA" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:207 +#: src/config/SSSDConfig/__init__.py.in:208 msgid "Search base for HBAC related objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:208 +#: src/config/SSSDConfig/__init__.py.in:209 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:209 +#: src/config/SSSDConfig/__init__.py.in:210 msgid "" "The amount of time in seconds between lookups of the SELinux maps against " "the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:210 +#: src/config/SSSDConfig/__init__.py.in:211 msgid "If set to false, host argument given by PAM will be ignored" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:211 +#: src/config/SSSDConfig/__init__.py.in:212 msgid "The automounter location this IPA client is using" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:212 +#: src/config/SSSDConfig/__init__.py.in:213 msgid "Search base for object containing info about IPA domain" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:213 +#: src/config/SSSDConfig/__init__.py.in:214 msgid "Search base for objects containing info about ID ranges" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:214 -#: src/config/SSSDConfig/__init__.py.in:232 +#: src/config/SSSDConfig/__init__.py.in:215 +#: src/config/SSSDConfig/__init__.py.in:233 msgid "Enable DNS sites - location based service discovery" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:215 +#: src/config/SSSDConfig/__init__.py.in:216 msgid "Search base for view containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:216 +#: src/config/SSSDConfig/__init__.py.in:217 msgid "Objectclass for view containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:217 +#: src/config/SSSDConfig/__init__.py.in:218 msgid "Attribute with the name of the view" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:218 +#: src/config/SSSDConfig/__init__.py.in:219 msgid "Objectclass for override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:219 +#: src/config/SSSDConfig/__init__.py.in:220 msgid "Attribute with the reference to the original object" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:220 +#: src/config/SSSDConfig/__init__.py.in:221 msgid "Objectclass for user override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:221 +#: src/config/SSSDConfig/__init__.py.in:222 msgid "Objectclass for group override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:222 +#: src/config/SSSDConfig/__init__.py.in:223 msgid "Search base for Desktop Profile related objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:223 +#: src/config/SSSDConfig/__init__.py.in:224 msgid "" "The amount of time in seconds between lookups of the Desktop Profile rules " "against the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:224 +#: src/config/SSSDConfig/__init__.py.in:225 msgid "" "The amount of time in minutes between lookups of Desktop Profiles rules " "against the IPA server when the last request did not find any rule" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:227 +#: src/config/SSSDConfig/__init__.py.in:228 msgid "Active Directory domain" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:228 +#: src/config/SSSDConfig/__init__.py.in:229 msgid "Enabled Active Directory domains" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:229 +#: src/config/SSSDConfig/__init__.py.in:230 msgid "Active Directory server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:230 +#: src/config/SSSDConfig/__init__.py.in:231 msgid "Active Directory backup server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:231 +#: src/config/SSSDConfig/__init__.py.in:232 msgid "Active Directory client hostname" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:233 -#: src/config/SSSDConfig/__init__.py.in:419 +#: src/config/SSSDConfig/__init__.py.in:234 +#: src/config/SSSDConfig/__init__.py.in:420 msgid "LDAP filter to determine access privileges" msgstr "Filtro LDAP per determinare i privilegi di accesso" -#: src/config/SSSDConfig/__init__.py.in:234 +#: src/config/SSSDConfig/__init__.py.in:235 msgid "Whether to use the Global Catalog for lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:235 +#: src/config/SSSDConfig/__init__.py.in:236 msgid "Operation mode for GPO-based access control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:236 +#: src/config/SSSDConfig/__init__.py.in:237 msgid "" "The amount of time between lookups of the GPO policy files against the AD " "server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:237 +#: src/config/SSSDConfig/__init__.py.in:238 msgid "" "PAM service names that map to the GPO (Deny)InteractiveLogonRight policy " "settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:238 +#: src/config/SSSDConfig/__init__.py.in:239 msgid "" "PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight " "policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:239 +#: src/config/SSSDConfig/__init__.py.in:240 msgid "" "PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:240 +#: src/config/SSSDConfig/__init__.py.in:241 msgid "" "PAM service names that map to the GPO (Deny)BatchLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:241 +#: src/config/SSSDConfig/__init__.py.in:242 msgid "" "PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:242 +#: src/config/SSSDConfig/__init__.py.in:243 msgid "PAM service names for which GPO-based access is always granted" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:243 +#: src/config/SSSDConfig/__init__.py.in:244 msgid "PAM service names for which GPO-based access is always denied" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:244 +#: src/config/SSSDConfig/__init__.py.in:245 msgid "" "Default logon right (or permit/deny) to use for unmapped PAM service names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:245 +#: src/config/SSSDConfig/__init__.py.in:246 msgid "a particular site to be used by the client" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:246 +#: src/config/SSSDConfig/__init__.py.in:247 msgid "" "Maximum age in days before the machine account password should be renewed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:247 +#: src/config/SSSDConfig/__init__.py.in:248 msgid "Option for tuning the machine account renewal task" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:250 #: src/config/SSSDConfig/__init__.py.in:251 +#: src/config/SSSDConfig/__init__.py.in:252 msgid "Kerberos server address" msgstr "Indirizzo del server Kerberos" -#: src/config/SSSDConfig/__init__.py.in:252 +#: src/config/SSSDConfig/__init__.py.in:253 msgid "Kerberos backup server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:253 +#: src/config/SSSDConfig/__init__.py.in:254 msgid "Kerberos realm" msgstr "Realm Kerberos" -#: src/config/SSSDConfig/__init__.py.in:254 +#: src/config/SSSDConfig/__init__.py.in:255 msgid "Authentication timeout" msgstr "Timeout di autenticazione" -#: src/config/SSSDConfig/__init__.py.in:255 +#: src/config/SSSDConfig/__init__.py.in:256 msgid "Whether to create kdcinfo files" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:256 +#: src/config/SSSDConfig/__init__.py.in:257 msgid "Where to drop krb5 config snippets" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:259 +#: src/config/SSSDConfig/__init__.py.in:260 msgid "Directory to store credential caches" msgstr "Directory in cui salvare le credenziali" -#: src/config/SSSDConfig/__init__.py.in:260 +#: src/config/SSSDConfig/__init__.py.in:261 msgid "Location of the user's credential cache" msgstr "Percorso della cache delle credenziali utente" -#: src/config/SSSDConfig/__init__.py.in:261 +#: src/config/SSSDConfig/__init__.py.in:262 msgid "Location of the keytab to validate credentials" msgstr "Percorso del keytab per la validazione delle credenziali" -#: src/config/SSSDConfig/__init__.py.in:262 +#: src/config/SSSDConfig/__init__.py.in:263 msgid "Enable credential validation" msgstr "Abilita la validazione delle credenziali" -#: src/config/SSSDConfig/__init__.py.in:263 +#: src/config/SSSDConfig/__init__.py.in:264 msgid "Store password if offline for later online authentication" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:264 +#: src/config/SSSDConfig/__init__.py.in:265 msgid "Renewable lifetime of the TGT" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:265 +#: src/config/SSSDConfig/__init__.py.in:266 msgid "Lifetime of the TGT" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:266 +#: src/config/SSSDConfig/__init__.py.in:267 msgid "Time between two checks for renewal" msgstr "Intervallo di tempo tra due controlli di rinnovo" -#: src/config/SSSDConfig/__init__.py.in:267 +#: src/config/SSSDConfig/__init__.py.in:268 msgid "Enables FAST" msgstr "Abilita FAST" -#: src/config/SSSDConfig/__init__.py.in:268 +#: src/config/SSSDConfig/__init__.py.in:269 msgid "Selects the principal to use for FAST" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:269 +#: src/config/SSSDConfig/__init__.py.in:270 msgid "Enables principal canonicalization" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:270 +#: src/config/SSSDConfig/__init__.py.in:271 msgid "Enables enterprise principals" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:271 -msgid "A mapping from user names to kerberos principal names" +#: src/config/SSSDConfig/__init__.py.in:272 +msgid "A mapping from user names to Kerberos principal names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:274 #: src/config/SSSDConfig/__init__.py.in:275 +#: src/config/SSSDConfig/__init__.py.in:276 msgid "Server where the change password service is running if not on the KDC" msgstr "" "Server dove viene eseguito il servizio di cambio password, se non nel KDC" -#: src/config/SSSDConfig/__init__.py.in:278 +#: src/config/SSSDConfig/__init__.py.in:279 msgid "ldap_uri, The URI of the LDAP server" msgstr "ldap_uri, l'indirizzo del server LDAP" -#: src/config/SSSDConfig/__init__.py.in:279 +#: src/config/SSSDConfig/__init__.py.in:280 msgid "ldap_backup_uri, The URI of the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:280 +#: src/config/SSSDConfig/__init__.py.in:281 msgid "The default base DN" msgstr "Il base DN predefinito" -#: src/config/SSSDConfig/__init__.py.in:281 +#: src/config/SSSDConfig/__init__.py.in:282 msgid "The Schema Type in use on the LDAP server, rfc2307" msgstr "Lo Schema Type utilizzato dal server LDAP, rfc2307" -#: src/config/SSSDConfig/__init__.py.in:282 +#: src/config/SSSDConfig/__init__.py.in:283 msgid "The default bind DN" msgstr "Il bind DN predefinito" -#: src/config/SSSDConfig/__init__.py.in:283 +#: src/config/SSSDConfig/__init__.py.in:284 msgid "The type of the authentication token of the default bind DN" msgstr "Il tipo di token di autenticazione del bind DN predefinito" -#: src/config/SSSDConfig/__init__.py.in:284 +#: src/config/SSSDConfig/__init__.py.in:285 msgid "The authentication token of the default bind DN" msgstr "Il token di autenticazione del bind DN predefinito" -#: src/config/SSSDConfig/__init__.py.in:285 +#: src/config/SSSDConfig/__init__.py.in:286 msgid "Length of time to attempt connection" msgstr "Durata del tentativo di connessione" -#: src/config/SSSDConfig/__init__.py.in:286 +#: src/config/SSSDConfig/__init__.py.in:287 msgid "Length of time to attempt synchronous LDAP operations" msgstr "Durata del tentativo di esecuzione di operazioni LDAP sincrone" -#: src/config/SSSDConfig/__init__.py.in:287 +#: src/config/SSSDConfig/__init__.py.in:288 msgid "Length of time between attempts to reconnect while offline" msgstr "Durata tra tentativi di riconnessione quando offline" -#: src/config/SSSDConfig/__init__.py.in:288 +#: src/config/SSSDConfig/__init__.py.in:289 msgid "Use only the upper case for realm names" msgstr "Usare solo maiuscole per i nomi dei realm" -#: src/config/SSSDConfig/__init__.py.in:289 +#: src/config/SSSDConfig/__init__.py.in:290 msgid "File that contains CA certificates" msgstr "File contenente i certificati CA" -#: src/config/SSSDConfig/__init__.py.in:290 +#: src/config/SSSDConfig/__init__.py.in:291 msgid "Path to CA certificate directory" msgstr "Percorso della directory dei cerficati della CA" -#: src/config/SSSDConfig/__init__.py.in:291 +#: src/config/SSSDConfig/__init__.py.in:292 msgid "File that contains the client certificate" msgstr "File contenente il certificato client" -#: src/config/SSSDConfig/__init__.py.in:292 +#: src/config/SSSDConfig/__init__.py.in:293 msgid "File that contains the client key" msgstr "File contenente la chiave client" -#: src/config/SSSDConfig/__init__.py.in:293 +#: src/config/SSSDConfig/__init__.py.in:294 msgid "List of possible ciphers suites" msgstr "Lista delle possibili cipher suite" -#: src/config/SSSDConfig/__init__.py.in:294 +#: src/config/SSSDConfig/__init__.py.in:295 msgid "Require TLS certificate verification" msgstr "Richiedere la verifica del certificato TLS" -#: src/config/SSSDConfig/__init__.py.in:295 +#: src/config/SSSDConfig/__init__.py.in:296 msgid "Specify the sasl mechanism to use" msgstr "Specificare il meccanismo sasl da usare" -#: src/config/SSSDConfig/__init__.py.in:296 +#: src/config/SSSDConfig/__init__.py.in:297 msgid "Specify the sasl authorization id to use" msgstr "Specificare l'id di autorizzazione sasl da usare" -#: src/config/SSSDConfig/__init__.py.in:297 +#: src/config/SSSDConfig/__init__.py.in:298 msgid "Specify the sasl authorization realm to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:298 +#: src/config/SSSDConfig/__init__.py.in:299 msgid "Specify the minimal SSF for LDAP sasl authorization" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:299 +#: src/config/SSSDConfig/__init__.py.in:300 msgid "Kerberos service keytab" msgstr "Keytab del servizio Kerberos" -#: src/config/SSSDConfig/__init__.py.in:300 +#: src/config/SSSDConfig/__init__.py.in:301 msgid "Use Kerberos auth for LDAP connection" msgstr "Usare autorizzazione Kerberos per la connessione LDAP" -#: src/config/SSSDConfig/__init__.py.in:301 +#: src/config/SSSDConfig/__init__.py.in:302 msgid "Follow LDAP referrals" msgstr "Seguire i referral LDAP" -#: src/config/SSSDConfig/__init__.py.in:302 +#: src/config/SSSDConfig/__init__.py.in:303 msgid "Lifetime of TGT for LDAP connection" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:303 +#: src/config/SSSDConfig/__init__.py.in:304 msgid "How to dereference aliases" msgstr "Metodo di deferenziazione degli alias" -#: src/config/SSSDConfig/__init__.py.in:304 +#: src/config/SSSDConfig/__init__.py.in:305 msgid "Service name for DNS service lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:305 +#: src/config/SSSDConfig/__init__.py.in:306 msgid "The number of records to retrieve in a single LDAP query" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:306 +#: src/config/SSSDConfig/__init__.py.in:307 msgid "The number of members that must be missing to trigger a full deref" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:307 +#: src/config/SSSDConfig/__init__.py.in:308 msgid "" "Whether the LDAP library should perform a reverse lookup to canonicalize the " "host name during a SASL bind" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:309 +#: src/config/SSSDConfig/__init__.py.in:310 msgid "entryUSN attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:310 +#: src/config/SSSDConfig/__init__.py.in:311 msgid "lastUSN attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:312 +#: src/config/SSSDConfig/__init__.py.in:313 msgid "How long to retain a connection to the LDAP server before disconnecting" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:314 +#: src/config/SSSDConfig/__init__.py.in:315 msgid "Disable the LDAP paging control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:315 +#: src/config/SSSDConfig/__init__.py.in:316 msgid "Disable Active Directory range retrieval" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:318 +#: src/config/SSSDConfig/__init__.py.in:319 msgid "Length of time to wait for a search request" msgstr "Durata attesa per le richieste di ricerca" -#: src/config/SSSDConfig/__init__.py.in:319 +#: src/config/SSSDConfig/__init__.py.in:320 msgid "Length of time to wait for a enumeration request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:320 +#: src/config/SSSDConfig/__init__.py.in:321 msgid "Length of time between enumeration updates" msgstr "Durata tra gli aggiornamenti alle enumeration" -#: src/config/SSSDConfig/__init__.py.in:321 +#: src/config/SSSDConfig/__init__.py.in:322 msgid "Length of time between cache cleanups" msgstr "Intervallo di tempo per la pulizia cache" -#: src/config/SSSDConfig/__init__.py.in:322 +#: src/config/SSSDConfig/__init__.py.in:323 msgid "Require TLS for ID lookups" msgstr "Richiedere TLS per gli ID lookup" -#: src/config/SSSDConfig/__init__.py.in:323 +#: src/config/SSSDConfig/__init__.py.in:324 msgid "Use ID-mapping of objectSID instead of pre-set IDs" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:324 +#: src/config/SSSDConfig/__init__.py.in:325 msgid "Base DN for user lookups" msgstr "Base DN per i lookup utente" -#: src/config/SSSDConfig/__init__.py.in:325 +#: src/config/SSSDConfig/__init__.py.in:326 msgid "Scope of user lookups" msgstr "Ambito di applicazione dei lookup utente" -#: src/config/SSSDConfig/__init__.py.in:326 +#: src/config/SSSDConfig/__init__.py.in:327 msgid "Filter for user lookups" msgstr "Filtro per i lookup utente" -#: src/config/SSSDConfig/__init__.py.in:327 +#: src/config/SSSDConfig/__init__.py.in:328 msgid "Objectclass for users" msgstr "Objectclass per gli utenti" -#: src/config/SSSDConfig/__init__.py.in:328 +#: src/config/SSSDConfig/__init__.py.in:329 msgid "Username attribute" msgstr "Attributo del nome utente" -#: src/config/SSSDConfig/__init__.py.in:330 +#: src/config/SSSDConfig/__init__.py.in:331 msgid "UID attribute" msgstr "Attributo UID" -#: src/config/SSSDConfig/__init__.py.in:331 +#: src/config/SSSDConfig/__init__.py.in:332 msgid "Primary GID attribute" msgstr "Attributo del GID primario" -#: src/config/SSSDConfig/__init__.py.in:332 +#: src/config/SSSDConfig/__init__.py.in:333 msgid "GECOS attribute" msgstr "Attributo GECOS" -#: src/config/SSSDConfig/__init__.py.in:333 +#: src/config/SSSDConfig/__init__.py.in:334 msgid "Home directory attribute" msgstr "Attributo della home directory" -#: src/config/SSSDConfig/__init__.py.in:334 +#: src/config/SSSDConfig/__init__.py.in:335 msgid "Shell attribute" msgstr "Attributo della shell" -#: src/config/SSSDConfig/__init__.py.in:335 +#: src/config/SSSDConfig/__init__.py.in:336 msgid "UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:336 -#: src/config/SSSDConfig/__init__.py.in:378 +#: src/config/SSSDConfig/__init__.py.in:337 +#: src/config/SSSDConfig/__init__.py.in:379 msgid "objectSID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:337 +#: src/config/SSSDConfig/__init__.py.in:338 msgid "Active Directory primary group attribute for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:338 +#: src/config/SSSDConfig/__init__.py.in:339 msgid "User principal attribute (for Kerberos)" msgstr "Attributo user principal (per Kerberos)" -#: src/config/SSSDConfig/__init__.py.in:339 +#: src/config/SSSDConfig/__init__.py.in:340 msgid "Full Name" msgstr "Nome completo" -#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:341 msgid "memberOf attribute" msgstr "Attributo memberOf" -#: src/config/SSSDConfig/__init__.py.in:341 +#: src/config/SSSDConfig/__init__.py.in:342 msgid "Modification time attribute" msgstr "Attributo data di modifica" -#: src/config/SSSDConfig/__init__.py.in:343 +#: src/config/SSSDConfig/__init__.py.in:344 msgid "shadowLastChange attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:344 +#: src/config/SSSDConfig/__init__.py.in:345 msgid "shadowMin attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:345 +#: src/config/SSSDConfig/__init__.py.in:346 msgid "shadowMax attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:346 +#: src/config/SSSDConfig/__init__.py.in:347 msgid "shadowWarning attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:347 +#: src/config/SSSDConfig/__init__.py.in:348 msgid "shadowInactive attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:348 +#: src/config/SSSDConfig/__init__.py.in:349 msgid "shadowExpire attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:349 +#: src/config/SSSDConfig/__init__.py.in:350 msgid "shadowFlag attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:350 +#: src/config/SSSDConfig/__init__.py.in:351 msgid "Attribute listing authorized PAM services" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:351 +#: src/config/SSSDConfig/__init__.py.in:352 msgid "Attribute listing authorized server hosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:352 +#: src/config/SSSDConfig/__init__.py.in:353 msgid "Attribute listing authorized server rhosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:353 +#: src/config/SSSDConfig/__init__.py.in:354 msgid "krbLastPwdChange attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:354 +#: src/config/SSSDConfig/__init__.py.in:355 msgid "krbPasswordExpiration attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:355 +#: src/config/SSSDConfig/__init__.py.in:356 msgid "Attribute indicating that server side password policies are active" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:356 +#: src/config/SSSDConfig/__init__.py.in:357 msgid "accountExpires attribute of AD" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:357 +#: src/config/SSSDConfig/__init__.py.in:358 msgid "userAccountControl attribute of AD" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:358 +#: src/config/SSSDConfig/__init__.py.in:359 msgid "nsAccountLock attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:359 +#: src/config/SSSDConfig/__init__.py.in:360 msgid "loginDisabled attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:360 +#: src/config/SSSDConfig/__init__.py.in:361 msgid "loginExpirationTime attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:361 +#: src/config/SSSDConfig/__init__.py.in:362 msgid "loginAllowedTimeMap attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:362 +#: src/config/SSSDConfig/__init__.py.in:363 msgid "SSH public key attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:363 +#: src/config/SSSDConfig/__init__.py.in:364 msgid "attribute listing allowed authentication types for a user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:364 +#: src/config/SSSDConfig/__init__.py.in:365 msgid "attribute containing the X509 certificate of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:365 +#: src/config/SSSDConfig/__init__.py.in:366 msgid "attribute containing the email address of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:367 +#: src/config/SSSDConfig/__init__.py.in:368 msgid "A list of extra attributes to download along with the user entry" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:369 +#: src/config/SSSDConfig/__init__.py.in:370 msgid "Base DN for group lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:372 +#: src/config/SSSDConfig/__init__.py.in:373 msgid "Objectclass for groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:373 +#: src/config/SSSDConfig/__init__.py.in:374 msgid "Group name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:374 +#: src/config/SSSDConfig/__init__.py.in:375 msgid "Group password" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:375 +#: src/config/SSSDConfig/__init__.py.in:376 msgid "GID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:376 +#: src/config/SSSDConfig/__init__.py.in:377 msgid "Group member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:377 +#: src/config/SSSDConfig/__init__.py.in:378 msgid "Group UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:379 +#: src/config/SSSDConfig/__init__.py.in:380 msgid "Modification time attribute for groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:380 +#: src/config/SSSDConfig/__init__.py.in:381 msgid "Type of the group and other flags" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:381 +#: src/config/SSSDConfig/__init__.py.in:382 msgid "The LDAP group external member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:383 -msgid "Maximum nesting level SSSd will follow" +#: src/config/SSSDConfig/__init__.py.in:384 +msgid "Maximum nesting level SSSD will follow" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:385 +#: src/config/SSSDConfig/__init__.py.in:386 msgid "Base DN for netgroup lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:386 +#: src/config/SSSDConfig/__init__.py.in:387 msgid "Objectclass for netgroups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:387 +#: src/config/SSSDConfig/__init__.py.in:388 msgid "Netgroup name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:388 +#: src/config/SSSDConfig/__init__.py.in:389 msgid "Netgroups members attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:389 +#: src/config/SSSDConfig/__init__.py.in:390 msgid "Netgroup triple attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:390 +#: src/config/SSSDConfig/__init__.py.in:391 msgid "Modification time attribute for netgroups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:392 +#: src/config/SSSDConfig/__init__.py.in:393 msgid "Base DN for service lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:393 +#: src/config/SSSDConfig/__init__.py.in:394 msgid "Objectclass for services" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:394 +#: src/config/SSSDConfig/__init__.py.in:395 msgid "Service name attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:395 +#: src/config/SSSDConfig/__init__.py.in:396 msgid "Service port attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:396 +#: src/config/SSSDConfig/__init__.py.in:397 msgid "Service protocol attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:399 +#: src/config/SSSDConfig/__init__.py.in:400 msgid "Lower bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:400 +#: src/config/SSSDConfig/__init__.py.in:401 msgid "Upper bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:401 +#: src/config/SSSDConfig/__init__.py.in:402 msgid "Number of IDs for each slice when ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:402 +#: src/config/SSSDConfig/__init__.py.in:403 msgid "Use autorid-compatible algorithm for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:403 +#: src/config/SSSDConfig/__init__.py.in:404 msgid "Name of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:404 +#: src/config/SSSDConfig/__init__.py.in:405 msgid "SID of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:405 +#: src/config/SSSDConfig/__init__.py.in:406 msgid "Number of secondary slices" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:407 +#: src/config/SSSDConfig/__init__.py.in:408 msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:408 +#: src/config/SSSDConfig/__init__.py.in:409 msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:409 +#: src/config/SSSDConfig/__init__.py.in:410 msgid "Whether to use Token-Groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:410 +#: src/config/SSSDConfig/__init__.py.in:411 msgid "Set lower boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:411 +#: src/config/SSSDConfig/__init__.py.in:412 msgid "Set upper boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:412 +#: src/config/SSSDConfig/__init__.py.in:413 msgid "DN for ppolicy queries" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:413 +#: src/config/SSSDConfig/__init__.py.in:414 msgid "How many maximum entries to fetch during a wildcard request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:416 +#: src/config/SSSDConfig/__init__.py.in:417 msgid "Policy to evaluate the password expiration" msgstr "Politica per controllare la scadenza della password" -#: src/config/SSSDConfig/__init__.py.in:420 +#: src/config/SSSDConfig/__init__.py.in:421 msgid "Which attributes shall be used to evaluate if an account is expired" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:421 +#: src/config/SSSDConfig/__init__.py.in:422 msgid "Which rules should be used to evaluate access control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:424 +#: src/config/SSSDConfig/__init__.py.in:425 msgid "URI of an LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:425 +#: src/config/SSSDConfig/__init__.py.in:426 msgid "URI of a backup LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:426 +#: src/config/SSSDConfig/__init__.py.in:427 msgid "DNS service name for LDAP password change server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:427 +#: src/config/SSSDConfig/__init__.py.in:428 msgid "" "Whether to update the ldap_user_shadow_last_change attribute after a " "password change" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:430 +#: src/config/SSSDConfig/__init__.py.in:431 msgid "Base DN for sudo rules lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:431 +#: src/config/SSSDConfig/__init__.py.in:432 msgid "Automatic full refresh period" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:432 +#: src/config/SSSDConfig/__init__.py.in:433 msgid "Automatic smart refresh period" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:433 +#: src/config/SSSDConfig/__init__.py.in:434 msgid "Whether to filter rules by hostname, IP addresses and network" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:434 +#: src/config/SSSDConfig/__init__.py.in:435 msgid "" "Hostnames and/or fully qualified domain names of this machine to filter sudo " "rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:435 +#: src/config/SSSDConfig/__init__.py.in:436 msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:436 +#: src/config/SSSDConfig/__init__.py.in:437 msgid "Whether to include rules that contains netgroup in host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:437 +#: src/config/SSSDConfig/__init__.py.in:438 msgid "" "Whether to include rules that contains regular expression in host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:438 +#: src/config/SSSDConfig/__init__.py.in:439 msgid "Object class for sudo rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:439 +#: src/config/SSSDConfig/__init__.py.in:440 msgid "Sudo rule name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:440 +#: src/config/SSSDConfig/__init__.py.in:441 msgid "Sudo rule command attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:441 +#: src/config/SSSDConfig/__init__.py.in:442 msgid "Sudo rule host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:442 +#: src/config/SSSDConfig/__init__.py.in:443 msgid "Sudo rule user attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:443 +#: src/config/SSSDConfig/__init__.py.in:444 msgid "Sudo rule option attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:444 +#: src/config/SSSDConfig/__init__.py.in:445 msgid "Sudo rule runas attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:445 +#: src/config/SSSDConfig/__init__.py.in:446 msgid "Sudo rule runasuser attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:446 +#: src/config/SSSDConfig/__init__.py.in:447 msgid "Sudo rule runasgroup attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:447 +#: src/config/SSSDConfig/__init__.py.in:448 msgid "Sudo rule notbefore attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:448 +#: src/config/SSSDConfig/__init__.py.in:449 msgid "Sudo rule notafter attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:449 +#: src/config/SSSDConfig/__init__.py.in:450 msgid "Sudo rule order attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:452 +#: src/config/SSSDConfig/__init__.py.in:453 msgid "Object class for automounter maps" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:453 +#: src/config/SSSDConfig/__init__.py.in:454 msgid "Automounter map name attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:454 +#: src/config/SSSDConfig/__init__.py.in:455 msgid "Object class for automounter map entries" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:455 +#: src/config/SSSDConfig/__init__.py.in:456 msgid "Automounter map entry key attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:456 +#: src/config/SSSDConfig/__init__.py.in:457 msgid "Automounter map entry value attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:457 +#: src/config/SSSDConfig/__init__.py.in:458 msgid "Base DN for automounter map lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:460 +#: src/config/SSSDConfig/__init__.py.in:461 msgid "Comma separated list of allowed users" msgstr "Lista separata da virgola degli utenti abilitati" -#: src/config/SSSDConfig/__init__.py.in:461 +#: src/config/SSSDConfig/__init__.py.in:462 msgid "Comma separated list of prohibited users" msgstr "Lista separata da virgola degli utenti non abilitati" -#: src/config/SSSDConfig/__init__.py.in:464 +#: src/config/SSSDConfig/__init__.py.in:465 msgid "Default shell, /bin/bash" msgstr "Shell predefinita, /bin/bash" -#: src/config/SSSDConfig/__init__.py.in:465 +#: src/config/SSSDConfig/__init__.py.in:466 msgid "Base for home directories" msgstr "Base delle home directory" -#: src/config/SSSDConfig/__init__.py.in:468 +#: src/config/SSSDConfig/__init__.py.in:469 msgid "The number of preforked proxy children." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:471 +#: src/config/SSSDConfig/__init__.py.in:472 msgid "The name of the NSS library to use" msgstr "Il nome della libreria NSS da usare" -#: src/config/SSSDConfig/__init__.py.in:472 +#: src/config/SSSDConfig/__init__.py.in:473 msgid "Whether to look up canonical group name from cache if possible" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:475 +#: src/config/SSSDConfig/__init__.py.in:476 msgid "PAM stack to use" msgstr "Stack PAM da usare" -#: src/monitor/monitor.c:2469 +#: src/monitor/monitor.c:2449 msgid "Become a daemon (default)" msgstr "Esegui come demone (default)" -#: src/monitor/monitor.c:2471 +#: src/monitor/monitor.c:2451 msgid "Run interactive (not a daemon)" msgstr "Esegui interattivamente (non come demone)" -#: src/monitor/monitor.c:2474 +#: src/monitor/monitor.c:2454 msgid "Disable netlink interface" msgstr "" -#: src/monitor/monitor.c:2476 src/tools/sssctl/sssctl_logs.c:311 +#: src/monitor/monitor.c:2456 src/tools/sssctl/sssctl_logs.c:311 msgid "Specify a non-default config file" msgstr "Specificare un file di configurazione specifico" -#: src/monitor/monitor.c:2478 +#: src/monitor/monitor.c:2458 msgid "Refresh the configuration database, then exit" msgstr "" -#: src/monitor/monitor.c:2481 +#: src/monitor/monitor.c:2461 msgid "Print version number and exit" msgstr "" -#: src/monitor/monitor.c:2645 +#: src/monitor/monitor.c:2627 msgid "SSSD is already running\n" msgstr "" -#: src/providers/krb5/krb5_child.c:3032 src/providers/ldap/ldap_child.c:616 +#: src/providers/krb5/krb5_child.c:3216 src/providers/ldap/ldap_child.c:617 msgid "Debug level" msgstr "Livello debug" -#: src/providers/krb5/krb5_child.c:3034 src/providers/ldap/ldap_child.c:618 +#: src/providers/krb5/krb5_child.c:3218 src/providers/ldap/ldap_child.c:619 msgid "Add debug timestamps" msgstr "Includi timestamp di debug" -#: src/providers/krb5/krb5_child.c:3036 src/providers/ldap/ldap_child.c:620 +#: src/providers/krb5/krb5_child.c:3220 src/providers/ldap/ldap_child.c:621 msgid "Show timestamps with microseconds" msgstr "" -#: src/providers/krb5/krb5_child.c:3038 src/providers/ldap/ldap_child.c:622 +#: src/providers/krb5/krb5_child.c:3222 src/providers/ldap/ldap_child.c:623 msgid "An open file descriptor for the debug logs" msgstr "Un descrittore di file aperto per l'output di debug" -#: src/providers/krb5/krb5_child.c:3041 src/providers/ldap/ldap_child.c:624 +#: src/providers/krb5/krb5_child.c:3225 src/providers/ldap/ldap_child.c:625 msgid "Send the debug output to stderr directly." msgstr "" -#: src/providers/krb5/krb5_child.c:3043 +#: src/providers/krb5/krb5_child.c:3228 msgid "The user to create FAST ccache as" msgstr "" -#: src/providers/krb5/krb5_child.c:3045 +#: src/providers/krb5/krb5_child.c:3230 msgid "The group to create FAST ccache as" msgstr "" -#: src/providers/krb5/krb5_child.c:3047 +#: src/providers/krb5/krb5_child.c:3232 msgid "Kerberos realm to use" msgstr "" -#: src/providers/krb5/krb5_child.c:3049 +#: src/providers/krb5/krb5_child.c:3234 msgid "Requested lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:3051 +#: src/providers/krb5/krb5_child.c:3236 msgid "Requested renewable lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:3053 +#: src/providers/krb5/krb5_child.c:3238 msgid "FAST options ('never', 'try', 'demand')" msgstr "" -#: src/providers/krb5/krb5_child.c:3056 +#: src/providers/krb5/krb5_child.c:3241 msgid "Specifies the server principal to use for FAST" msgstr "" -#: src/providers/krb5/krb5_child.c:3058 +#: src/providers/krb5/krb5_child.c:3243 msgid "Requests canonicalization of the principal name" msgstr "" -#: src/providers/data_provider_be.c:553 +#: src/providers/krb5/krb5_child.c:3245 +msgid "Use custom version of krb5_get_init_creds_password" +msgstr "" + +#: src/providers/data_provider_be.c:555 msgid "Domain of the information provider (mandatory)" msgstr "Dominio del provider di informazioni (obbligatorio)" -#: src/sss_client/common.c:1061 +#: src/sss_client/common.c:1066 msgid "Privileged socket has wrong ownership or permissions." msgstr "Il socket privilegiato ha permessi o propritario non validi." -#: src/sss_client/common.c:1064 +#: src/sss_client/common.c:1069 msgid "Public socket has wrong ownership or permissions." msgstr "Il socket pubblico ha permessi o propritario non validi." -#: src/sss_client/common.c:1067 +#: src/sss_client/common.c:1072 msgid "Unexpected format of the server credential message." msgstr "" -#: src/sss_client/common.c:1070 +#: src/sss_client/common.c:1075 msgid "SSSD is not run by root." msgstr "SSSD non è eseguito da root." -#: src/sss_client/common.c:1075 +#: src/sss_client/common.c:1080 msgid "An error occurred, but no description can be found." msgstr "" -#: src/sss_client/common.c:1081 +#: src/sss_client/common.c:1086 msgid "Unexpected error while looking for an error description" msgstr "" -#: src/sss_client/pam_sss.c:68 +#: src/sss_client/pam_sss.c:76 msgid "Permission denied. " msgstr "" -#: src/sss_client/pam_sss.c:69 src/sss_client/pam_sss.c:746 -#: src/sss_client/pam_sss.c:757 +#: src/sss_client/pam_sss.c:77 src/sss_client/pam_sss.c:782 +#: src/sss_client/pam_sss.c:793 msgid "Server message: " msgstr "Messaggio del server:" -#: src/sss_client/pam_sss.c:264 +#: src/sss_client/pam_sss.c:300 msgid "Passwords do not match" msgstr "Le password non coincidono" -#: src/sss_client/pam_sss.c:452 +#: src/sss_client/pam_sss.c:488 msgid "Password reset by root is not supported." msgstr "" -#: src/sss_client/pam_sss.c:493 +#: src/sss_client/pam_sss.c:529 msgid "Authenticated with cached credentials" msgstr "Autenticato con le credenziali nella cache" -#: src/sss_client/pam_sss.c:494 +#: src/sss_client/pam_sss.c:530 msgid ", your cached password will expire at: " msgstr ", la password in cache scadrà il: " -#: src/sss_client/pam_sss.c:524 +#: src/sss_client/pam_sss.c:560 #, c-format msgid "Your password has expired. You have %1$d grace login(s) remaining." msgstr "" -#: src/sss_client/pam_sss.c:570 +#: src/sss_client/pam_sss.c:606 #, c-format msgid "Your password will expire in %1$d %2$s." msgstr "" -#: src/sss_client/pam_sss.c:619 +#: src/sss_client/pam_sss.c:655 msgid "Authentication is denied until: " msgstr "L'autenticazione verrà negata fino al: " -#: src/sss_client/pam_sss.c:640 +#: src/sss_client/pam_sss.c:676 msgid "System is offline, password change not possible" msgstr "Il sistema è offline, non è possibile richiedere un cambio password" -#: src/sss_client/pam_sss.c:655 +#: src/sss_client/pam_sss.c:691 msgid "" "After changing the OTP password, you need to log out and back in order to " "acquire a ticket" msgstr "" -#: src/sss_client/pam_sss.c:743 src/sss_client/pam_sss.c:756 +#: src/sss_client/pam_sss.c:779 src/sss_client/pam_sss.c:792 msgid "Password change failed. " msgstr "Cambio password fallito." -#: src/sss_client/pam_sss.c:1670 +#: src/sss_client/pam_sss.c:1926 msgid "New Password: " msgstr "Nuova password: " -#: src/sss_client/pam_sss.c:1671 +#: src/sss_client/pam_sss.c:1927 msgid "Reenter new Password: " msgstr "Conferma nuova password: " -#: src/sss_client/pam_sss.c:1783 src/sss_client/pam_sss.c:1786 +#: src/sss_client/pam_sss.c:2039 src/sss_client/pam_sss.c:2042 msgid "First Factor: " msgstr "" -#: src/sss_client/pam_sss.c:1784 +#: src/sss_client/pam_sss.c:2040 src/sss_client/pam_sss.c:2202 msgid "Second Factor (optional): " msgstr "" -#: src/sss_client/pam_sss.c:1787 +#: src/sss_client/pam_sss.c:2043 src/sss_client/pam_sss.c:2205 msgid "Second Factor: " msgstr "" -#: src/sss_client/pam_sss.c:1792 +#: src/sss_client/pam_sss.c:2058 msgid "Password: " msgstr "Password: " -#: src/sss_client/pam_sss.c:1832 +#: src/sss_client/pam_sss.c:2201 src/sss_client/pam_sss.c:2204 +#, fuzzy +msgid "First Factor (Current Password): " +msgstr "Password corrente: " + +#: src/sss_client/pam_sss.c:2208 msgid "Current Password: " msgstr "Password corrente: " -#: src/sss_client/pam_sss.c:2098 +#: src/sss_client/pam_sss.c:2536 msgid "Password expired. Change your password now." msgstr "Password scaduta. Cambiare la password ora." @@ -2311,38 +2324,38 @@ msgstr "" msgid "Cached in InfoPipe" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:511 +#: src/tools/sssctl/sssctl_cache.c:512 #, c-format msgid "Error: Unable to get object [%d]: %s\n" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:527 +#: src/tools/sssctl/sssctl_cache.c:528 #, c-format msgid "%s: Unable to read value [%d]: %s\n" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:555 +#: src/tools/sssctl/sssctl_cache.c:556 msgid "Specify name." msgstr "" -#: src/tools/sssctl/sssctl_cache.c:565 +#: src/tools/sssctl/sssctl_cache.c:566 #, c-format msgid "Unable to parse name %s.\n" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:591 src/tools/sssctl/sssctl_cache.c:638 +#: src/tools/sssctl/sssctl_cache.c:592 src/tools/sssctl/sssctl_cache.c:639 msgid "Search by SID" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:592 +#: src/tools/sssctl/sssctl_cache.c:593 msgid "Search by user ID" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:601 +#: src/tools/sssctl/sssctl_cache.c:602 msgid "Initgroups expiration time" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:639 +#: src/tools/sssctl/sssctl_cache.c:640 msgid "Search by group ID" msgstr "" @@ -2380,7 +2393,7 @@ msgid "Unable to create backup directory [%d]: %s" msgstr "" #: src/tools/sssctl/sssctl_data.c:95 -msgid "SSSD backup of local data already exist, override?" +msgid "SSSD backup of local data already exists, override?" msgstr "" #: src/tools/sssctl/sssctl_data.c:111 diff --git a/po/ja.po b/po/ja.po index c9d17f999d4..8d078aa8342 100644 --- a/po/ja.po +++ b/po/ja.po @@ -9,7 +9,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2017-10-20 16:16+0200\n" +"POT-Creation-Date: 2018-03-09 12:31+0100\n" "PO-Revision-Date: 2016-08-18 08:06-0400\n" "Last-Translator: Noriko Mizumoto \n" "Language-Team: Japanese (http://www.transifex.com/projects/p/sssd/language/" @@ -501,12 +501,12 @@ msgid "Whether to automatically update the client's DNS entry" msgstr "自動的にクライアントの DNS エントリーを更新するかどうか" #: src/config/SSSDConfig/__init__.py.in:184 -#: src/config/SSSDConfig/__init__.py.in:205 +#: src/config/SSSDConfig/__init__.py.in:206 msgid "The TTL to apply to the client's DNS entry after updating it" msgstr "クライアントの DNS 項目を更新後、適用する TTL" #: src/config/SSSDConfig/__init__.py.in:185 -#: src/config/SSSDConfig/__init__.py.in:206 +#: src/config/SSSDConfig/__init__.py.in:207 msgid "The interface whose IP should be used for dynamic DNS updates" msgstr "動的 DNS 更新のために使用される IP のインターフェース" @@ -551,400 +551,405 @@ msgstr "" msgid "How long can cached credentials be used for cached authentication" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:200 +#: src/config/SSSDConfig/__init__.py.in:198 +#, fuzzy +msgid "Whether to automatically create private groups for users" +msgstr "自動的にクライアントの DNS エントリーを更新するかどうか" + +#: src/config/SSSDConfig/__init__.py.in:201 msgid "IPA domain" msgstr "IPA ドメイン" -#: src/config/SSSDConfig/__init__.py.in:201 +#: src/config/SSSDConfig/__init__.py.in:202 msgid "IPA server address" msgstr "IPA サーバーのアドレス" -#: src/config/SSSDConfig/__init__.py.in:202 +#: src/config/SSSDConfig/__init__.py.in:203 msgid "Address of backup IPA server" msgstr "バックアップ IPA サーバーのアドレス" -#: src/config/SSSDConfig/__init__.py.in:203 +#: src/config/SSSDConfig/__init__.py.in:204 msgid "IPA client hostname" msgstr "IPA クライアントのホスト名" -#: src/config/SSSDConfig/__init__.py.in:204 +#: src/config/SSSDConfig/__init__.py.in:205 msgid "Whether to automatically update the client's DNS entry in FreeIPA" msgstr "FreeIPA にあるクライアントの DNS エントリーを自動的に更新するかどうか" -#: src/config/SSSDConfig/__init__.py.in:207 +#: src/config/SSSDConfig/__init__.py.in:208 msgid "Search base for HBAC related objects" msgstr "HBAC 関連オブジェクトの検索ベース" -#: src/config/SSSDConfig/__init__.py.in:208 +#: src/config/SSSDConfig/__init__.py.in:209 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server" msgstr "IPA サーバーに対する HBAC ルールを検索している間の合計時間" -#: src/config/SSSDConfig/__init__.py.in:209 +#: src/config/SSSDConfig/__init__.py.in:210 msgid "" "The amount of time in seconds between lookups of the SELinux maps against " "the IPA server" msgstr "IPA サーバーに対する SELinux マップの検索の間の秒単位の合計時間" -#: src/config/SSSDConfig/__init__.py.in:210 +#: src/config/SSSDConfig/__init__.py.in:211 msgid "If set to false, host argument given by PAM will be ignored" msgstr "もし偽に設定されていると、 PAM により渡されたホスト引数は無視されます" -#: src/config/SSSDConfig/__init__.py.in:211 +#: src/config/SSSDConfig/__init__.py.in:212 msgid "The automounter location this IPA client is using" msgstr "この IPA クライアントが使用している automounter の場所" -#: src/config/SSSDConfig/__init__.py.in:212 +#: src/config/SSSDConfig/__init__.py.in:213 msgid "Search base for object containing info about IPA domain" msgstr "IPA ドメインに関する情報を含むオブジェクトに対する検索ベース" -#: src/config/SSSDConfig/__init__.py.in:213 +#: src/config/SSSDConfig/__init__.py.in:214 msgid "Search base for objects containing info about ID ranges" msgstr "ID 範囲に関する情報を含むオブジェクトに対する検索ベース" -#: src/config/SSSDConfig/__init__.py.in:214 -#: src/config/SSSDConfig/__init__.py.in:232 +#: src/config/SSSDConfig/__init__.py.in:215 +#: src/config/SSSDConfig/__init__.py.in:233 msgid "Enable DNS sites - location based service discovery" msgstr "DNS サイトの有効化 - 位置にサービス探索" -#: src/config/SSSDConfig/__init__.py.in:215 +#: src/config/SSSDConfig/__init__.py.in:216 msgid "Search base for view containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:216 +#: src/config/SSSDConfig/__init__.py.in:217 msgid "Objectclass for view containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:217 +#: src/config/SSSDConfig/__init__.py.in:218 msgid "Attribute with the name of the view" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:218 +#: src/config/SSSDConfig/__init__.py.in:219 msgid "Objectclass for override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:219 +#: src/config/SSSDConfig/__init__.py.in:220 msgid "Attribute with the reference to the original object" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:220 +#: src/config/SSSDConfig/__init__.py.in:221 msgid "Objectclass for user override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:221 +#: src/config/SSSDConfig/__init__.py.in:222 msgid "Objectclass for group override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:222 +#: src/config/SSSDConfig/__init__.py.in:223 #, fuzzy msgid "Search base for Desktop Profile related objects" msgstr "HBAC 関連オブジェクトの検索ベース" -#: src/config/SSSDConfig/__init__.py.in:223 +#: src/config/SSSDConfig/__init__.py.in:224 #, fuzzy msgid "" "The amount of time in seconds between lookups of the Desktop Profile rules " "against the IPA server" msgstr "IPA サーバーに対する SELinux マップの検索の間の秒単位の合計時間" -#: src/config/SSSDConfig/__init__.py.in:224 +#: src/config/SSSDConfig/__init__.py.in:225 #, fuzzy msgid "" "The amount of time in minutes between lookups of Desktop Profiles rules " "against the IPA server when the last request did not find any rule" msgstr "IPA サーバーに対する HBAC ルールを検索している間の合計時間" -#: src/config/SSSDConfig/__init__.py.in:227 +#: src/config/SSSDConfig/__init__.py.in:228 msgid "Active Directory domain" msgstr "Active Directory ドメイン" -#: src/config/SSSDConfig/__init__.py.in:228 +#: src/config/SSSDConfig/__init__.py.in:229 msgid "Enabled Active Directory domains" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:229 +#: src/config/SSSDConfig/__init__.py.in:230 msgid "Active Directory server address" msgstr "Active Directory サーバーアドレス" -#: src/config/SSSDConfig/__init__.py.in:230 +#: src/config/SSSDConfig/__init__.py.in:231 msgid "Active Directory backup server address" msgstr "Active Directory バックアップサーバーのアドレス" -#: src/config/SSSDConfig/__init__.py.in:231 +#: src/config/SSSDConfig/__init__.py.in:232 msgid "Active Directory client hostname" msgstr "Active Directory クライアントホスト名" -#: src/config/SSSDConfig/__init__.py.in:233 -#: src/config/SSSDConfig/__init__.py.in:419 +#: src/config/SSSDConfig/__init__.py.in:234 +#: src/config/SSSDConfig/__init__.py.in:420 msgid "LDAP filter to determine access privileges" msgstr "アクセス権限を決めるための LDAP フィルター" -#: src/config/SSSDConfig/__init__.py.in:234 +#: src/config/SSSDConfig/__init__.py.in:235 msgid "Whether to use the Global Catalog for lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:235 +#: src/config/SSSDConfig/__init__.py.in:236 msgid "Operation mode for GPO-based access control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:236 +#: src/config/SSSDConfig/__init__.py.in:237 msgid "" "The amount of time between lookups of the GPO policy files against the AD " "server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:237 +#: src/config/SSSDConfig/__init__.py.in:238 msgid "" "PAM service names that map to the GPO (Deny)InteractiveLogonRight policy " "settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:238 +#: src/config/SSSDConfig/__init__.py.in:239 msgid "" "PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight " "policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:239 +#: src/config/SSSDConfig/__init__.py.in:240 msgid "" "PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:240 +#: src/config/SSSDConfig/__init__.py.in:241 msgid "" "PAM service names that map to the GPO (Deny)BatchLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:241 +#: src/config/SSSDConfig/__init__.py.in:242 msgid "" "PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:242 +#: src/config/SSSDConfig/__init__.py.in:243 msgid "PAM service names for which GPO-based access is always granted" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:243 +#: src/config/SSSDConfig/__init__.py.in:244 msgid "PAM service names for which GPO-based access is always denied" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:244 +#: src/config/SSSDConfig/__init__.py.in:245 msgid "" "Default logon right (or permit/deny) to use for unmapped PAM service names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:245 +#: src/config/SSSDConfig/__init__.py.in:246 msgid "a particular site to be used by the client" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:246 +#: src/config/SSSDConfig/__init__.py.in:247 msgid "" "Maximum age in days before the machine account password should be renewed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:247 +#: src/config/SSSDConfig/__init__.py.in:248 msgid "Option for tuning the machine account renewal task" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:250 #: src/config/SSSDConfig/__init__.py.in:251 +#: src/config/SSSDConfig/__init__.py.in:252 msgid "Kerberos server address" msgstr "Kerberos サーバーのアドレス" -#: src/config/SSSDConfig/__init__.py.in:252 +#: src/config/SSSDConfig/__init__.py.in:253 msgid "Kerberos backup server address" msgstr "Kerberos バックアップサーバーのアドレス" -#: src/config/SSSDConfig/__init__.py.in:253 +#: src/config/SSSDConfig/__init__.py.in:254 msgid "Kerberos realm" msgstr "Kerberos レルム" -#: src/config/SSSDConfig/__init__.py.in:254 +#: src/config/SSSDConfig/__init__.py.in:255 msgid "Authentication timeout" msgstr "認証のタイムアウト" -#: src/config/SSSDConfig/__init__.py.in:255 +#: src/config/SSSDConfig/__init__.py.in:256 msgid "Whether to create kdcinfo files" msgstr "kdcinfo ファイルを作成するかどうか" -#: src/config/SSSDConfig/__init__.py.in:256 +#: src/config/SSSDConfig/__init__.py.in:257 msgid "Where to drop krb5 config snippets" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:259 +#: src/config/SSSDConfig/__init__.py.in:260 msgid "Directory to store credential caches" msgstr "クレディンシャルのキャッシュを保存するディレクトリー" -#: src/config/SSSDConfig/__init__.py.in:260 +#: src/config/SSSDConfig/__init__.py.in:261 msgid "Location of the user's credential cache" msgstr "ユーザーのクレディンシャルキャッシュの位置" -#: src/config/SSSDConfig/__init__.py.in:261 +#: src/config/SSSDConfig/__init__.py.in:262 msgid "Location of the keytab to validate credentials" msgstr "クレディンシャルを検証するキーテーブルの場所" -#: src/config/SSSDConfig/__init__.py.in:262 +#: src/config/SSSDConfig/__init__.py.in:263 msgid "Enable credential validation" msgstr "クレディンシャルの検証を有効にする" -#: src/config/SSSDConfig/__init__.py.in:263 +#: src/config/SSSDConfig/__init__.py.in:264 msgid "Store password if offline for later online authentication" msgstr "後からオンライン認証するためにオフラインの場合にパスワードを保存します" -#: src/config/SSSDConfig/__init__.py.in:264 +#: src/config/SSSDConfig/__init__.py.in:265 msgid "Renewable lifetime of the TGT" msgstr "更新可能な TGT の有効期間" -#: src/config/SSSDConfig/__init__.py.in:265 +#: src/config/SSSDConfig/__init__.py.in:266 msgid "Lifetime of the TGT" msgstr "TGT の有効期間" -#: src/config/SSSDConfig/__init__.py.in:266 +#: src/config/SSSDConfig/__init__.py.in:267 msgid "Time between two checks for renewal" msgstr "更新を確認する間隔" -#: src/config/SSSDConfig/__init__.py.in:267 +#: src/config/SSSDConfig/__init__.py.in:268 msgid "Enables FAST" msgstr "FAST を有効にする" -#: src/config/SSSDConfig/__init__.py.in:268 +#: src/config/SSSDConfig/__init__.py.in:269 msgid "Selects the principal to use for FAST" msgstr "FAST に使用するプリンシパルを選択する" -#: src/config/SSSDConfig/__init__.py.in:269 +#: src/config/SSSDConfig/__init__.py.in:270 msgid "Enables principal canonicalization" msgstr "プリンシパル正規化を有効にする" -#: src/config/SSSDConfig/__init__.py.in:270 +#: src/config/SSSDConfig/__init__.py.in:271 msgid "Enables enterprise principals" msgstr "エンタープライズ・プリンシパルの有効化" -#: src/config/SSSDConfig/__init__.py.in:271 -msgid "A mapping from user names to kerberos principal names" +#: src/config/SSSDConfig/__init__.py.in:272 +msgid "A mapping from user names to Kerberos principal names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:274 #: src/config/SSSDConfig/__init__.py.in:275 +#: src/config/SSSDConfig/__init__.py.in:276 msgid "Server where the change password service is running if not on the KDC" msgstr "KDC になければ、パスワード変更サービスが実行されているサーバー" -#: src/config/SSSDConfig/__init__.py.in:278 +#: src/config/SSSDConfig/__init__.py.in:279 msgid "ldap_uri, The URI of the LDAP server" msgstr "ldap_uri, LDAP サーバーの URI" -#: src/config/SSSDConfig/__init__.py.in:279 +#: src/config/SSSDConfig/__init__.py.in:280 msgid "ldap_backup_uri, The URI of the LDAP server" msgstr "ldap_backup_uri, LDAP サーバーの URI" -#: src/config/SSSDConfig/__init__.py.in:280 +#: src/config/SSSDConfig/__init__.py.in:281 msgid "The default base DN" msgstr "デフォルトのベース DN" -#: src/config/SSSDConfig/__init__.py.in:281 +#: src/config/SSSDConfig/__init__.py.in:282 msgid "The Schema Type in use on the LDAP server, rfc2307" msgstr "LDAP サーバーにおいて使用中のスキーマ形式, rfc2307" -#: src/config/SSSDConfig/__init__.py.in:282 +#: src/config/SSSDConfig/__init__.py.in:283 msgid "The default bind DN" msgstr "デフォルトのバインド DN" -#: src/config/SSSDConfig/__init__.py.in:283 +#: src/config/SSSDConfig/__init__.py.in:284 msgid "The type of the authentication token of the default bind DN" msgstr "デフォルトのバインド DN の認証トークンの種類" -#: src/config/SSSDConfig/__init__.py.in:284 +#: src/config/SSSDConfig/__init__.py.in:285 msgid "The authentication token of the default bind DN" msgstr "デフォルトのバインド DN の認証トークン" -#: src/config/SSSDConfig/__init__.py.in:285 +#: src/config/SSSDConfig/__init__.py.in:286 msgid "Length of time to attempt connection" msgstr "接続を試行する時間" -#: src/config/SSSDConfig/__init__.py.in:286 +#: src/config/SSSDConfig/__init__.py.in:287 msgid "Length of time to attempt synchronous LDAP operations" msgstr "LDAP 同期操作を試行する時間" -#: src/config/SSSDConfig/__init__.py.in:287 +#: src/config/SSSDConfig/__init__.py.in:288 msgid "Length of time between attempts to reconnect while offline" msgstr "オフラインの間に再接続を試行する時間" -#: src/config/SSSDConfig/__init__.py.in:288 +#: src/config/SSSDConfig/__init__.py.in:289 msgid "Use only the upper case for realm names" msgstr "レルム名に対して大文字のみを使用する" -#: src/config/SSSDConfig/__init__.py.in:289 +#: src/config/SSSDConfig/__init__.py.in:290 msgid "File that contains CA certificates" msgstr "CA 証明書を含むファイル" -#: src/config/SSSDConfig/__init__.py.in:290 +#: src/config/SSSDConfig/__init__.py.in:291 msgid "Path to CA certificate directory" msgstr "CA 証明書のディレクトリーのパス" -#: src/config/SSSDConfig/__init__.py.in:291 +#: src/config/SSSDConfig/__init__.py.in:292 msgid "File that contains the client certificate" msgstr "クライアント証明書を含むファイル" -#: src/config/SSSDConfig/__init__.py.in:292 +#: src/config/SSSDConfig/__init__.py.in:293 msgid "File that contains the client key" msgstr "クライアントの鍵を含むファイル" -#: src/config/SSSDConfig/__init__.py.in:293 +#: src/config/SSSDConfig/__init__.py.in:294 msgid "List of possible ciphers suites" msgstr "利用可能な暗号の一覧" -#: src/config/SSSDConfig/__init__.py.in:294 +#: src/config/SSSDConfig/__init__.py.in:295 msgid "Require TLS certificate verification" msgstr "TLS 証明書の検証を要求する" -#: src/config/SSSDConfig/__init__.py.in:295 +#: src/config/SSSDConfig/__init__.py.in:296 msgid "Specify the sasl mechanism to use" msgstr "使用する SASL メカニズムを指定する" -#: src/config/SSSDConfig/__init__.py.in:296 +#: src/config/SSSDConfig/__init__.py.in:297 msgid "Specify the sasl authorization id to use" msgstr "使用する SASL 認可 ID を指定する" -#: src/config/SSSDConfig/__init__.py.in:297 +#: src/config/SSSDConfig/__init__.py.in:298 msgid "Specify the sasl authorization realm to use" msgstr "使用する SASL 認可レルムを指定する" -#: src/config/SSSDConfig/__init__.py.in:298 +#: src/config/SSSDConfig/__init__.py.in:299 msgid "Specify the minimal SSF for LDAP sasl authorization" msgstr "LDAP SASL 認可の最小 SSF を指定する" -#: src/config/SSSDConfig/__init__.py.in:299 +#: src/config/SSSDConfig/__init__.py.in:300 msgid "Kerberos service keytab" msgstr "Kerberos サービスのキーテーブル" -#: src/config/SSSDConfig/__init__.py.in:300 +#: src/config/SSSDConfig/__init__.py.in:301 msgid "Use Kerberos auth for LDAP connection" msgstr "LDAP 接続に対して Kerberos 認証を使用する" -#: src/config/SSSDConfig/__init__.py.in:301 +#: src/config/SSSDConfig/__init__.py.in:302 msgid "Follow LDAP referrals" msgstr "LDAP リフェラルにしたがう" -#: src/config/SSSDConfig/__init__.py.in:302 +#: src/config/SSSDConfig/__init__.py.in:303 msgid "Lifetime of TGT for LDAP connection" msgstr "LDAP 接続の TGT の有効期間" -#: src/config/SSSDConfig/__init__.py.in:303 +#: src/config/SSSDConfig/__init__.py.in:304 msgid "How to dereference aliases" msgstr "エイリアスを参照解決する方法" -#: src/config/SSSDConfig/__init__.py.in:304 +#: src/config/SSSDConfig/__init__.py.in:305 msgid "Service name for DNS service lookups" msgstr "DNS サービス検索のサービス名" -#: src/config/SSSDConfig/__init__.py.in:305 +#: src/config/SSSDConfig/__init__.py.in:306 msgid "The number of records to retrieve in a single LDAP query" msgstr "単一の LDAP 問い合わせにおいて取得するレコード数" -#: src/config/SSSDConfig/__init__.py.in:306 +#: src/config/SSSDConfig/__init__.py.in:307 msgid "The number of members that must be missing to trigger a full deref" msgstr "完全な参照解決を引き起こすために欠けている必要があるメンバーの数" -#: src/config/SSSDConfig/__init__.py.in:307 +#: src/config/SSSDConfig/__init__.py.in:308 msgid "" "Whether the LDAP library should perform a reverse lookup to canonicalize the " "host name during a SASL bind" @@ -952,409 +957,410 @@ msgstr "" "LDAP ライブラリーが SASL バインド中にホスト名を正規化するために逆引きを実行す" "るかどうか" -#: src/config/SSSDConfig/__init__.py.in:309 +#: src/config/SSSDConfig/__init__.py.in:310 msgid "entryUSN attribute" msgstr "entryUSN 属性" -#: src/config/SSSDConfig/__init__.py.in:310 +#: src/config/SSSDConfig/__init__.py.in:311 msgid "lastUSN attribute" msgstr "lastUSN 属性" -#: src/config/SSSDConfig/__init__.py.in:312 +#: src/config/SSSDConfig/__init__.py.in:313 msgid "How long to retain a connection to the LDAP server before disconnecting" msgstr "LDAP サーバーを切断する前に接続を保持する時間" -#: src/config/SSSDConfig/__init__.py.in:314 +#: src/config/SSSDConfig/__init__.py.in:315 msgid "Disable the LDAP paging control" msgstr "LDAP ページング制御を無効化する" -#: src/config/SSSDConfig/__init__.py.in:315 +#: src/config/SSSDConfig/__init__.py.in:316 msgid "Disable Active Directory range retrieval" msgstr "Active Directory 範囲の取得の無効化" -#: src/config/SSSDConfig/__init__.py.in:318 +#: src/config/SSSDConfig/__init__.py.in:319 msgid "Length of time to wait for a search request" msgstr "検索要求を待つ時間" -#: src/config/SSSDConfig/__init__.py.in:319 +#: src/config/SSSDConfig/__init__.py.in:320 msgid "Length of time to wait for a enumeration request" msgstr "列挙の要求を待つ時間" -#: src/config/SSSDConfig/__init__.py.in:320 +#: src/config/SSSDConfig/__init__.py.in:321 msgid "Length of time between enumeration updates" msgstr "列挙の更新間隔" -#: src/config/SSSDConfig/__init__.py.in:321 +#: src/config/SSSDConfig/__init__.py.in:322 msgid "Length of time between cache cleanups" msgstr "キャッシュをクリーンアップする間隔" -#: src/config/SSSDConfig/__init__.py.in:322 +#: src/config/SSSDConfig/__init__.py.in:323 msgid "Require TLS for ID lookups" msgstr "ID 検索に TLS を要求する" -#: src/config/SSSDConfig/__init__.py.in:323 +#: src/config/SSSDConfig/__init__.py.in:324 msgid "Use ID-mapping of objectSID instead of pre-set IDs" msgstr "事前設定済み ID の代わりに objectSID の ID マッピングを使用します" -#: src/config/SSSDConfig/__init__.py.in:324 +#: src/config/SSSDConfig/__init__.py.in:325 msgid "Base DN for user lookups" msgstr "ユーザー検索のベース DN" -#: src/config/SSSDConfig/__init__.py.in:325 +#: src/config/SSSDConfig/__init__.py.in:326 msgid "Scope of user lookups" msgstr "ユーザー検索の範囲" -#: src/config/SSSDConfig/__init__.py.in:326 +#: src/config/SSSDConfig/__init__.py.in:327 msgid "Filter for user lookups" msgstr "ユーザー検索のフィルター" -#: src/config/SSSDConfig/__init__.py.in:327 +#: src/config/SSSDConfig/__init__.py.in:328 msgid "Objectclass for users" msgstr "ユーザーのオブジェクトクラス" -#: src/config/SSSDConfig/__init__.py.in:328 +#: src/config/SSSDConfig/__init__.py.in:329 msgid "Username attribute" msgstr "ユーザー名の属性" -#: src/config/SSSDConfig/__init__.py.in:330 +#: src/config/SSSDConfig/__init__.py.in:331 msgid "UID attribute" msgstr "UID の属性" -#: src/config/SSSDConfig/__init__.py.in:331 +#: src/config/SSSDConfig/__init__.py.in:332 msgid "Primary GID attribute" msgstr "プライマリー GID の属性" -#: src/config/SSSDConfig/__init__.py.in:332 +#: src/config/SSSDConfig/__init__.py.in:333 msgid "GECOS attribute" msgstr "GECOS の属性" -#: src/config/SSSDConfig/__init__.py.in:333 +#: src/config/SSSDConfig/__init__.py.in:334 msgid "Home directory attribute" msgstr "ホームディレクトリの属性" -#: src/config/SSSDConfig/__init__.py.in:334 +#: src/config/SSSDConfig/__init__.py.in:335 msgid "Shell attribute" msgstr "シェルの属性" -#: src/config/SSSDConfig/__init__.py.in:335 +#: src/config/SSSDConfig/__init__.py.in:336 msgid "UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:336 -#: src/config/SSSDConfig/__init__.py.in:378 +#: src/config/SSSDConfig/__init__.py.in:337 +#: src/config/SSSDConfig/__init__.py.in:379 msgid "objectSID attribute" msgstr "objectSID 属性" -#: src/config/SSSDConfig/__init__.py.in:337 +#: src/config/SSSDConfig/__init__.py.in:338 msgid "Active Directory primary group attribute for ID-mapping" msgstr "ID マッピングの Active Directory プライマリーグループ属性" -#: src/config/SSSDConfig/__init__.py.in:338 +#: src/config/SSSDConfig/__init__.py.in:339 msgid "User principal attribute (for Kerberos)" msgstr "ユーザープリンシパルの属性(Kerberos 用)" -#: src/config/SSSDConfig/__init__.py.in:339 +#: src/config/SSSDConfig/__init__.py.in:340 msgid "Full Name" msgstr "氏名" -#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:341 msgid "memberOf attribute" msgstr "memberOf 属性" -#: src/config/SSSDConfig/__init__.py.in:341 +#: src/config/SSSDConfig/__init__.py.in:342 msgid "Modification time attribute" msgstr "変更日時の属性" -#: src/config/SSSDConfig/__init__.py.in:343 +#: src/config/SSSDConfig/__init__.py.in:344 msgid "shadowLastChange attribute" msgstr "shadowLastChange 属性" -#: src/config/SSSDConfig/__init__.py.in:344 +#: src/config/SSSDConfig/__init__.py.in:345 msgid "shadowMin attribute" msgstr "shadowMin 属性" -#: src/config/SSSDConfig/__init__.py.in:345 +#: src/config/SSSDConfig/__init__.py.in:346 msgid "shadowMax attribute" msgstr "shadowMax 属性" -#: src/config/SSSDConfig/__init__.py.in:346 +#: src/config/SSSDConfig/__init__.py.in:347 msgid "shadowWarning attribute" msgstr "shadowWarning 属性" -#: src/config/SSSDConfig/__init__.py.in:347 +#: src/config/SSSDConfig/__init__.py.in:348 msgid "shadowInactive attribute" msgstr "shadowInactive 属性" -#: src/config/SSSDConfig/__init__.py.in:348 +#: src/config/SSSDConfig/__init__.py.in:349 msgid "shadowExpire attribute" msgstr "shadowExpire 属性" -#: src/config/SSSDConfig/__init__.py.in:349 +#: src/config/SSSDConfig/__init__.py.in:350 msgid "shadowFlag attribute" msgstr "shadowFlag 属性" -#: src/config/SSSDConfig/__init__.py.in:350 +#: src/config/SSSDConfig/__init__.py.in:351 msgid "Attribute listing authorized PAM services" msgstr "認可された PAM サービスを一覧化する属性" -#: src/config/SSSDConfig/__init__.py.in:351 +#: src/config/SSSDConfig/__init__.py.in:352 msgid "Attribute listing authorized server hosts" msgstr "認可されたサーバーホストを一覧化する属性" -#: src/config/SSSDConfig/__init__.py.in:352 +#: src/config/SSSDConfig/__init__.py.in:353 #, fuzzy msgid "Attribute listing authorized server rhosts" msgstr "認可されたサーバーホストを一覧化する属性" -#: src/config/SSSDConfig/__init__.py.in:353 +#: src/config/SSSDConfig/__init__.py.in:354 msgid "krbLastPwdChange attribute" msgstr "krbLastPwdChange 属性" -#: src/config/SSSDConfig/__init__.py.in:354 +#: src/config/SSSDConfig/__init__.py.in:355 msgid "krbPasswordExpiration attribute" msgstr "krbPasswordExpiration 属性" -#: src/config/SSSDConfig/__init__.py.in:355 +#: src/config/SSSDConfig/__init__.py.in:356 msgid "Attribute indicating that server side password policies are active" msgstr "サーバー側パスワードポリシーが有効であることを意味する属性" -#: src/config/SSSDConfig/__init__.py.in:356 +#: src/config/SSSDConfig/__init__.py.in:357 msgid "accountExpires attribute of AD" msgstr "AD の accountExpires 属性" -#: src/config/SSSDConfig/__init__.py.in:357 +#: src/config/SSSDConfig/__init__.py.in:358 msgid "userAccountControl attribute of AD" msgstr "AD の userAccountControl 属性" -#: src/config/SSSDConfig/__init__.py.in:358 +#: src/config/SSSDConfig/__init__.py.in:359 msgid "nsAccountLock attribute" msgstr "nsAccountLock 属性" -#: src/config/SSSDConfig/__init__.py.in:359 +#: src/config/SSSDConfig/__init__.py.in:360 msgid "loginDisabled attribute of NDS" msgstr "NDS の loginDisabled 属性" -#: src/config/SSSDConfig/__init__.py.in:360 +#: src/config/SSSDConfig/__init__.py.in:361 msgid "loginExpirationTime attribute of NDS" msgstr "NDS の loginExpirationTime 属性" -#: src/config/SSSDConfig/__init__.py.in:361 +#: src/config/SSSDConfig/__init__.py.in:362 msgid "loginAllowedTimeMap attribute of NDS" msgstr "NDS の loginAllowedTimeMap 属性" -#: src/config/SSSDConfig/__init__.py.in:362 +#: src/config/SSSDConfig/__init__.py.in:363 msgid "SSH public key attribute" msgstr "SSH 公開鍵の属性" -#: src/config/SSSDConfig/__init__.py.in:363 +#: src/config/SSSDConfig/__init__.py.in:364 msgid "attribute listing allowed authentication types for a user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:364 +#: src/config/SSSDConfig/__init__.py.in:365 msgid "attribute containing the X509 certificate of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:365 +#: src/config/SSSDConfig/__init__.py.in:366 msgid "attribute containing the email address of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:367 +#: src/config/SSSDConfig/__init__.py.in:368 msgid "A list of extra attributes to download along with the user entry" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:369 +#: src/config/SSSDConfig/__init__.py.in:370 msgid "Base DN for group lookups" msgstr "グループ検索のベース DN" -#: src/config/SSSDConfig/__init__.py.in:372 +#: src/config/SSSDConfig/__init__.py.in:373 msgid "Objectclass for groups" msgstr "グループのオブジェクトクラス" -#: src/config/SSSDConfig/__init__.py.in:373 +#: src/config/SSSDConfig/__init__.py.in:374 msgid "Group name" msgstr "グループ名" -#: src/config/SSSDConfig/__init__.py.in:374 +#: src/config/SSSDConfig/__init__.py.in:375 msgid "Group password" msgstr "グループのパスワード" -#: src/config/SSSDConfig/__init__.py.in:375 +#: src/config/SSSDConfig/__init__.py.in:376 msgid "GID attribute" msgstr "GID 属性" -#: src/config/SSSDConfig/__init__.py.in:376 +#: src/config/SSSDConfig/__init__.py.in:377 msgid "Group member attribute" msgstr "グループメンバー属性" -#: src/config/SSSDConfig/__init__.py.in:377 +#: src/config/SSSDConfig/__init__.py.in:378 msgid "Group UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:379 +#: src/config/SSSDConfig/__init__.py.in:380 msgid "Modification time attribute for groups" msgstr "グループの変更日時の属性" -#: src/config/SSSDConfig/__init__.py.in:380 +#: src/config/SSSDConfig/__init__.py.in:381 msgid "Type of the group and other flags" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:381 +#: src/config/SSSDConfig/__init__.py.in:382 msgid "The LDAP group external member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:383 -msgid "Maximum nesting level SSSd will follow" +#: src/config/SSSDConfig/__init__.py.in:384 +#, fuzzy +msgid "Maximum nesting level SSSD will follow" msgstr "SSSd がしたがう最大入れ子レベル" -#: src/config/SSSDConfig/__init__.py.in:385 +#: src/config/SSSDConfig/__init__.py.in:386 msgid "Base DN for netgroup lookups" msgstr "ネットグループ検索のベース DN" -#: src/config/SSSDConfig/__init__.py.in:386 +#: src/config/SSSDConfig/__init__.py.in:387 msgid "Objectclass for netgroups" msgstr "ネットグループのオブジェクトクラス" -#: src/config/SSSDConfig/__init__.py.in:387 +#: src/config/SSSDConfig/__init__.py.in:388 msgid "Netgroup name" msgstr "ネットグループ名" -#: src/config/SSSDConfig/__init__.py.in:388 +#: src/config/SSSDConfig/__init__.py.in:389 msgid "Netgroups members attribute" msgstr "ネットグループメンバーの属性" -#: src/config/SSSDConfig/__init__.py.in:389 +#: src/config/SSSDConfig/__init__.py.in:390 msgid "Netgroup triple attribute" msgstr "ネットグループの三つ組の属性" -#: src/config/SSSDConfig/__init__.py.in:390 +#: src/config/SSSDConfig/__init__.py.in:391 msgid "Modification time attribute for netgroups" msgstr "ネットグループの変更日時の属性" -#: src/config/SSSDConfig/__init__.py.in:392 +#: src/config/SSSDConfig/__init__.py.in:393 msgid "Base DN for service lookups" msgstr "サービス検索のベース DN" -#: src/config/SSSDConfig/__init__.py.in:393 +#: src/config/SSSDConfig/__init__.py.in:394 msgid "Objectclass for services" msgstr "サービスのオブジェクトクラス" -#: src/config/SSSDConfig/__init__.py.in:394 +#: src/config/SSSDConfig/__init__.py.in:395 msgid "Service name attribute" msgstr "サービス名の属性" -#: src/config/SSSDConfig/__init__.py.in:395 +#: src/config/SSSDConfig/__init__.py.in:396 msgid "Service port attribute" msgstr "サービスポートの属性" -#: src/config/SSSDConfig/__init__.py.in:396 +#: src/config/SSSDConfig/__init__.py.in:397 msgid "Service protocol attribute" msgstr "サービスプロトコルの属性" -#: src/config/SSSDConfig/__init__.py.in:399 +#: src/config/SSSDConfig/__init__.py.in:400 msgid "Lower bound for ID-mapping" msgstr "ID マッピングの下限" -#: src/config/SSSDConfig/__init__.py.in:400 +#: src/config/SSSDConfig/__init__.py.in:401 msgid "Upper bound for ID-mapping" msgstr "ID マッピングの上限" -#: src/config/SSSDConfig/__init__.py.in:401 +#: src/config/SSSDConfig/__init__.py.in:402 msgid "Number of IDs for each slice when ID-mapping" msgstr "ID マッピングするとき、各スライスに対する ID の数" -#: src/config/SSSDConfig/__init__.py.in:402 +#: src/config/SSSDConfig/__init__.py.in:403 msgid "Use autorid-compatible algorithm for ID-mapping" msgstr "ID マッピングに対する autorid 互換アルゴリズムを使用します" -#: src/config/SSSDConfig/__init__.py.in:403 +#: src/config/SSSDConfig/__init__.py.in:404 msgid "Name of the default domain for ID-mapping" msgstr "ID マッピングに対するデフォルトドメインの名前" -#: src/config/SSSDConfig/__init__.py.in:404 +#: src/config/SSSDConfig/__init__.py.in:405 msgid "SID of the default domain for ID-mapping" msgstr "ID マッピングに対するデフォルトドメインの SID" -#: src/config/SSSDConfig/__init__.py.in:405 +#: src/config/SSSDConfig/__init__.py.in:406 msgid "Number of secondary slices" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:407 +#: src/config/SSSDConfig/__init__.py.in:408 msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups" msgstr "グループ検索のために LDAP_MATCHING_RULE_IN_CHAIN を使用します" -#: src/config/SSSDConfig/__init__.py.in:408 +#: src/config/SSSDConfig/__init__.py.in:409 msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups" msgstr "初期グループの検索のために LDAP_MATCHING_RULE_IN_CHAIN を使用します" -#: src/config/SSSDConfig/__init__.py.in:409 +#: src/config/SSSDConfig/__init__.py.in:410 msgid "Whether to use Token-Groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:410 +#: src/config/SSSDConfig/__init__.py.in:411 msgid "Set lower boundary for allowed IDs from the LDAP server" msgstr "LDAP サーバーから許可される ID の下限の設定" -#: src/config/SSSDConfig/__init__.py.in:411 +#: src/config/SSSDConfig/__init__.py.in:412 msgid "Set upper boundary for allowed IDs from the LDAP server" msgstr "LDAP サーバーから許可される ID の上限の設定" -#: src/config/SSSDConfig/__init__.py.in:412 +#: src/config/SSSDConfig/__init__.py.in:413 msgid "DN for ppolicy queries" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:413 +#: src/config/SSSDConfig/__init__.py.in:414 msgid "How many maximum entries to fetch during a wildcard request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:416 +#: src/config/SSSDConfig/__init__.py.in:417 msgid "Policy to evaluate the password expiration" msgstr "パスワード失効の評価のポリシー" -#: src/config/SSSDConfig/__init__.py.in:420 +#: src/config/SSSDConfig/__init__.py.in:421 msgid "Which attributes shall be used to evaluate if an account is expired" msgstr "どの属性がアカウントが失効しているかを評価するために使用されるか" -#: src/config/SSSDConfig/__init__.py.in:421 +#: src/config/SSSDConfig/__init__.py.in:422 msgid "Which rules should be used to evaluate access control" msgstr "どのルールがアクセス制御を評価するために使用されるか" -#: src/config/SSSDConfig/__init__.py.in:424 +#: src/config/SSSDConfig/__init__.py.in:425 msgid "URI of an LDAP server where password changes are allowed" msgstr "パスワードの変更が許可される LDAP サーバーの URI" -#: src/config/SSSDConfig/__init__.py.in:425 +#: src/config/SSSDConfig/__init__.py.in:426 msgid "URI of a backup LDAP server where password changes are allowed" msgstr "パスワードの変更が許可されるバックアップ LDAP サーバーの URI" -#: src/config/SSSDConfig/__init__.py.in:426 +#: src/config/SSSDConfig/__init__.py.in:427 msgid "DNS service name for LDAP password change server" msgstr "LDAP パスワードの変更サーバーの DNS サービス名" -#: src/config/SSSDConfig/__init__.py.in:427 +#: src/config/SSSDConfig/__init__.py.in:428 msgid "" "Whether to update the ldap_user_shadow_last_change attribute after a " "password change" msgstr "パスワード変更後 ldap_user_shadow_last_change 属性を更新するかどうか" -#: src/config/SSSDConfig/__init__.py.in:430 +#: src/config/SSSDConfig/__init__.py.in:431 msgid "Base DN for sudo rules lookups" msgstr "sudo ルール検索のベース DN" -#: src/config/SSSDConfig/__init__.py.in:431 +#: src/config/SSSDConfig/__init__.py.in:432 msgid "Automatic full refresh period" msgstr "自動的な完全更新間隔" -#: src/config/SSSDConfig/__init__.py.in:432 +#: src/config/SSSDConfig/__init__.py.in:433 msgid "Automatic smart refresh period" msgstr "自動的なスマート更新間隔" -#: src/config/SSSDConfig/__init__.py.in:433 +#: src/config/SSSDConfig/__init__.py.in:434 msgid "Whether to filter rules by hostname, IP addresses and network" msgstr "" "ホスト名、IP アドレスおよびネットワークによるフィルタールールを使用するかどう" "か" -#: src/config/SSSDConfig/__init__.py.in:434 +#: src/config/SSSDConfig/__init__.py.in:435 msgid "" "Hostnames and/or fully qualified domain names of this machine to filter sudo " "rules" @@ -1362,315 +1368,324 @@ msgstr "" "sudo ルールをフィルターするこのマシンのホスト名および/または完全修飾ドメイン" "名" -#: src/config/SSSDConfig/__init__.py.in:435 +#: src/config/SSSDConfig/__init__.py.in:436 msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" msgstr "" "sudo ルールをフィルターするこのマシンの IPv4 または IPv6 アドレスまたはネット" "ワーク" -#: src/config/SSSDConfig/__init__.py.in:436 +#: src/config/SSSDConfig/__init__.py.in:437 msgid "Whether to include rules that contains netgroup in host attribute" msgstr "ホスト属性にネットワークグループを含むルールを含めるかどうか" -#: src/config/SSSDConfig/__init__.py.in:437 +#: src/config/SSSDConfig/__init__.py.in:438 msgid "" "Whether to include rules that contains regular expression in host attribute" msgstr "ホスト属性に正規表現を含むルールを含めるかどうか" -#: src/config/SSSDConfig/__init__.py.in:438 +#: src/config/SSSDConfig/__init__.py.in:439 msgid "Object class for sudo rules" msgstr "sudo ルールのオブジェクトクラス" -#: src/config/SSSDConfig/__init__.py.in:439 +#: src/config/SSSDConfig/__init__.py.in:440 msgid "Sudo rule name" msgstr "sudo ルール名" -#: src/config/SSSDConfig/__init__.py.in:440 +#: src/config/SSSDConfig/__init__.py.in:441 msgid "Sudo rule command attribute" msgstr "sudo ルールのコマンドの属性" -#: src/config/SSSDConfig/__init__.py.in:441 +#: src/config/SSSDConfig/__init__.py.in:442 msgid "Sudo rule host attribute" msgstr "sudo ルールのホストの属性" -#: src/config/SSSDConfig/__init__.py.in:442 +#: src/config/SSSDConfig/__init__.py.in:443 msgid "Sudo rule user attribute" msgstr "sudo ルールのユーザーの属性" -#: src/config/SSSDConfig/__init__.py.in:443 +#: src/config/SSSDConfig/__init__.py.in:444 msgid "Sudo rule option attribute" msgstr "sudo ルールのオプションの属性" -#: src/config/SSSDConfig/__init__.py.in:444 +#: src/config/SSSDConfig/__init__.py.in:445 msgid "Sudo rule runas attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:445 +#: src/config/SSSDConfig/__init__.py.in:446 msgid "Sudo rule runasuser attribute" msgstr "sudo ルールの runasuser の属性" -#: src/config/SSSDConfig/__init__.py.in:446 +#: src/config/SSSDConfig/__init__.py.in:447 msgid "Sudo rule runasgroup attribute" msgstr "sudo ルールの runasgroup の属性" -#: src/config/SSSDConfig/__init__.py.in:447 +#: src/config/SSSDConfig/__init__.py.in:448 msgid "Sudo rule notbefore attribute" msgstr "sudo ルールの notbefore の属性" -#: src/config/SSSDConfig/__init__.py.in:448 +#: src/config/SSSDConfig/__init__.py.in:449 msgid "Sudo rule notafter attribute" msgstr "sudo ルールの notafter の属性" -#: src/config/SSSDConfig/__init__.py.in:449 +#: src/config/SSSDConfig/__init__.py.in:450 msgid "Sudo rule order attribute" msgstr "sudo ルールの order の属性" -#: src/config/SSSDConfig/__init__.py.in:452 +#: src/config/SSSDConfig/__init__.py.in:453 msgid "Object class for automounter maps" msgstr "automounter マップのオブジェクトクラス" -#: src/config/SSSDConfig/__init__.py.in:453 +#: src/config/SSSDConfig/__init__.py.in:454 msgid "Automounter map name attribute" msgstr "オートマウントのマップ名の属性" -#: src/config/SSSDConfig/__init__.py.in:454 +#: src/config/SSSDConfig/__init__.py.in:455 msgid "Object class for automounter map entries" msgstr "automounter マップエントリーのオブジェクトクラス" -#: src/config/SSSDConfig/__init__.py.in:455 +#: src/config/SSSDConfig/__init__.py.in:456 msgid "Automounter map entry key attribute" msgstr "automounter マップエントリーのキー属性" -#: src/config/SSSDConfig/__init__.py.in:456 +#: src/config/SSSDConfig/__init__.py.in:457 msgid "Automounter map entry value attribute" msgstr "automounter マップエントリーの値属性" -#: src/config/SSSDConfig/__init__.py.in:457 +#: src/config/SSSDConfig/__init__.py.in:458 msgid "Base DN for automounter map lookups" msgstr "automonter のマップ検索のベース DN" -#: src/config/SSSDConfig/__init__.py.in:460 +#: src/config/SSSDConfig/__init__.py.in:461 msgid "Comma separated list of allowed users" msgstr "許可ユーザーのカンマ区切り一覧" -#: src/config/SSSDConfig/__init__.py.in:461 +#: src/config/SSSDConfig/__init__.py.in:462 msgid "Comma separated list of prohibited users" msgstr "禁止ユーザーのカンマ区切り一覧" -#: src/config/SSSDConfig/__init__.py.in:464 +#: src/config/SSSDConfig/__init__.py.in:465 msgid "Default shell, /bin/bash" msgstr "デフォルトのシェル, /bin/bash" -#: src/config/SSSDConfig/__init__.py.in:465 +#: src/config/SSSDConfig/__init__.py.in:466 msgid "Base for home directories" msgstr "ホームディレクトリーのベース" -#: src/config/SSSDConfig/__init__.py.in:468 +#: src/config/SSSDConfig/__init__.py.in:469 msgid "The number of preforked proxy children." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:471 +#: src/config/SSSDConfig/__init__.py.in:472 msgid "The name of the NSS library to use" msgstr "使用する NSS ライブラリーの名前" -#: src/config/SSSDConfig/__init__.py.in:472 +#: src/config/SSSDConfig/__init__.py.in:473 msgid "Whether to look up canonical group name from cache if possible" msgstr "可能ならばキャッシュから正規化されたグループ名を検索するかどうか" -#: src/config/SSSDConfig/__init__.py.in:475 +#: src/config/SSSDConfig/__init__.py.in:476 msgid "PAM stack to use" msgstr "使用する PAM スタック" -#: src/monitor/monitor.c:2469 +#: src/monitor/monitor.c:2449 msgid "Become a daemon (default)" msgstr "デーモンとして実行(デフォルト)" -#: src/monitor/monitor.c:2471 +#: src/monitor/monitor.c:2451 msgid "Run interactive (not a daemon)" msgstr "対話的に実行(デーモンではない)" -#: src/monitor/monitor.c:2474 +#: src/monitor/monitor.c:2454 msgid "Disable netlink interface" msgstr "" -#: src/monitor/monitor.c:2476 src/tools/sssctl/sssctl_logs.c:311 +#: src/monitor/monitor.c:2456 src/tools/sssctl/sssctl_logs.c:311 msgid "Specify a non-default config file" msgstr "非標準の設定ファイルの指定" -#: src/monitor/monitor.c:2478 +#: src/monitor/monitor.c:2458 msgid "Refresh the configuration database, then exit" msgstr "" -#: src/monitor/monitor.c:2481 +#: src/monitor/monitor.c:2461 msgid "Print version number and exit" msgstr "バージョン番号を表示して終了する" -#: src/monitor/monitor.c:2645 +#: src/monitor/monitor.c:2627 msgid "SSSD is already running\n" msgstr "" -#: src/providers/krb5/krb5_child.c:3032 src/providers/ldap/ldap_child.c:616 +#: src/providers/krb5/krb5_child.c:3216 src/providers/ldap/ldap_child.c:617 msgid "Debug level" msgstr "デバッグレベル" -#: src/providers/krb5/krb5_child.c:3034 src/providers/ldap/ldap_child.c:618 +#: src/providers/krb5/krb5_child.c:3218 src/providers/ldap/ldap_child.c:619 msgid "Add debug timestamps" msgstr "デバッグのタイムスタンプを追加する" -#: src/providers/krb5/krb5_child.c:3036 src/providers/ldap/ldap_child.c:620 +#: src/providers/krb5/krb5_child.c:3220 src/providers/ldap/ldap_child.c:621 msgid "Show timestamps with microseconds" msgstr "タイムスタンプをミリ秒単位で表示する" -#: src/providers/krb5/krb5_child.c:3038 src/providers/ldap/ldap_child.c:622 +#: src/providers/krb5/krb5_child.c:3222 src/providers/ldap/ldap_child.c:623 msgid "An open file descriptor for the debug logs" msgstr "デバッグログのオープンファイルディスクリプター" -#: src/providers/krb5/krb5_child.c:3041 src/providers/ldap/ldap_child.c:624 +#: src/providers/krb5/krb5_child.c:3225 src/providers/ldap/ldap_child.c:625 msgid "Send the debug output to stderr directly." msgstr "" -#: src/providers/krb5/krb5_child.c:3043 +#: src/providers/krb5/krb5_child.c:3228 msgid "The user to create FAST ccache as" msgstr "" -#: src/providers/krb5/krb5_child.c:3045 +#: src/providers/krb5/krb5_child.c:3230 msgid "The group to create FAST ccache as" msgstr "" -#: src/providers/krb5/krb5_child.c:3047 +#: src/providers/krb5/krb5_child.c:3232 msgid "Kerberos realm to use" msgstr "" -#: src/providers/krb5/krb5_child.c:3049 +#: src/providers/krb5/krb5_child.c:3234 msgid "Requested lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:3051 +#: src/providers/krb5/krb5_child.c:3236 msgid "Requested renewable lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:3053 +#: src/providers/krb5/krb5_child.c:3238 msgid "FAST options ('never', 'try', 'demand')" msgstr "" -#: src/providers/krb5/krb5_child.c:3056 +#: src/providers/krb5/krb5_child.c:3241 msgid "Specifies the server principal to use for FAST" msgstr "" -#: src/providers/krb5/krb5_child.c:3058 +#: src/providers/krb5/krb5_child.c:3243 msgid "Requests canonicalization of the principal name" msgstr "" -#: src/providers/data_provider_be.c:553 +#: src/providers/krb5/krb5_child.c:3245 +msgid "Use custom version of krb5_get_init_creds_password" +msgstr "" + +#: src/providers/data_provider_be.c:555 msgid "Domain of the information provider (mandatory)" msgstr "情報プロバイダーのドメイン (必須)" -#: src/sss_client/common.c:1061 +#: src/sss_client/common.c:1066 msgid "Privileged socket has wrong ownership or permissions." msgstr "特権ソケットの所有者またはパーミッションが誤っています。" -#: src/sss_client/common.c:1064 +#: src/sss_client/common.c:1069 msgid "Public socket has wrong ownership or permissions." msgstr "公開ソケットの所有者またはパーミッションが誤っています。" -#: src/sss_client/common.c:1067 +#: src/sss_client/common.c:1072 msgid "Unexpected format of the server credential message." msgstr "サーバーのクレディンシャルメッセージの予期しない形式です。" -#: src/sss_client/common.c:1070 +#: src/sss_client/common.c:1075 msgid "SSSD is not run by root." msgstr "SSSD は root により実行されません。" -#: src/sss_client/common.c:1075 +#: src/sss_client/common.c:1080 msgid "An error occurred, but no description can be found." msgstr "エラーが発生しましたが、説明がありませんでした。" -#: src/sss_client/common.c:1081 +#: src/sss_client/common.c:1086 msgid "Unexpected error while looking for an error description" msgstr "エラーの説明を検索中に予期しないエラーが発生しました" -#: src/sss_client/pam_sss.c:68 +#: src/sss_client/pam_sss.c:76 msgid "Permission denied. " msgstr "" -#: src/sss_client/pam_sss.c:69 src/sss_client/pam_sss.c:746 -#: src/sss_client/pam_sss.c:757 +#: src/sss_client/pam_sss.c:77 src/sss_client/pam_sss.c:782 +#: src/sss_client/pam_sss.c:793 msgid "Server message: " msgstr "サーバーのメッセージ: " -#: src/sss_client/pam_sss.c:264 +#: src/sss_client/pam_sss.c:300 msgid "Passwords do not match" msgstr "パスワードが一致しません" -#: src/sss_client/pam_sss.c:452 +#: src/sss_client/pam_sss.c:488 msgid "Password reset by root is not supported." msgstr "root によるパスワードのリセットはサポートされません。" -#: src/sss_client/pam_sss.c:493 +#: src/sss_client/pam_sss.c:529 msgid "Authenticated with cached credentials" msgstr "キャッシュされているクレディンシャルを用いて認証されました" -#: src/sss_client/pam_sss.c:494 +#: src/sss_client/pam_sss.c:530 msgid ", your cached password will expire at: " msgstr "、キャッシュされたパスワードが失効します: " -#: src/sss_client/pam_sss.c:524 +#: src/sss_client/pam_sss.c:560 #, c-format msgid "Your password has expired. You have %1$d grace login(s) remaining." msgstr "パスワードの期限が切れています。あと %1$d 回ログインできます。" -#: src/sss_client/pam_sss.c:570 +#: src/sss_client/pam_sss.c:606 #, c-format msgid "Your password will expire in %1$d %2$s." msgstr "あなたのパスワードは %1$d %2$s に期限切れになります。" -#: src/sss_client/pam_sss.c:619 +#: src/sss_client/pam_sss.c:655 msgid "Authentication is denied until: " msgstr "次まで認証が拒否されます: " -#: src/sss_client/pam_sss.c:640 +#: src/sss_client/pam_sss.c:676 msgid "System is offline, password change not possible" msgstr "システムがオフラインです、パスワード変更ができません" -#: src/sss_client/pam_sss.c:655 +#: src/sss_client/pam_sss.c:691 msgid "" "After changing the OTP password, you need to log out and back in order to " "acquire a ticket" msgstr "" -#: src/sss_client/pam_sss.c:743 src/sss_client/pam_sss.c:756 +#: src/sss_client/pam_sss.c:779 src/sss_client/pam_sss.c:792 msgid "Password change failed. " msgstr "パスワードの変更に失敗しました。 " -#: src/sss_client/pam_sss.c:1670 +#: src/sss_client/pam_sss.c:1926 msgid "New Password: " msgstr "新しいパスワード: " -#: src/sss_client/pam_sss.c:1671 +#: src/sss_client/pam_sss.c:1927 msgid "Reenter new Password: " msgstr "新しいパスワードの再入力: " -#: src/sss_client/pam_sss.c:1783 src/sss_client/pam_sss.c:1786 +#: src/sss_client/pam_sss.c:2039 src/sss_client/pam_sss.c:2042 msgid "First Factor: " msgstr "" -#: src/sss_client/pam_sss.c:1784 +#: src/sss_client/pam_sss.c:2040 src/sss_client/pam_sss.c:2202 msgid "Second Factor (optional): " msgstr "" -#: src/sss_client/pam_sss.c:1787 +#: src/sss_client/pam_sss.c:2043 src/sss_client/pam_sss.c:2205 msgid "Second Factor: " msgstr "" -#: src/sss_client/pam_sss.c:1792 +#: src/sss_client/pam_sss.c:2058 msgid "Password: " msgstr "パスワード: " -#: src/sss_client/pam_sss.c:1832 +#: src/sss_client/pam_sss.c:2201 src/sss_client/pam_sss.c:2204 +#, fuzzy +msgid "First Factor (Current Password): " +msgstr "現在のパスワード: " + +#: src/sss_client/pam_sss.c:2208 msgid "Current Password: " msgstr "現在のパスワード: " -#: src/sss_client/pam_sss.c:2098 +#: src/sss_client/pam_sss.c:2536 msgid "Password expired. Change your password now." msgstr "パスワードの期限が切れました。いますぐパスワードを変更してください。" @@ -2334,38 +2349,38 @@ msgstr "" msgid "Cached in InfoPipe" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:511 +#: src/tools/sssctl/sssctl_cache.c:512 #, c-format msgid "Error: Unable to get object [%d]: %s\n" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:527 +#: src/tools/sssctl/sssctl_cache.c:528 #, c-format msgid "%s: Unable to read value [%d]: %s\n" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:555 +#: src/tools/sssctl/sssctl_cache.c:556 msgid "Specify name." msgstr "" -#: src/tools/sssctl/sssctl_cache.c:565 +#: src/tools/sssctl/sssctl_cache.c:566 #, c-format msgid "Unable to parse name %s.\n" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:591 src/tools/sssctl/sssctl_cache.c:638 +#: src/tools/sssctl/sssctl_cache.c:592 src/tools/sssctl/sssctl_cache.c:639 msgid "Search by SID" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:592 +#: src/tools/sssctl/sssctl_cache.c:593 msgid "Search by user ID" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:601 +#: src/tools/sssctl/sssctl_cache.c:602 msgid "Initgroups expiration time" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:639 +#: src/tools/sssctl/sssctl_cache.c:640 msgid "Search by group ID" msgstr "" @@ -2403,7 +2418,7 @@ msgid "Unable to create backup directory [%d]: %s" msgstr "" #: src/tools/sssctl/sssctl_data.c:95 -msgid "SSSD backup of local data already exist, override?" +msgid "SSSD backup of local data already exists, override?" msgstr "" #: src/tools/sssctl/sssctl_data.c:111 diff --git a/po/nb.po b/po/nb.po index ce70fb987b1..5ca71ab62ef 100644 --- a/po/nb.po +++ b/po/nb.po @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2017-10-20 16:16+0200\n" +"POT-Creation-Date: 2018-03-09 12:31+0100\n" "PO-Revision-Date: 2014-12-14 11:46-0500\n" "Last-Translator: Copied by Zanata \n" "Language-Team: Norwegian Bokmål (http://www.transifex.com/projects/p/sssd/" @@ -493,12 +493,12 @@ msgid "Whether to automatically update the client's DNS entry" msgstr "" #: src/config/SSSDConfig/__init__.py.in:184 -#: src/config/SSSDConfig/__init__.py.in:205 +#: src/config/SSSDConfig/__init__.py.in:206 msgid "The TTL to apply to the client's DNS entry after updating it" msgstr "" #: src/config/SSSDConfig/__init__.py.in:185 -#: src/config/SSSDConfig/__init__.py.in:206 +#: src/config/SSSDConfig/__init__.py.in:207 msgid "The interface whose IP should be used for dynamic DNS updates" msgstr "" @@ -542,1114 +542,1126 @@ msgstr "" msgid "How long can cached credentials be used for cached authentication" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:200 +#: src/config/SSSDConfig/__init__.py.in:198 +msgid "Whether to automatically create private groups for users" +msgstr "" + +#: src/config/SSSDConfig/__init__.py.in:201 msgid "IPA domain" msgstr "IPA-domene" -#: src/config/SSSDConfig/__init__.py.in:201 +#: src/config/SSSDConfig/__init__.py.in:202 msgid "IPA server address" msgstr "IPA-tjeneradresse" -#: src/config/SSSDConfig/__init__.py.in:202 +#: src/config/SSSDConfig/__init__.py.in:203 msgid "Address of backup IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:203 +#: src/config/SSSDConfig/__init__.py.in:204 msgid "IPA client hostname" msgstr "Vertsnavn for IPA-klient" -#: src/config/SSSDConfig/__init__.py.in:204 +#: src/config/SSSDConfig/__init__.py.in:205 msgid "Whether to automatically update the client's DNS entry in FreeIPA" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:207 +#: src/config/SSSDConfig/__init__.py.in:208 msgid "Search base for HBAC related objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:208 +#: src/config/SSSDConfig/__init__.py.in:209 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:209 +#: src/config/SSSDConfig/__init__.py.in:210 msgid "" "The amount of time in seconds between lookups of the SELinux maps against " "the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:210 +#: src/config/SSSDConfig/__init__.py.in:211 msgid "If set to false, host argument given by PAM will be ignored" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:211 +#: src/config/SSSDConfig/__init__.py.in:212 msgid "The automounter location this IPA client is using" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:212 +#: src/config/SSSDConfig/__init__.py.in:213 msgid "Search base for object containing info about IPA domain" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:213 +#: src/config/SSSDConfig/__init__.py.in:214 msgid "Search base for objects containing info about ID ranges" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:214 -#: src/config/SSSDConfig/__init__.py.in:232 +#: src/config/SSSDConfig/__init__.py.in:215 +#: src/config/SSSDConfig/__init__.py.in:233 msgid "Enable DNS sites - location based service discovery" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:215 +#: src/config/SSSDConfig/__init__.py.in:216 msgid "Search base for view containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:216 +#: src/config/SSSDConfig/__init__.py.in:217 msgid "Objectclass for view containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:217 +#: src/config/SSSDConfig/__init__.py.in:218 msgid "Attribute with the name of the view" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:218 +#: src/config/SSSDConfig/__init__.py.in:219 msgid "Objectclass for override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:219 +#: src/config/SSSDConfig/__init__.py.in:220 msgid "Attribute with the reference to the original object" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:220 +#: src/config/SSSDConfig/__init__.py.in:221 msgid "Objectclass for user override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:221 +#: src/config/SSSDConfig/__init__.py.in:222 msgid "Objectclass for group override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:222 +#: src/config/SSSDConfig/__init__.py.in:223 msgid "Search base for Desktop Profile related objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:223 +#: src/config/SSSDConfig/__init__.py.in:224 msgid "" "The amount of time in seconds between lookups of the Desktop Profile rules " "against the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:224 +#: src/config/SSSDConfig/__init__.py.in:225 msgid "" "The amount of time in minutes between lookups of Desktop Profiles rules " "against the IPA server when the last request did not find any rule" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:227 +#: src/config/SSSDConfig/__init__.py.in:228 msgid "Active Directory domain" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:228 +#: src/config/SSSDConfig/__init__.py.in:229 msgid "Enabled Active Directory domains" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:229 +#: src/config/SSSDConfig/__init__.py.in:230 msgid "Active Directory server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:230 +#: src/config/SSSDConfig/__init__.py.in:231 msgid "Active Directory backup server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:231 +#: src/config/SSSDConfig/__init__.py.in:232 msgid "Active Directory client hostname" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:233 -#: src/config/SSSDConfig/__init__.py.in:419 +#: src/config/SSSDConfig/__init__.py.in:234 +#: src/config/SSSDConfig/__init__.py.in:420 msgid "LDAP filter to determine access privileges" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:234 +#: src/config/SSSDConfig/__init__.py.in:235 msgid "Whether to use the Global Catalog for lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:235 +#: src/config/SSSDConfig/__init__.py.in:236 msgid "Operation mode for GPO-based access control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:236 +#: src/config/SSSDConfig/__init__.py.in:237 msgid "" "The amount of time between lookups of the GPO policy files against the AD " "server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:237 +#: src/config/SSSDConfig/__init__.py.in:238 msgid "" "PAM service names that map to the GPO (Deny)InteractiveLogonRight policy " "settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:238 +#: src/config/SSSDConfig/__init__.py.in:239 msgid "" "PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight " "policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:239 +#: src/config/SSSDConfig/__init__.py.in:240 msgid "" "PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:240 +#: src/config/SSSDConfig/__init__.py.in:241 msgid "" "PAM service names that map to the GPO (Deny)BatchLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:241 +#: src/config/SSSDConfig/__init__.py.in:242 msgid "" "PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:242 +#: src/config/SSSDConfig/__init__.py.in:243 msgid "PAM service names for which GPO-based access is always granted" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:243 +#: src/config/SSSDConfig/__init__.py.in:244 msgid "PAM service names for which GPO-based access is always denied" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:244 +#: src/config/SSSDConfig/__init__.py.in:245 msgid "" "Default logon right (or permit/deny) to use for unmapped PAM service names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:245 +#: src/config/SSSDConfig/__init__.py.in:246 msgid "a particular site to be used by the client" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:246 +#: src/config/SSSDConfig/__init__.py.in:247 msgid "" "Maximum age in days before the machine account password should be renewed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:247 +#: src/config/SSSDConfig/__init__.py.in:248 msgid "Option for tuning the machine account renewal task" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:250 #: src/config/SSSDConfig/__init__.py.in:251 +#: src/config/SSSDConfig/__init__.py.in:252 msgid "Kerberos server address" msgstr "Tjeneradresse for Kerberos" -#: src/config/SSSDConfig/__init__.py.in:252 +#: src/config/SSSDConfig/__init__.py.in:253 msgid "Kerberos backup server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:253 +#: src/config/SSSDConfig/__init__.py.in:254 msgid "Kerberos realm" msgstr "Kerberos-område" -#: src/config/SSSDConfig/__init__.py.in:254 +#: src/config/SSSDConfig/__init__.py.in:255 msgid "Authentication timeout" msgstr "Tidsavbrudd for autentisering" -#: src/config/SSSDConfig/__init__.py.in:255 +#: src/config/SSSDConfig/__init__.py.in:256 msgid "Whether to create kdcinfo files" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:256 +#: src/config/SSSDConfig/__init__.py.in:257 msgid "Where to drop krb5 config snippets" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:259 +#: src/config/SSSDConfig/__init__.py.in:260 msgid "Directory to store credential caches" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:260 +#: src/config/SSSDConfig/__init__.py.in:261 msgid "Location of the user's credential cache" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:261 +#: src/config/SSSDConfig/__init__.py.in:262 msgid "Location of the keytab to validate credentials" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:262 +#: src/config/SSSDConfig/__init__.py.in:263 msgid "Enable credential validation" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:263 +#: src/config/SSSDConfig/__init__.py.in:264 msgid "Store password if offline for later online authentication" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:264 +#: src/config/SSSDConfig/__init__.py.in:265 msgid "Renewable lifetime of the TGT" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:265 +#: src/config/SSSDConfig/__init__.py.in:266 msgid "Lifetime of the TGT" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:266 +#: src/config/SSSDConfig/__init__.py.in:267 msgid "Time between two checks for renewal" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:267 +#: src/config/SSSDConfig/__init__.py.in:268 msgid "Enables FAST" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:268 +#: src/config/SSSDConfig/__init__.py.in:269 msgid "Selects the principal to use for FAST" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:269 +#: src/config/SSSDConfig/__init__.py.in:270 msgid "Enables principal canonicalization" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:270 +#: src/config/SSSDConfig/__init__.py.in:271 msgid "Enables enterprise principals" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:271 -msgid "A mapping from user names to kerberos principal names" +#: src/config/SSSDConfig/__init__.py.in:272 +msgid "A mapping from user names to Kerberos principal names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:274 #: src/config/SSSDConfig/__init__.py.in:275 +#: src/config/SSSDConfig/__init__.py.in:276 msgid "Server where the change password service is running if not on the KDC" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:278 +#: src/config/SSSDConfig/__init__.py.in:279 msgid "ldap_uri, The URI of the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:279 +#: src/config/SSSDConfig/__init__.py.in:280 msgid "ldap_backup_uri, The URI of the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:280 +#: src/config/SSSDConfig/__init__.py.in:281 msgid "The default base DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:281 +#: src/config/SSSDConfig/__init__.py.in:282 msgid "The Schema Type in use on the LDAP server, rfc2307" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:282 +#: src/config/SSSDConfig/__init__.py.in:283 msgid "The default bind DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:283 +#: src/config/SSSDConfig/__init__.py.in:284 msgid "The type of the authentication token of the default bind DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:284 +#: src/config/SSSDConfig/__init__.py.in:285 msgid "The authentication token of the default bind DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:285 +#: src/config/SSSDConfig/__init__.py.in:286 msgid "Length of time to attempt connection" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:286 +#: src/config/SSSDConfig/__init__.py.in:287 msgid "Length of time to attempt synchronous LDAP operations" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:287 +#: src/config/SSSDConfig/__init__.py.in:288 msgid "Length of time between attempts to reconnect while offline" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:288 +#: src/config/SSSDConfig/__init__.py.in:289 msgid "Use only the upper case for realm names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:289 +#: src/config/SSSDConfig/__init__.py.in:290 msgid "File that contains CA certificates" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:290 +#: src/config/SSSDConfig/__init__.py.in:291 msgid "Path to CA certificate directory" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:291 +#: src/config/SSSDConfig/__init__.py.in:292 msgid "File that contains the client certificate" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:292 +#: src/config/SSSDConfig/__init__.py.in:293 msgid "File that contains the client key" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:293 +#: src/config/SSSDConfig/__init__.py.in:294 msgid "List of possible ciphers suites" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:294 +#: src/config/SSSDConfig/__init__.py.in:295 msgid "Require TLS certificate verification" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:295 +#: src/config/SSSDConfig/__init__.py.in:296 msgid "Specify the sasl mechanism to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:296 +#: src/config/SSSDConfig/__init__.py.in:297 msgid "Specify the sasl authorization id to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:297 +#: src/config/SSSDConfig/__init__.py.in:298 msgid "Specify the sasl authorization realm to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:298 +#: src/config/SSSDConfig/__init__.py.in:299 msgid "Specify the minimal SSF for LDAP sasl authorization" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:299 +#: src/config/SSSDConfig/__init__.py.in:300 msgid "Kerberos service keytab" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:300 +#: src/config/SSSDConfig/__init__.py.in:301 msgid "Use Kerberos auth for LDAP connection" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:301 +#: src/config/SSSDConfig/__init__.py.in:302 msgid "Follow LDAP referrals" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:302 +#: src/config/SSSDConfig/__init__.py.in:303 msgid "Lifetime of TGT for LDAP connection" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:303 +#: src/config/SSSDConfig/__init__.py.in:304 msgid "How to dereference aliases" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:304 +#: src/config/SSSDConfig/__init__.py.in:305 msgid "Service name for DNS service lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:305 +#: src/config/SSSDConfig/__init__.py.in:306 msgid "The number of records to retrieve in a single LDAP query" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:306 +#: src/config/SSSDConfig/__init__.py.in:307 msgid "The number of members that must be missing to trigger a full deref" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:307 +#: src/config/SSSDConfig/__init__.py.in:308 msgid "" "Whether the LDAP library should perform a reverse lookup to canonicalize the " "host name during a SASL bind" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:309 +#: src/config/SSSDConfig/__init__.py.in:310 msgid "entryUSN attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:310 +#: src/config/SSSDConfig/__init__.py.in:311 msgid "lastUSN attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:312 +#: src/config/SSSDConfig/__init__.py.in:313 msgid "How long to retain a connection to the LDAP server before disconnecting" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:314 +#: src/config/SSSDConfig/__init__.py.in:315 msgid "Disable the LDAP paging control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:315 +#: src/config/SSSDConfig/__init__.py.in:316 msgid "Disable Active Directory range retrieval" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:318 +#: src/config/SSSDConfig/__init__.py.in:319 msgid "Length of time to wait for a search request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:319 +#: src/config/SSSDConfig/__init__.py.in:320 msgid "Length of time to wait for a enumeration request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:320 +#: src/config/SSSDConfig/__init__.py.in:321 msgid "Length of time between enumeration updates" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:321 +#: src/config/SSSDConfig/__init__.py.in:322 msgid "Length of time between cache cleanups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:322 +#: src/config/SSSDConfig/__init__.py.in:323 msgid "Require TLS for ID lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:323 +#: src/config/SSSDConfig/__init__.py.in:324 msgid "Use ID-mapping of objectSID instead of pre-set IDs" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:324 +#: src/config/SSSDConfig/__init__.py.in:325 msgid "Base DN for user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:325 +#: src/config/SSSDConfig/__init__.py.in:326 msgid "Scope of user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:326 +#: src/config/SSSDConfig/__init__.py.in:327 msgid "Filter for user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:327 +#: src/config/SSSDConfig/__init__.py.in:328 msgid "Objectclass for users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:328 +#: src/config/SSSDConfig/__init__.py.in:329 msgid "Username attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:330 +#: src/config/SSSDConfig/__init__.py.in:331 msgid "UID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:331 +#: src/config/SSSDConfig/__init__.py.in:332 msgid "Primary GID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:332 +#: src/config/SSSDConfig/__init__.py.in:333 msgid "GECOS attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:333 +#: src/config/SSSDConfig/__init__.py.in:334 msgid "Home directory attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:334 +#: src/config/SSSDConfig/__init__.py.in:335 msgid "Shell attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:335 +#: src/config/SSSDConfig/__init__.py.in:336 msgid "UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:336 -#: src/config/SSSDConfig/__init__.py.in:378 +#: src/config/SSSDConfig/__init__.py.in:337 +#: src/config/SSSDConfig/__init__.py.in:379 msgid "objectSID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:337 +#: src/config/SSSDConfig/__init__.py.in:338 msgid "Active Directory primary group attribute for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:338 +#: src/config/SSSDConfig/__init__.py.in:339 msgid "User principal attribute (for Kerberos)" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:339 +#: src/config/SSSDConfig/__init__.py.in:340 msgid "Full Name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:341 msgid "memberOf attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:341 +#: src/config/SSSDConfig/__init__.py.in:342 msgid "Modification time attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:343 +#: src/config/SSSDConfig/__init__.py.in:344 msgid "shadowLastChange attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:344 +#: src/config/SSSDConfig/__init__.py.in:345 msgid "shadowMin attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:345 +#: src/config/SSSDConfig/__init__.py.in:346 msgid "shadowMax attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:346 +#: src/config/SSSDConfig/__init__.py.in:347 msgid "shadowWarning attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:347 +#: src/config/SSSDConfig/__init__.py.in:348 msgid "shadowInactive attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:348 +#: src/config/SSSDConfig/__init__.py.in:349 msgid "shadowExpire attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:349 +#: src/config/SSSDConfig/__init__.py.in:350 msgid "shadowFlag attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:350 +#: src/config/SSSDConfig/__init__.py.in:351 msgid "Attribute listing authorized PAM services" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:351 +#: src/config/SSSDConfig/__init__.py.in:352 msgid "Attribute listing authorized server hosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:352 +#: src/config/SSSDConfig/__init__.py.in:353 msgid "Attribute listing authorized server rhosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:353 +#: src/config/SSSDConfig/__init__.py.in:354 msgid "krbLastPwdChange attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:354 +#: src/config/SSSDConfig/__init__.py.in:355 msgid "krbPasswordExpiration attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:355 +#: src/config/SSSDConfig/__init__.py.in:356 msgid "Attribute indicating that server side password policies are active" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:356 +#: src/config/SSSDConfig/__init__.py.in:357 msgid "accountExpires attribute of AD" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:357 +#: src/config/SSSDConfig/__init__.py.in:358 msgid "userAccountControl attribute of AD" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:358 +#: src/config/SSSDConfig/__init__.py.in:359 msgid "nsAccountLock attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:359 +#: src/config/SSSDConfig/__init__.py.in:360 msgid "loginDisabled attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:360 +#: src/config/SSSDConfig/__init__.py.in:361 msgid "loginExpirationTime attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:361 +#: src/config/SSSDConfig/__init__.py.in:362 msgid "loginAllowedTimeMap attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:362 +#: src/config/SSSDConfig/__init__.py.in:363 msgid "SSH public key attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:363 +#: src/config/SSSDConfig/__init__.py.in:364 msgid "attribute listing allowed authentication types for a user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:364 +#: src/config/SSSDConfig/__init__.py.in:365 msgid "attribute containing the X509 certificate of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:365 +#: src/config/SSSDConfig/__init__.py.in:366 msgid "attribute containing the email address of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:367 +#: src/config/SSSDConfig/__init__.py.in:368 msgid "A list of extra attributes to download along with the user entry" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:369 +#: src/config/SSSDConfig/__init__.py.in:370 msgid "Base DN for group lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:372 +#: src/config/SSSDConfig/__init__.py.in:373 msgid "Objectclass for groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:373 +#: src/config/SSSDConfig/__init__.py.in:374 msgid "Group name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:374 +#: src/config/SSSDConfig/__init__.py.in:375 msgid "Group password" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:375 +#: src/config/SSSDConfig/__init__.py.in:376 msgid "GID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:376 +#: src/config/SSSDConfig/__init__.py.in:377 msgid "Group member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:377 +#: src/config/SSSDConfig/__init__.py.in:378 msgid "Group UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:379 +#: src/config/SSSDConfig/__init__.py.in:380 msgid "Modification time attribute for groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:380 +#: src/config/SSSDConfig/__init__.py.in:381 msgid "Type of the group and other flags" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:381 +#: src/config/SSSDConfig/__init__.py.in:382 msgid "The LDAP group external member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:383 -msgid "Maximum nesting level SSSd will follow" +#: src/config/SSSDConfig/__init__.py.in:384 +msgid "Maximum nesting level SSSD will follow" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:385 +#: src/config/SSSDConfig/__init__.py.in:386 msgid "Base DN for netgroup lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:386 +#: src/config/SSSDConfig/__init__.py.in:387 msgid "Objectclass for netgroups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:387 +#: src/config/SSSDConfig/__init__.py.in:388 msgid "Netgroup name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:388 +#: src/config/SSSDConfig/__init__.py.in:389 msgid "Netgroups members attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:389 +#: src/config/SSSDConfig/__init__.py.in:390 msgid "Netgroup triple attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:390 +#: src/config/SSSDConfig/__init__.py.in:391 msgid "Modification time attribute for netgroups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:392 +#: src/config/SSSDConfig/__init__.py.in:393 msgid "Base DN for service lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:393 +#: src/config/SSSDConfig/__init__.py.in:394 msgid "Objectclass for services" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:394 +#: src/config/SSSDConfig/__init__.py.in:395 msgid "Service name attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:395 +#: src/config/SSSDConfig/__init__.py.in:396 msgid "Service port attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:396 +#: src/config/SSSDConfig/__init__.py.in:397 msgid "Service protocol attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:399 +#: src/config/SSSDConfig/__init__.py.in:400 msgid "Lower bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:400 +#: src/config/SSSDConfig/__init__.py.in:401 msgid "Upper bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:401 +#: src/config/SSSDConfig/__init__.py.in:402 msgid "Number of IDs for each slice when ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:402 +#: src/config/SSSDConfig/__init__.py.in:403 msgid "Use autorid-compatible algorithm for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:403 +#: src/config/SSSDConfig/__init__.py.in:404 msgid "Name of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:404 +#: src/config/SSSDConfig/__init__.py.in:405 msgid "SID of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:405 +#: src/config/SSSDConfig/__init__.py.in:406 msgid "Number of secondary slices" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:407 +#: src/config/SSSDConfig/__init__.py.in:408 msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:408 +#: src/config/SSSDConfig/__init__.py.in:409 msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:409 +#: src/config/SSSDConfig/__init__.py.in:410 msgid "Whether to use Token-Groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:410 +#: src/config/SSSDConfig/__init__.py.in:411 msgid "Set lower boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:411 +#: src/config/SSSDConfig/__init__.py.in:412 msgid "Set upper boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:412 +#: src/config/SSSDConfig/__init__.py.in:413 msgid "DN for ppolicy queries" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:413 +#: src/config/SSSDConfig/__init__.py.in:414 msgid "How many maximum entries to fetch during a wildcard request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:416 +#: src/config/SSSDConfig/__init__.py.in:417 msgid "Policy to evaluate the password expiration" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:420 +#: src/config/SSSDConfig/__init__.py.in:421 msgid "Which attributes shall be used to evaluate if an account is expired" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:421 +#: src/config/SSSDConfig/__init__.py.in:422 msgid "Which rules should be used to evaluate access control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:424 +#: src/config/SSSDConfig/__init__.py.in:425 msgid "URI of an LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:425 +#: src/config/SSSDConfig/__init__.py.in:426 msgid "URI of a backup LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:426 +#: src/config/SSSDConfig/__init__.py.in:427 msgid "DNS service name for LDAP password change server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:427 +#: src/config/SSSDConfig/__init__.py.in:428 msgid "" "Whether to update the ldap_user_shadow_last_change attribute after a " "password change" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:430 +#: src/config/SSSDConfig/__init__.py.in:431 msgid "Base DN for sudo rules lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:431 +#: src/config/SSSDConfig/__init__.py.in:432 msgid "Automatic full refresh period" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:432 +#: src/config/SSSDConfig/__init__.py.in:433 msgid "Automatic smart refresh period" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:433 +#: src/config/SSSDConfig/__init__.py.in:434 msgid "Whether to filter rules by hostname, IP addresses and network" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:434 +#: src/config/SSSDConfig/__init__.py.in:435 msgid "" "Hostnames and/or fully qualified domain names of this machine to filter sudo " "rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:435 +#: src/config/SSSDConfig/__init__.py.in:436 msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:436 +#: src/config/SSSDConfig/__init__.py.in:437 msgid "Whether to include rules that contains netgroup in host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:437 +#: src/config/SSSDConfig/__init__.py.in:438 msgid "" "Whether to include rules that contains regular expression in host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:438 +#: src/config/SSSDConfig/__init__.py.in:439 msgid "Object class for sudo rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:439 +#: src/config/SSSDConfig/__init__.py.in:440 msgid "Sudo rule name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:440 +#: src/config/SSSDConfig/__init__.py.in:441 msgid "Sudo rule command attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:441 +#: src/config/SSSDConfig/__init__.py.in:442 msgid "Sudo rule host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:442 +#: src/config/SSSDConfig/__init__.py.in:443 msgid "Sudo rule user attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:443 +#: src/config/SSSDConfig/__init__.py.in:444 msgid "Sudo rule option attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:444 +#: src/config/SSSDConfig/__init__.py.in:445 msgid "Sudo rule runas attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:445 +#: src/config/SSSDConfig/__init__.py.in:446 msgid "Sudo rule runasuser attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:446 +#: src/config/SSSDConfig/__init__.py.in:447 msgid "Sudo rule runasgroup attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:447 +#: src/config/SSSDConfig/__init__.py.in:448 msgid "Sudo rule notbefore attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:448 +#: src/config/SSSDConfig/__init__.py.in:449 msgid "Sudo rule notafter attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:449 +#: src/config/SSSDConfig/__init__.py.in:450 msgid "Sudo rule order attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:452 +#: src/config/SSSDConfig/__init__.py.in:453 msgid "Object class for automounter maps" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:453 +#: src/config/SSSDConfig/__init__.py.in:454 msgid "Automounter map name attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:454 +#: src/config/SSSDConfig/__init__.py.in:455 msgid "Object class for automounter map entries" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:455 +#: src/config/SSSDConfig/__init__.py.in:456 msgid "Automounter map entry key attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:456 +#: src/config/SSSDConfig/__init__.py.in:457 msgid "Automounter map entry value attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:457 +#: src/config/SSSDConfig/__init__.py.in:458 msgid "Base DN for automounter map lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:460 +#: src/config/SSSDConfig/__init__.py.in:461 msgid "Comma separated list of allowed users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:461 +#: src/config/SSSDConfig/__init__.py.in:462 msgid "Comma separated list of prohibited users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:464 +#: src/config/SSSDConfig/__init__.py.in:465 msgid "Default shell, /bin/bash" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:465 +#: src/config/SSSDConfig/__init__.py.in:466 msgid "Base for home directories" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:468 +#: src/config/SSSDConfig/__init__.py.in:469 msgid "The number of preforked proxy children." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:471 +#: src/config/SSSDConfig/__init__.py.in:472 msgid "The name of the NSS library to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:472 +#: src/config/SSSDConfig/__init__.py.in:473 msgid "Whether to look up canonical group name from cache if possible" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:475 +#: src/config/SSSDConfig/__init__.py.in:476 msgid "PAM stack to use" msgstr "" -#: src/monitor/monitor.c:2469 +#: src/monitor/monitor.c:2449 msgid "Become a daemon (default)" msgstr "" -#: src/monitor/monitor.c:2471 +#: src/monitor/monitor.c:2451 msgid "Run interactive (not a daemon)" msgstr "" -#: src/monitor/monitor.c:2474 +#: src/monitor/monitor.c:2454 msgid "Disable netlink interface" msgstr "" -#: src/monitor/monitor.c:2476 src/tools/sssctl/sssctl_logs.c:311 +#: src/monitor/monitor.c:2456 src/tools/sssctl/sssctl_logs.c:311 msgid "Specify a non-default config file" msgstr "" -#: src/monitor/monitor.c:2478 +#: src/monitor/monitor.c:2458 msgid "Refresh the configuration database, then exit" msgstr "" -#: src/monitor/monitor.c:2481 +#: src/monitor/monitor.c:2461 msgid "Print version number and exit" msgstr "" -#: src/monitor/monitor.c:2645 +#: src/monitor/monitor.c:2627 msgid "SSSD is already running\n" msgstr "" -#: src/providers/krb5/krb5_child.c:3032 src/providers/ldap/ldap_child.c:616 +#: src/providers/krb5/krb5_child.c:3216 src/providers/ldap/ldap_child.c:617 msgid "Debug level" msgstr "" -#: src/providers/krb5/krb5_child.c:3034 src/providers/ldap/ldap_child.c:618 +#: src/providers/krb5/krb5_child.c:3218 src/providers/ldap/ldap_child.c:619 msgid "Add debug timestamps" msgstr "" -#: src/providers/krb5/krb5_child.c:3036 src/providers/ldap/ldap_child.c:620 +#: src/providers/krb5/krb5_child.c:3220 src/providers/ldap/ldap_child.c:621 msgid "Show timestamps with microseconds" msgstr "" -#: src/providers/krb5/krb5_child.c:3038 src/providers/ldap/ldap_child.c:622 +#: src/providers/krb5/krb5_child.c:3222 src/providers/ldap/ldap_child.c:623 msgid "An open file descriptor for the debug logs" msgstr "" -#: src/providers/krb5/krb5_child.c:3041 src/providers/ldap/ldap_child.c:624 +#: src/providers/krb5/krb5_child.c:3225 src/providers/ldap/ldap_child.c:625 msgid "Send the debug output to stderr directly." msgstr "" -#: src/providers/krb5/krb5_child.c:3043 +#: src/providers/krb5/krb5_child.c:3228 msgid "The user to create FAST ccache as" msgstr "" -#: src/providers/krb5/krb5_child.c:3045 +#: src/providers/krb5/krb5_child.c:3230 msgid "The group to create FAST ccache as" msgstr "" -#: src/providers/krb5/krb5_child.c:3047 +#: src/providers/krb5/krb5_child.c:3232 msgid "Kerberos realm to use" msgstr "" -#: src/providers/krb5/krb5_child.c:3049 +#: src/providers/krb5/krb5_child.c:3234 msgid "Requested lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:3051 +#: src/providers/krb5/krb5_child.c:3236 msgid "Requested renewable lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:3053 +#: src/providers/krb5/krb5_child.c:3238 msgid "FAST options ('never', 'try', 'demand')" msgstr "" -#: src/providers/krb5/krb5_child.c:3056 +#: src/providers/krb5/krb5_child.c:3241 msgid "Specifies the server principal to use for FAST" msgstr "" -#: src/providers/krb5/krb5_child.c:3058 +#: src/providers/krb5/krb5_child.c:3243 msgid "Requests canonicalization of the principal name" msgstr "" -#: src/providers/data_provider_be.c:553 +#: src/providers/krb5/krb5_child.c:3245 +msgid "Use custom version of krb5_get_init_creds_password" +msgstr "" + +#: src/providers/data_provider_be.c:555 msgid "Domain of the information provider (mandatory)" msgstr "" -#: src/sss_client/common.c:1061 +#: src/sss_client/common.c:1066 msgid "Privileged socket has wrong ownership or permissions." msgstr "" -#: src/sss_client/common.c:1064 +#: src/sss_client/common.c:1069 msgid "Public socket has wrong ownership or permissions." msgstr "" -#: src/sss_client/common.c:1067 +#: src/sss_client/common.c:1072 msgid "Unexpected format of the server credential message." msgstr "" -#: src/sss_client/common.c:1070 +#: src/sss_client/common.c:1075 msgid "SSSD is not run by root." msgstr "" -#: src/sss_client/common.c:1075 +#: src/sss_client/common.c:1080 msgid "An error occurred, but no description can be found." msgstr "" -#: src/sss_client/common.c:1081 +#: src/sss_client/common.c:1086 msgid "Unexpected error while looking for an error description" msgstr "" -#: src/sss_client/pam_sss.c:68 +#: src/sss_client/pam_sss.c:76 msgid "Permission denied. " msgstr "" -#: src/sss_client/pam_sss.c:69 src/sss_client/pam_sss.c:746 -#: src/sss_client/pam_sss.c:757 +#: src/sss_client/pam_sss.c:77 src/sss_client/pam_sss.c:782 +#: src/sss_client/pam_sss.c:793 msgid "Server message: " msgstr "" -#: src/sss_client/pam_sss.c:264 +#: src/sss_client/pam_sss.c:300 msgid "Passwords do not match" msgstr "" -#: src/sss_client/pam_sss.c:452 +#: src/sss_client/pam_sss.c:488 msgid "Password reset by root is not supported." msgstr "" -#: src/sss_client/pam_sss.c:493 +#: src/sss_client/pam_sss.c:529 msgid "Authenticated with cached credentials" msgstr "" -#: src/sss_client/pam_sss.c:494 +#: src/sss_client/pam_sss.c:530 msgid ", your cached password will expire at: " msgstr "" -#: src/sss_client/pam_sss.c:524 +#: src/sss_client/pam_sss.c:560 #, c-format msgid "Your password has expired. You have %1$d grace login(s) remaining." msgstr "" -#: src/sss_client/pam_sss.c:570 +#: src/sss_client/pam_sss.c:606 #, c-format msgid "Your password will expire in %1$d %2$s." msgstr "" -#: src/sss_client/pam_sss.c:619 +#: src/sss_client/pam_sss.c:655 msgid "Authentication is denied until: " msgstr "" -#: src/sss_client/pam_sss.c:640 +#: src/sss_client/pam_sss.c:676 msgid "System is offline, password change not possible" msgstr "" -#: src/sss_client/pam_sss.c:655 +#: src/sss_client/pam_sss.c:691 msgid "" "After changing the OTP password, you need to log out and back in order to " "acquire a ticket" msgstr "" -#: src/sss_client/pam_sss.c:743 src/sss_client/pam_sss.c:756 +#: src/sss_client/pam_sss.c:779 src/sss_client/pam_sss.c:792 msgid "Password change failed. " msgstr "" -#: src/sss_client/pam_sss.c:1670 +#: src/sss_client/pam_sss.c:1926 msgid "New Password: " msgstr "" -#: src/sss_client/pam_sss.c:1671 +#: src/sss_client/pam_sss.c:1927 msgid "Reenter new Password: " msgstr "" -#: src/sss_client/pam_sss.c:1783 src/sss_client/pam_sss.c:1786 +#: src/sss_client/pam_sss.c:2039 src/sss_client/pam_sss.c:2042 msgid "First Factor: " msgstr "" -#: src/sss_client/pam_sss.c:1784 +#: src/sss_client/pam_sss.c:2040 src/sss_client/pam_sss.c:2202 msgid "Second Factor (optional): " msgstr "" -#: src/sss_client/pam_sss.c:1787 +#: src/sss_client/pam_sss.c:2043 src/sss_client/pam_sss.c:2205 msgid "Second Factor: " msgstr "" -#: src/sss_client/pam_sss.c:1792 +#: src/sss_client/pam_sss.c:2058 msgid "Password: " msgstr "" -#: src/sss_client/pam_sss.c:1832 +#: src/sss_client/pam_sss.c:2201 src/sss_client/pam_sss.c:2204 +msgid "First Factor (Current Password): " +msgstr "" + +#: src/sss_client/pam_sss.c:2208 msgid "Current Password: " msgstr "" -#: src/sss_client/pam_sss.c:2098 +#: src/sss_client/pam_sss.c:2536 msgid "Password expired. Change your password now." msgstr "" @@ -2282,38 +2294,38 @@ msgstr "" msgid "Cached in InfoPipe" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:511 +#: src/tools/sssctl/sssctl_cache.c:512 #, c-format msgid "Error: Unable to get object [%d]: %s\n" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:527 +#: src/tools/sssctl/sssctl_cache.c:528 #, c-format msgid "%s: Unable to read value [%d]: %s\n" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:555 +#: src/tools/sssctl/sssctl_cache.c:556 msgid "Specify name." msgstr "" -#: src/tools/sssctl/sssctl_cache.c:565 +#: src/tools/sssctl/sssctl_cache.c:566 #, c-format msgid "Unable to parse name %s.\n" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:591 src/tools/sssctl/sssctl_cache.c:638 +#: src/tools/sssctl/sssctl_cache.c:592 src/tools/sssctl/sssctl_cache.c:639 msgid "Search by SID" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:592 +#: src/tools/sssctl/sssctl_cache.c:593 msgid "Search by user ID" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:601 +#: src/tools/sssctl/sssctl_cache.c:602 msgid "Initgroups expiration time" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:639 +#: src/tools/sssctl/sssctl_cache.c:640 msgid "Search by group ID" msgstr "" @@ -2351,7 +2363,7 @@ msgid "Unable to create backup directory [%d]: %s" msgstr "" #: src/tools/sssctl/sssctl_data.c:95 -msgid "SSSD backup of local data already exist, override?" +msgid "SSSD backup of local data already exists, override?" msgstr "" #: src/tools/sssctl/sssctl_data.c:111 diff --git a/po/nl.po b/po/nl.po index 7b300e97808..3c604226b53 100644 --- a/po/nl.po +++ b/po/nl.po @@ -13,7 +13,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2017-10-20 16:16+0200\n" +"POT-Creation-Date: 2018-03-09 12:31+0100\n" "PO-Revision-Date: 2014-12-14 11:47-0500\n" "Last-Translator: Copied by Zanata \n" "Language-Team: Dutch (http://www.transifex.com/projects/p/sssd/language/" @@ -529,14 +529,14 @@ msgid "Whether to automatically update the client's DNS entry" msgstr "Of de DNS ingang van de cliënt automatisch vernieuwd moet worden" #: src/config/SSSDConfig/__init__.py.in:184 -#: src/config/SSSDConfig/__init__.py.in:205 +#: src/config/SSSDConfig/__init__.py.in:206 msgid "The TTL to apply to the client's DNS entry after updating it" msgstr "" "De TTL die toegepast moet worden op de DNS ingang van de cliënt na het " "vernieuwen hiervan" #: src/config/SSSDConfig/__init__.py.in:185 -#: src/config/SSSDConfig/__init__.py.in:206 +#: src/config/SSSDConfig/__init__.py.in:207 msgid "The interface whose IP should be used for dynamic DNS updates" msgstr "" "De adapter wiens IP-adres gebruikt moet worden voor het dynamisch bijwerken " @@ -584,38 +584,43 @@ msgstr "" msgid "How long can cached credentials be used for cached authentication" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:200 +#: src/config/SSSDConfig/__init__.py.in:198 +#, fuzzy +msgid "Whether to automatically create private groups for users" +msgstr "Of de DNS ingang van de cliënt automatisch vernieuwd moet worden" + +#: src/config/SSSDConfig/__init__.py.in:201 msgid "IPA domain" msgstr "IPA-domein" -#: src/config/SSSDConfig/__init__.py.in:201 +#: src/config/SSSDConfig/__init__.py.in:202 msgid "IPA server address" msgstr "IPA-serveradres" -#: src/config/SSSDConfig/__init__.py.in:202 +#: src/config/SSSDConfig/__init__.py.in:203 msgid "Address of backup IPA server" msgstr "Adres van back-up IPA server" -#: src/config/SSSDConfig/__init__.py.in:203 +#: src/config/SSSDConfig/__init__.py.in:204 msgid "IPA client hostname" msgstr "IPA-clienthostname" -#: src/config/SSSDConfig/__init__.py.in:204 +#: src/config/SSSDConfig/__init__.py.in:205 msgid "Whether to automatically update the client's DNS entry in FreeIPA" msgstr "" "Of de DNS-gegevens van de client automatisch bijgewerkt moeten worden in " "FreeIPA" -#: src/config/SSSDConfig/__init__.py.in:207 +#: src/config/SSSDConfig/__init__.py.in:208 msgid "Search base for HBAC related objects" msgstr "Zoek basis voor HBAC gerelateerde objecten" -#: src/config/SSSDConfig/__init__.py.in:208 +#: src/config/SSSDConfig/__init__.py.in:209 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server" msgstr "De tijdsduur tussen het opzoeken van HBAC regels voor de IPA server" -#: src/config/SSSDConfig/__init__.py.in:209 +#: src/config/SSSDConfig/__init__.py.in:210 msgid "" "The amount of time in seconds between lookups of the SELinux maps against " "the IPA server" @@ -623,63 +628,63 @@ msgstr "" "De tijdsduur in seconden tussen zoekopdrachten in de SELinux mappen voor de " "IPA server" -#: src/config/SSSDConfig/__init__.py.in:210 +#: src/config/SSSDConfig/__init__.py.in:211 msgid "If set to false, host argument given by PAM will be ignored" msgstr "" "Als dit op false ingesteld is, wordt het host argument gegeven door PAM " "genegeerd" -#: src/config/SSSDConfig/__init__.py.in:211 +#: src/config/SSSDConfig/__init__.py.in:212 msgid "The automounter location this IPA client is using" msgstr "De automounter locatie die door deze IPA client wordt gebruikt" -#: src/config/SSSDConfig/__init__.py.in:212 +#: src/config/SSSDConfig/__init__.py.in:213 msgid "Search base for object containing info about IPA domain" msgstr "Zoek in base voor object die info over IPA domein bevat " -#: src/config/SSSDConfig/__init__.py.in:213 +#: src/config/SSSDConfig/__init__.py.in:214 msgid "Search base for objects containing info about ID ranges" msgstr "Zoek in base voor objecten die info over ID bereiken bevat" -#: src/config/SSSDConfig/__init__.py.in:214 -#: src/config/SSSDConfig/__init__.py.in:232 +#: src/config/SSSDConfig/__init__.py.in:215 +#: src/config/SSSDConfig/__init__.py.in:233 msgid "Enable DNS sites - location based service discovery" msgstr "Zet DNS sites aan - locatie gebaseerde service ontdekking" -#: src/config/SSSDConfig/__init__.py.in:215 +#: src/config/SSSDConfig/__init__.py.in:216 msgid "Search base for view containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:216 +#: src/config/SSSDConfig/__init__.py.in:217 msgid "Objectclass for view containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:217 +#: src/config/SSSDConfig/__init__.py.in:218 msgid "Attribute with the name of the view" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:218 +#: src/config/SSSDConfig/__init__.py.in:219 msgid "Objectclass for override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:219 +#: src/config/SSSDConfig/__init__.py.in:220 msgid "Attribute with the reference to the original object" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:220 +#: src/config/SSSDConfig/__init__.py.in:221 msgid "Objectclass for user override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:221 +#: src/config/SSSDConfig/__init__.py.in:222 msgid "Objectclass for group override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:222 +#: src/config/SSSDConfig/__init__.py.in:223 #, fuzzy msgid "Search base for Desktop Profile related objects" msgstr "Zoek basis voor HBAC gerelateerde objecten" -#: src/config/SSSDConfig/__init__.py.in:223 +#: src/config/SSSDConfig/__init__.py.in:224 #, fuzzy msgid "" "The amount of time in seconds between lookups of the Desktop Profile rules " @@ -688,312 +693,312 @@ msgstr "" "De tijdsduur in seconden tussen zoekopdrachten in de SELinux mappen voor de " "IPA server" -#: src/config/SSSDConfig/__init__.py.in:224 +#: src/config/SSSDConfig/__init__.py.in:225 #, fuzzy msgid "" "The amount of time in minutes between lookups of Desktop Profiles rules " "against the IPA server when the last request did not find any rule" msgstr "De tijdsduur tussen het opzoeken van HBAC regels voor de IPA server" -#: src/config/SSSDConfig/__init__.py.in:227 +#: src/config/SSSDConfig/__init__.py.in:228 msgid "Active Directory domain" msgstr "Active Directory domein" -#: src/config/SSSDConfig/__init__.py.in:228 +#: src/config/SSSDConfig/__init__.py.in:229 msgid "Enabled Active Directory domains" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:229 +#: src/config/SSSDConfig/__init__.py.in:230 msgid "Active Directory server address" msgstr "Active Directory server adres" -#: src/config/SSSDConfig/__init__.py.in:230 +#: src/config/SSSDConfig/__init__.py.in:231 msgid "Active Directory backup server address" msgstr "Active Directory back-up server adres" -#: src/config/SSSDConfig/__init__.py.in:231 +#: src/config/SSSDConfig/__init__.py.in:232 msgid "Active Directory client hostname" msgstr "Active Directory cliënt hostnaam" -#: src/config/SSSDConfig/__init__.py.in:233 -#: src/config/SSSDConfig/__init__.py.in:419 +#: src/config/SSSDConfig/__init__.py.in:234 +#: src/config/SSSDConfig/__init__.py.in:420 msgid "LDAP filter to determine access privileges" msgstr "LDAP-filter om toegangsprivileges mee te bepalen" -#: src/config/SSSDConfig/__init__.py.in:234 +#: src/config/SSSDConfig/__init__.py.in:235 msgid "Whether to use the Global Catalog for lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:235 +#: src/config/SSSDConfig/__init__.py.in:236 msgid "Operation mode for GPO-based access control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:236 +#: src/config/SSSDConfig/__init__.py.in:237 msgid "" "The amount of time between lookups of the GPO policy files against the AD " "server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:237 +#: src/config/SSSDConfig/__init__.py.in:238 msgid "" "PAM service names that map to the GPO (Deny)InteractiveLogonRight policy " "settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:238 +#: src/config/SSSDConfig/__init__.py.in:239 msgid "" "PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight " "policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:239 +#: src/config/SSSDConfig/__init__.py.in:240 msgid "" "PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:240 +#: src/config/SSSDConfig/__init__.py.in:241 msgid "" "PAM service names that map to the GPO (Deny)BatchLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:241 +#: src/config/SSSDConfig/__init__.py.in:242 msgid "" "PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:242 +#: src/config/SSSDConfig/__init__.py.in:243 msgid "PAM service names for which GPO-based access is always granted" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:243 +#: src/config/SSSDConfig/__init__.py.in:244 msgid "PAM service names for which GPO-based access is always denied" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:244 +#: src/config/SSSDConfig/__init__.py.in:245 msgid "" "Default logon right (or permit/deny) to use for unmapped PAM service names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:245 +#: src/config/SSSDConfig/__init__.py.in:246 msgid "a particular site to be used by the client" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:246 +#: src/config/SSSDConfig/__init__.py.in:247 msgid "" "Maximum age in days before the machine account password should be renewed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:247 +#: src/config/SSSDConfig/__init__.py.in:248 msgid "Option for tuning the machine account renewal task" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:250 #: src/config/SSSDConfig/__init__.py.in:251 +#: src/config/SSSDConfig/__init__.py.in:252 msgid "Kerberos server address" msgstr "Kerberos-serveradres" -#: src/config/SSSDConfig/__init__.py.in:252 +#: src/config/SSSDConfig/__init__.py.in:253 msgid "Kerberos backup server address" msgstr "Kerberos back-up server adres" -#: src/config/SSSDConfig/__init__.py.in:253 +#: src/config/SSSDConfig/__init__.py.in:254 msgid "Kerberos realm" msgstr "Kerberos-rijk" -#: src/config/SSSDConfig/__init__.py.in:254 +#: src/config/SSSDConfig/__init__.py.in:255 msgid "Authentication timeout" msgstr "Authenticatie timeout" -#: src/config/SSSDConfig/__init__.py.in:255 +#: src/config/SSSDConfig/__init__.py.in:256 msgid "Whether to create kdcinfo files" msgstr "Moeten kdcinfo bestanden aangemaakt worden" -#: src/config/SSSDConfig/__init__.py.in:256 +#: src/config/SSSDConfig/__init__.py.in:257 msgid "Where to drop krb5 config snippets" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:259 +#: src/config/SSSDConfig/__init__.py.in:260 msgid "Directory to store credential caches" msgstr "Werkmap waar authenticatiegegevens opgeslagen worden" -#: src/config/SSSDConfig/__init__.py.in:260 +#: src/config/SSSDConfig/__init__.py.in:261 msgid "Location of the user's credential cache" msgstr "Locatie van de authenticatiecache van de gebruiker" -#: src/config/SSSDConfig/__init__.py.in:261 +#: src/config/SSSDConfig/__init__.py.in:262 msgid "Location of the keytab to validate credentials" msgstr "Locatie van de keytab om authenticatiegegevens te valideren" -#: src/config/SSSDConfig/__init__.py.in:262 +#: src/config/SSSDConfig/__init__.py.in:263 msgid "Enable credential validation" msgstr "Schakel authenticatiegegevensvalidatie in" -#: src/config/SSSDConfig/__init__.py.in:263 +#: src/config/SSSDConfig/__init__.py.in:264 msgid "Store password if offline for later online authentication" msgstr "" "Sla het wachtwoord op indien offline voor later gebruik bij online " "authenticatie" -#: src/config/SSSDConfig/__init__.py.in:264 +#: src/config/SSSDConfig/__init__.py.in:265 msgid "Renewable lifetime of the TGT" msgstr "Vernieuwbare levensduur van de TGT" -#: src/config/SSSDConfig/__init__.py.in:265 +#: src/config/SSSDConfig/__init__.py.in:266 msgid "Lifetime of the TGT" msgstr "Levensduur van de TGT" -#: src/config/SSSDConfig/__init__.py.in:266 +#: src/config/SSSDConfig/__init__.py.in:267 msgid "Time between two checks for renewal" msgstr "Tijd tussen twee checks voor vernieuwing" -#: src/config/SSSDConfig/__init__.py.in:267 +#: src/config/SSSDConfig/__init__.py.in:268 msgid "Enables FAST" msgstr "Zet FAST aan" -#: src/config/SSSDConfig/__init__.py.in:268 +#: src/config/SSSDConfig/__init__.py.in:269 msgid "Selects the principal to use for FAST" msgstr "Selecteert de hoofdpersoon te gebruiken voor FAST " -#: src/config/SSSDConfig/__init__.py.in:269 +#: src/config/SSSDConfig/__init__.py.in:270 msgid "Enables principal canonicalization" msgstr "Zet hoofdpersoon sanctioneren aan" -#: src/config/SSSDConfig/__init__.py.in:270 +#: src/config/SSSDConfig/__init__.py.in:271 msgid "Enables enterprise principals" msgstr "Zet enterprise principals aan" -#: src/config/SSSDConfig/__init__.py.in:271 -msgid "A mapping from user names to kerberos principal names" +#: src/config/SSSDConfig/__init__.py.in:272 +msgid "A mapping from user names to Kerberos principal names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:274 #: src/config/SSSDConfig/__init__.py.in:275 +#: src/config/SSSDConfig/__init__.py.in:276 msgid "Server where the change password service is running if not on the KDC" msgstr "" "Server waar het wachtwoord wijzigingsservice draait indien niet op de KDC" -#: src/config/SSSDConfig/__init__.py.in:278 +#: src/config/SSSDConfig/__init__.py.in:279 msgid "ldap_uri, The URI of the LDAP server" msgstr "ldap_uri, de URI van de LDAP server" -#: src/config/SSSDConfig/__init__.py.in:279 +#: src/config/SSSDConfig/__init__.py.in:280 msgid "ldap_backup_uri, The URI of the LDAP server" msgstr "ldap_backup_uri, De URI van de LDAP server" -#: src/config/SSSDConfig/__init__.py.in:280 +#: src/config/SSSDConfig/__init__.py.in:281 msgid "The default base DN" msgstr "De standaard base DN" -#: src/config/SSSDConfig/__init__.py.in:281 +#: src/config/SSSDConfig/__init__.py.in:282 msgid "The Schema Type in use on the LDAP server, rfc2307" msgstr "Het schema type wat gebruikt wordt op de LDAP server, rfc2307" -#: src/config/SSSDConfig/__init__.py.in:282 +#: src/config/SSSDConfig/__init__.py.in:283 msgid "The default bind DN" msgstr "De standaard bind DN" -#: src/config/SSSDConfig/__init__.py.in:283 +#: src/config/SSSDConfig/__init__.py.in:284 msgid "The type of the authentication token of the default bind DN" msgstr "Het type authenticatietoken van de standaard bind DN" -#: src/config/SSSDConfig/__init__.py.in:284 +#: src/config/SSSDConfig/__init__.py.in:285 msgid "The authentication token of the default bind DN" msgstr "Het authenticatietoken van de standaard bind DN" -#: src/config/SSSDConfig/__init__.py.in:285 +#: src/config/SSSDConfig/__init__.py.in:286 msgid "Length of time to attempt connection" msgstr "Hoe lang pogen te verbinden" -#: src/config/SSSDConfig/__init__.py.in:286 +#: src/config/SSSDConfig/__init__.py.in:287 msgid "Length of time to attempt synchronous LDAP operations" msgstr "Hoe lang proberen synchroon LDAP te benaderen" -#: src/config/SSSDConfig/__init__.py.in:287 +#: src/config/SSSDConfig/__init__.py.in:288 msgid "Length of time between attempts to reconnect while offline" msgstr "" "Duur tussen pogingen om de verbinding opnieuw tot stand te brengen tijdens " "offline zijn" -#: src/config/SSSDConfig/__init__.py.in:288 +#: src/config/SSSDConfig/__init__.py.in:289 msgid "Use only the upper case for realm names" msgstr "Gebruik alleen hoofdletters voor gebiedsnamen" -#: src/config/SSSDConfig/__init__.py.in:289 +#: src/config/SSSDConfig/__init__.py.in:290 msgid "File that contains CA certificates" msgstr "Bestand dat de bekende CA-certificaten bevat" -#: src/config/SSSDConfig/__init__.py.in:290 +#: src/config/SSSDConfig/__init__.py.in:291 msgid "Path to CA certificate directory" msgstr "Pad naar de CA-certificatenmap" -#: src/config/SSSDConfig/__init__.py.in:291 +#: src/config/SSSDConfig/__init__.py.in:292 msgid "File that contains the client certificate" msgstr "Bestand dat het client certificaat bevat" -#: src/config/SSSDConfig/__init__.py.in:292 +#: src/config/SSSDConfig/__init__.py.in:293 msgid "File that contains the client key" msgstr "Bestand dat de client sleutel bevat" -#: src/config/SSSDConfig/__init__.py.in:293 +#: src/config/SSSDConfig/__init__.py.in:294 msgid "List of possible ciphers suites" msgstr "Lijst van mogelijke sleutel suites" -#: src/config/SSSDConfig/__init__.py.in:294 +#: src/config/SSSDConfig/__init__.py.in:295 msgid "Require TLS certificate verification" msgstr "Vereis verificatie van het TLS-certificaat" -#: src/config/SSSDConfig/__init__.py.in:295 +#: src/config/SSSDConfig/__init__.py.in:296 msgid "Specify the sasl mechanism to use" msgstr "Geef het SASL-mechanisme op wat gebruikt moet worden" -#: src/config/SSSDConfig/__init__.py.in:296 +#: src/config/SSSDConfig/__init__.py.in:297 msgid "Specify the sasl authorization id to use" msgstr "Geef het SASL-authorisatie-ID op wat gebruikt moet worden" -#: src/config/SSSDConfig/__init__.py.in:297 +#: src/config/SSSDConfig/__init__.py.in:298 msgid "Specify the sasl authorization realm to use" msgstr "Specificeer het te gebruiken sasl autorisatiegebied " -#: src/config/SSSDConfig/__init__.py.in:298 +#: src/config/SSSDConfig/__init__.py.in:299 msgid "Specify the minimal SSF for LDAP sasl authorization" msgstr "Specificeer de minimale SSF voor LDAP sasl autorisatie" -#: src/config/SSSDConfig/__init__.py.in:299 +#: src/config/SSSDConfig/__init__.py.in:300 msgid "Kerberos service keytab" msgstr "Kerberos service keytab" -#: src/config/SSSDConfig/__init__.py.in:300 +#: src/config/SSSDConfig/__init__.py.in:301 msgid "Use Kerberos auth for LDAP connection" msgstr "Gebruik Kerberos authenticatie voor LDAP-connectie" -#: src/config/SSSDConfig/__init__.py.in:301 +#: src/config/SSSDConfig/__init__.py.in:302 msgid "Follow LDAP referrals" msgstr "Volg LDAP-doorverwijzingen" -#: src/config/SSSDConfig/__init__.py.in:302 +#: src/config/SSSDConfig/__init__.py.in:303 msgid "Lifetime of TGT for LDAP connection" msgstr "Levensduur van TGT voor LDAP-connectie" -#: src/config/SSSDConfig/__init__.py.in:303 +#: src/config/SSSDConfig/__init__.py.in:304 msgid "How to dereference aliases" msgstr "Hoe moet de alias referentie verwijderd worden" -#: src/config/SSSDConfig/__init__.py.in:304 +#: src/config/SSSDConfig/__init__.py.in:305 msgid "Service name for DNS service lookups" msgstr "Service naam voor DNS service opzoeken" -#: src/config/SSSDConfig/__init__.py.in:305 +#: src/config/SSSDConfig/__init__.py.in:306 msgid "The number of records to retrieve in a single LDAP query" msgstr "" "Het aantal records dat opgehaald moet worden met een enkele LDAP bevraging" -#: src/config/SSSDConfig/__init__.py.in:306 +#: src/config/SSSDConfig/__init__.py.in:307 msgid "The number of members that must be missing to trigger a full deref" msgstr "" "Het aantal leden van moet ontbreken om een volledige de-referentie te " "veroorzaken" -#: src/config/SSSDConfig/__init__.py.in:307 +#: src/config/SSSDConfig/__init__.py.in:308 msgid "" "Whether the LDAP library should perform a reverse lookup to canonicalize the " "host name during a SASL bind" @@ -1001,391 +1006,392 @@ msgstr "" "Moet de LDAP bibliotheek omgekeerd opzoeken uitvoeren om de hostnaam te " "autoriseren tijdens een SASL binding" -#: src/config/SSSDConfig/__init__.py.in:309 +#: src/config/SSSDConfig/__init__.py.in:310 msgid "entryUSN attribute" msgstr "entryUSN attribuut" -#: src/config/SSSDConfig/__init__.py.in:310 +#: src/config/SSSDConfig/__init__.py.in:311 msgid "lastUSN attribute" msgstr "lastUSN attribuut" -#: src/config/SSSDConfig/__init__.py.in:312 +#: src/config/SSSDConfig/__init__.py.in:313 msgid "How long to retain a connection to the LDAP server before disconnecting" msgstr "" "Hoe lang een verbinding met de LDAP server gebouden moet blijven voordat het " "losgekoppeld wordt" -#: src/config/SSSDConfig/__init__.py.in:314 +#: src/config/SSSDConfig/__init__.py.in:315 msgid "Disable the LDAP paging control" msgstr "Het LDAP paging besturingselement uitschakelen" -#: src/config/SSSDConfig/__init__.py.in:315 +#: src/config/SSSDConfig/__init__.py.in:316 msgid "Disable Active Directory range retrieval" msgstr "Zet Active Directory bereik opvragen uit" -#: src/config/SSSDConfig/__init__.py.in:318 +#: src/config/SSSDConfig/__init__.py.in:319 msgid "Length of time to wait for a search request" msgstr "Tijd om te wachten op een zoekopdracht" -#: src/config/SSSDConfig/__init__.py.in:319 +#: src/config/SSSDConfig/__init__.py.in:320 msgid "Length of time to wait for a enumeration request" msgstr "Tijdsduur te wachten voor een opsommingsverzoek" -#: src/config/SSSDConfig/__init__.py.in:320 +#: src/config/SSSDConfig/__init__.py.in:321 msgid "Length of time between enumeration updates" msgstr "Tijd om te wachten tussen enumeratie-updates" -#: src/config/SSSDConfig/__init__.py.in:321 +#: src/config/SSSDConfig/__init__.py.in:322 msgid "Length of time between cache cleanups" msgstr "Tijdsduur tussen cache opschoningen" -#: src/config/SSSDConfig/__init__.py.in:322 +#: src/config/SSSDConfig/__init__.py.in:323 msgid "Require TLS for ID lookups" msgstr "Vereis TLS voor het opzoeken van ID's" -#: src/config/SSSDConfig/__init__.py.in:323 +#: src/config/SSSDConfig/__init__.py.in:324 msgid "Use ID-mapping of objectSID instead of pre-set IDs" msgstr "Gebruik ID-mapping van objectSID gebruiken in plaats van pre-set ID's" -#: src/config/SSSDConfig/__init__.py.in:324 +#: src/config/SSSDConfig/__init__.py.in:325 msgid "Base DN for user lookups" msgstr "Base DN voor het opzoeken van gebruikers" -#: src/config/SSSDConfig/__init__.py.in:325 +#: src/config/SSSDConfig/__init__.py.in:326 msgid "Scope of user lookups" msgstr "Scope voor het opzoeken van gebruikers" -#: src/config/SSSDConfig/__init__.py.in:326 +#: src/config/SSSDConfig/__init__.py.in:327 msgid "Filter for user lookups" msgstr "Filter voor het opzoeken van gebruikers" -#: src/config/SSSDConfig/__init__.py.in:327 +#: src/config/SSSDConfig/__init__.py.in:328 msgid "Objectclass for users" msgstr "Objectclass voor gebruikers" -#: src/config/SSSDConfig/__init__.py.in:328 +#: src/config/SSSDConfig/__init__.py.in:329 msgid "Username attribute" msgstr "Username-attribuut" -#: src/config/SSSDConfig/__init__.py.in:330 +#: src/config/SSSDConfig/__init__.py.in:331 msgid "UID attribute" msgstr "UID-attribuut" -#: src/config/SSSDConfig/__init__.py.in:331 +#: src/config/SSSDConfig/__init__.py.in:332 msgid "Primary GID attribute" msgstr "Primair GID-attribuut" -#: src/config/SSSDConfig/__init__.py.in:332 +#: src/config/SSSDConfig/__init__.py.in:333 msgid "GECOS attribute" msgstr "GECOS-attribuut" -#: src/config/SSSDConfig/__init__.py.in:333 +#: src/config/SSSDConfig/__init__.py.in:334 msgid "Home directory attribute" msgstr "Gebruikersmap-attribuut" -#: src/config/SSSDConfig/__init__.py.in:334 +#: src/config/SSSDConfig/__init__.py.in:335 msgid "Shell attribute" msgstr "Shell-attribuut" -#: src/config/SSSDConfig/__init__.py.in:335 +#: src/config/SSSDConfig/__init__.py.in:336 msgid "UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:336 -#: src/config/SSSDConfig/__init__.py.in:378 +#: src/config/SSSDConfig/__init__.py.in:337 +#: src/config/SSSDConfig/__init__.py.in:379 msgid "objectSID attribute" msgstr "objectSID attribuut" -#: src/config/SSSDConfig/__init__.py.in:337 +#: src/config/SSSDConfig/__init__.py.in:338 msgid "Active Directory primary group attribute for ID-mapping" msgstr "Active Directory primaire groep attribuut voor ID-mapping" -#: src/config/SSSDConfig/__init__.py.in:338 +#: src/config/SSSDConfig/__init__.py.in:339 msgid "User principal attribute (for Kerberos)" msgstr "Userprincipal-attribuut (voor Kerberos)" -#: src/config/SSSDConfig/__init__.py.in:339 +#: src/config/SSSDConfig/__init__.py.in:340 msgid "Full Name" msgstr "Volledige naam" -#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:341 msgid "memberOf attribute" msgstr "memberOf-attribuut" -#: src/config/SSSDConfig/__init__.py.in:341 +#: src/config/SSSDConfig/__init__.py.in:342 msgid "Modification time attribute" msgstr "Modification time-attribuut" -#: src/config/SSSDConfig/__init__.py.in:343 +#: src/config/SSSDConfig/__init__.py.in:344 msgid "shadowLastChange attribute" msgstr "shadowLastChange attribuut" -#: src/config/SSSDConfig/__init__.py.in:344 +#: src/config/SSSDConfig/__init__.py.in:345 msgid "shadowMin attribute" msgstr "shadowMin attribuut" -#: src/config/SSSDConfig/__init__.py.in:345 +#: src/config/SSSDConfig/__init__.py.in:346 msgid "shadowMax attribute" msgstr "shadowMax attribuut" -#: src/config/SSSDConfig/__init__.py.in:346 +#: src/config/SSSDConfig/__init__.py.in:347 msgid "shadowWarning attribute" msgstr "shadowWarning attribuut" -#: src/config/SSSDConfig/__init__.py.in:347 +#: src/config/SSSDConfig/__init__.py.in:348 msgid "shadowInactive attribute" msgstr "shadowInactive attribuut" -#: src/config/SSSDConfig/__init__.py.in:348 +#: src/config/SSSDConfig/__init__.py.in:349 msgid "shadowExpire attribute" msgstr "shadowExpire attribuut" -#: src/config/SSSDConfig/__init__.py.in:349 +#: src/config/SSSDConfig/__init__.py.in:350 msgid "shadowFlag attribute" msgstr "shadowFlag attribuut" -#: src/config/SSSDConfig/__init__.py.in:350 +#: src/config/SSSDConfig/__init__.py.in:351 msgid "Attribute listing authorized PAM services" msgstr "Attribuut voor tonen van geautoriseerde PAM services" -#: src/config/SSSDConfig/__init__.py.in:351 +#: src/config/SSSDConfig/__init__.py.in:352 msgid "Attribute listing authorized server hosts" msgstr "Attribuut dat geautoriseerde server hosts toont" -#: src/config/SSSDConfig/__init__.py.in:352 +#: src/config/SSSDConfig/__init__.py.in:353 #, fuzzy msgid "Attribute listing authorized server rhosts" msgstr "Attribuut dat geautoriseerde server hosts toont" -#: src/config/SSSDConfig/__init__.py.in:353 +#: src/config/SSSDConfig/__init__.py.in:354 msgid "krbLastPwdChange attribute" msgstr "krbLastPwdChange attribuut" -#: src/config/SSSDConfig/__init__.py.in:354 +#: src/config/SSSDConfig/__init__.py.in:355 msgid "krbPasswordExpiration attribute" msgstr "krbPasswordExpiration attribuut" -#: src/config/SSSDConfig/__init__.py.in:355 +#: src/config/SSSDConfig/__init__.py.in:356 msgid "Attribute indicating that server side password policies are active" msgstr "Attribuut welke aangeeft dat wachtwoordtactiek op de server actief is" -#: src/config/SSSDConfig/__init__.py.in:356 +#: src/config/SSSDConfig/__init__.py.in:357 msgid "accountExpires attribute of AD" msgstr "accountExpires attribuut van AD" -#: src/config/SSSDConfig/__init__.py.in:357 +#: src/config/SSSDConfig/__init__.py.in:358 msgid "userAccountControl attribute of AD" msgstr "userAccountControl attribuut van AD" -#: src/config/SSSDConfig/__init__.py.in:358 +#: src/config/SSSDConfig/__init__.py.in:359 msgid "nsAccountLock attribute" msgstr "nsAccountLock attribuut" -#: src/config/SSSDConfig/__init__.py.in:359 +#: src/config/SSSDConfig/__init__.py.in:360 msgid "loginDisabled attribute of NDS" msgstr "loginDisabled attribuut van NDS" -#: src/config/SSSDConfig/__init__.py.in:360 +#: src/config/SSSDConfig/__init__.py.in:361 msgid "loginExpirationTime attribute of NDS" msgstr "loginExpirationTime attribuut van NDS" -#: src/config/SSSDConfig/__init__.py.in:361 +#: src/config/SSSDConfig/__init__.py.in:362 msgid "loginAllowedTimeMap attribute of NDS" msgstr "loginAllowedTimeMap attribuut van NDS" -#: src/config/SSSDConfig/__init__.py.in:362 +#: src/config/SSSDConfig/__init__.py.in:363 msgid "SSH public key attribute" msgstr "SSH publieke sleutel attribuut" -#: src/config/SSSDConfig/__init__.py.in:363 +#: src/config/SSSDConfig/__init__.py.in:364 msgid "attribute listing allowed authentication types for a user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:364 +#: src/config/SSSDConfig/__init__.py.in:365 msgid "attribute containing the X509 certificate of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:365 +#: src/config/SSSDConfig/__init__.py.in:366 msgid "attribute containing the email address of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:367 +#: src/config/SSSDConfig/__init__.py.in:368 msgid "A list of extra attributes to download along with the user entry" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:369 +#: src/config/SSSDConfig/__init__.py.in:370 msgid "Base DN for group lookups" msgstr "Basis DN voor groep opzoeken" -#: src/config/SSSDConfig/__init__.py.in:372 +#: src/config/SSSDConfig/__init__.py.in:373 msgid "Objectclass for groups" msgstr "Objectklasse voor groepen" -#: src/config/SSSDConfig/__init__.py.in:373 +#: src/config/SSSDConfig/__init__.py.in:374 msgid "Group name" msgstr "Groepsnaam" -#: src/config/SSSDConfig/__init__.py.in:374 +#: src/config/SSSDConfig/__init__.py.in:375 msgid "Group password" msgstr "Groep wachtwoord" -#: src/config/SSSDConfig/__init__.py.in:375 +#: src/config/SSSDConfig/__init__.py.in:376 msgid "GID attribute" msgstr "GID attribuut" -#: src/config/SSSDConfig/__init__.py.in:376 +#: src/config/SSSDConfig/__init__.py.in:377 msgid "Group member attribute" msgstr "Groep deelnemer attribuut" -#: src/config/SSSDConfig/__init__.py.in:377 +#: src/config/SSSDConfig/__init__.py.in:378 msgid "Group UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:379 +#: src/config/SSSDConfig/__init__.py.in:380 msgid "Modification time attribute for groups" msgstr "Verandertijd attribuut voor groepen" -#: src/config/SSSDConfig/__init__.py.in:380 +#: src/config/SSSDConfig/__init__.py.in:381 msgid "Type of the group and other flags" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:381 +#: src/config/SSSDConfig/__init__.py.in:382 msgid "The LDAP group external member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:383 -msgid "Maximum nesting level SSSd will follow" +#: src/config/SSSDConfig/__init__.py.in:384 +#, fuzzy +msgid "Maximum nesting level SSSD will follow" msgstr "Maximale nest niveau dat SSSd zal volgen" -#: src/config/SSSDConfig/__init__.py.in:385 +#: src/config/SSSDConfig/__init__.py.in:386 msgid "Base DN for netgroup lookups" msgstr "Basis DN voor netgroep opzoeken" -#: src/config/SSSDConfig/__init__.py.in:386 +#: src/config/SSSDConfig/__init__.py.in:387 msgid "Objectclass for netgroups" msgstr "Objectklasse voor netgroepen" -#: src/config/SSSDConfig/__init__.py.in:387 +#: src/config/SSSDConfig/__init__.py.in:388 msgid "Netgroup name" msgstr "Netgroep naam" -#: src/config/SSSDConfig/__init__.py.in:388 +#: src/config/SSSDConfig/__init__.py.in:389 msgid "Netgroups members attribute" msgstr "Netgroep leden attribuut" -#: src/config/SSSDConfig/__init__.py.in:389 +#: src/config/SSSDConfig/__init__.py.in:390 msgid "Netgroup triple attribute" msgstr "Netgroep triple attibuut" -#: src/config/SSSDConfig/__init__.py.in:390 +#: src/config/SSSDConfig/__init__.py.in:391 msgid "Modification time attribute for netgroups" msgstr "Verandertijd attribuut voor netgroepen" -#: src/config/SSSDConfig/__init__.py.in:392 +#: src/config/SSSDConfig/__init__.py.in:393 msgid "Base DN for service lookups" msgstr "Basis DN voor service lookups" -#: src/config/SSSDConfig/__init__.py.in:393 +#: src/config/SSSDConfig/__init__.py.in:394 msgid "Objectclass for services" msgstr "Objectclass voor services" -#: src/config/SSSDConfig/__init__.py.in:394 +#: src/config/SSSDConfig/__init__.py.in:395 msgid "Service name attribute" msgstr "Service naam attribuut" -#: src/config/SSSDConfig/__init__.py.in:395 +#: src/config/SSSDConfig/__init__.py.in:396 msgid "Service port attribute" msgstr "Service port attribuut" -#: src/config/SSSDConfig/__init__.py.in:396 +#: src/config/SSSDConfig/__init__.py.in:397 msgid "Service protocol attribute" msgstr "Service protocol attribuut" -#: src/config/SSSDConfig/__init__.py.in:399 +#: src/config/SSSDConfig/__init__.py.in:400 msgid "Lower bound for ID-mapping" msgstr "Ondergrens voor ID-mapping" -#: src/config/SSSDConfig/__init__.py.in:400 +#: src/config/SSSDConfig/__init__.py.in:401 msgid "Upper bound for ID-mapping" msgstr "Bovengrens voor ID-mapping" -#: src/config/SSSDConfig/__init__.py.in:401 +#: src/config/SSSDConfig/__init__.py.in:402 msgid "Number of IDs for each slice when ID-mapping" msgstr "Aantal ID's voor elk segment bij ID-mapping" -#: src/config/SSSDConfig/__init__.py.in:402 +#: src/config/SSSDConfig/__init__.py.in:403 msgid "Use autorid-compatible algorithm for ID-mapping" msgstr "Gebruik autorid-compatibel algoritme voor ID-mapping" -#: src/config/SSSDConfig/__init__.py.in:403 +#: src/config/SSSDConfig/__init__.py.in:404 msgid "Name of the default domain for ID-mapping" msgstr "Naam van het standaard domein voor ID-mapping" -#: src/config/SSSDConfig/__init__.py.in:404 +#: src/config/SSSDConfig/__init__.py.in:405 msgid "SID of the default domain for ID-mapping" msgstr "SID van het standaard domein voor ID-mapping" -#: src/config/SSSDConfig/__init__.py.in:405 +#: src/config/SSSDConfig/__init__.py.in:406 msgid "Number of secondary slices" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:407 +#: src/config/SSSDConfig/__init__.py.in:408 msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups" msgstr "Gebruik LDAP_MATCHING_RULE_IN_CHAIN voor groep opzoeken" -#: src/config/SSSDConfig/__init__.py.in:408 +#: src/config/SSSDConfig/__init__.py.in:409 msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups" msgstr "Gebruik LDAP_MATCHING_RULE_IN_CHAIN voor initgroep opzoeken" -#: src/config/SSSDConfig/__init__.py.in:409 +#: src/config/SSSDConfig/__init__.py.in:410 msgid "Whether to use Token-Groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:410 +#: src/config/SSSDConfig/__init__.py.in:411 msgid "Set lower boundary for allowed IDs from the LDAP server" msgstr "Laagste grens instellen voor toegestane id's van de LDAP-server" -#: src/config/SSSDConfig/__init__.py.in:411 +#: src/config/SSSDConfig/__init__.py.in:412 msgid "Set upper boundary for allowed IDs from the LDAP server" msgstr "Hoogste grens instellen voor toegestane id's van de LDAP-server" -#: src/config/SSSDConfig/__init__.py.in:412 +#: src/config/SSSDConfig/__init__.py.in:413 msgid "DN for ppolicy queries" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:413 +#: src/config/SSSDConfig/__init__.py.in:414 msgid "How many maximum entries to fetch during a wildcard request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:416 +#: src/config/SSSDConfig/__init__.py.in:417 msgid "Policy to evaluate the password expiration" msgstr "Policy om wacthwoordverloop mee te evalueren" -#: src/config/SSSDConfig/__init__.py.in:420 +#: src/config/SSSDConfig/__init__.py.in:421 msgid "Which attributes shall be used to evaluate if an account is expired" msgstr "" "Welke attributen worden gebruikt voor evaluatie als het account verlopen is" -#: src/config/SSSDConfig/__init__.py.in:421 +#: src/config/SSSDConfig/__init__.py.in:422 msgid "Which rules should be used to evaluate access control" msgstr "" "Welke regels moeten gebruikt worden voor de evaluatie van toegangscontrole" -#: src/config/SSSDConfig/__init__.py.in:424 +#: src/config/SSSDConfig/__init__.py.in:425 msgid "URI of an LDAP server where password changes are allowed" msgstr "" "URI van een LDAP server waarop wachtwoord veranderingen toegestaan zijn" -#: src/config/SSSDConfig/__init__.py.in:425 +#: src/config/SSSDConfig/__init__.py.in:426 msgid "URI of a backup LDAP server where password changes are allowed" msgstr "" "URI van een back-up LDAP server waar wachtwoord veranderingen toegestaan zijn" -#: src/config/SSSDConfig/__init__.py.in:426 +#: src/config/SSSDConfig/__init__.py.in:427 msgid "DNS service name for LDAP password change server" msgstr "DNS service naam voor LDAP wachtwoord verander server" -#: src/config/SSSDConfig/__init__.py.in:427 +#: src/config/SSSDConfig/__init__.py.in:428 msgid "" "Whether to update the ldap_user_shadow_last_change attribute after a " "password change" @@ -1393,23 +1399,23 @@ msgstr "" "Moet het ldap_user_shadow_last_change attribuut vernieuwd worden na een " "wachtwoordwijziging" -#: src/config/SSSDConfig/__init__.py.in:430 +#: src/config/SSSDConfig/__init__.py.in:431 msgid "Base DN for sudo rules lookups" msgstr "Basis DN voor sudo regels lookups" -#: src/config/SSSDConfig/__init__.py.in:431 +#: src/config/SSSDConfig/__init__.py.in:432 msgid "Automatic full refresh period" msgstr "Automatische volledige ververs periode" -#: src/config/SSSDConfig/__init__.py.in:432 +#: src/config/SSSDConfig/__init__.py.in:433 msgid "Automatic smart refresh period" msgstr "Automatische slimme ververs periode" -#: src/config/SSSDConfig/__init__.py.in:433 +#: src/config/SSSDConfig/__init__.py.in:434 msgid "Whether to filter rules by hostname, IP addresses and network" msgstr "Moeten regels gefilterd worden volgens hostnaam, IP adres en netwerk" -#: src/config/SSSDConfig/__init__.py.in:434 +#: src/config/SSSDConfig/__init__.py.in:435 msgid "" "Hostnames and/or fully qualified domain names of this machine to filter sudo " "rules" @@ -1417,320 +1423,329 @@ msgstr "" "Hostnamen en/of volledig gekwalificeerde domeinnamen van deze machine voor " "het filteren van sudo regels" -#: src/config/SSSDConfig/__init__.py.in:435 +#: src/config/SSSDConfig/__init__.py.in:436 msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" msgstr "" "IPv4 of IPv6 adressen of netwerk van deze machine voor het filteren van sudo " "regels" -#: src/config/SSSDConfig/__init__.py.in:436 +#: src/config/SSSDConfig/__init__.py.in:437 msgid "Whether to include rules that contains netgroup in host attribute" msgstr "" "Moeten regels toegevoegd worden die netgroep bevatten in host attribuut " -#: src/config/SSSDConfig/__init__.py.in:437 +#: src/config/SSSDConfig/__init__.py.in:438 msgid "" "Whether to include rules that contains regular expression in host attribute" msgstr "" "Moeten regels toegevoegd worden die regulaire expressie bevatten in host " "attribuut " -#: src/config/SSSDConfig/__init__.py.in:438 +#: src/config/SSSDConfig/__init__.py.in:439 msgid "Object class for sudo rules" msgstr "Objectklasse voor sudo regels" -#: src/config/SSSDConfig/__init__.py.in:439 +#: src/config/SSSDConfig/__init__.py.in:440 msgid "Sudo rule name" msgstr "Sudo regelnaam" -#: src/config/SSSDConfig/__init__.py.in:440 +#: src/config/SSSDConfig/__init__.py.in:441 msgid "Sudo rule command attribute" msgstr "Sudo regel opdracht attribuut" -#: src/config/SSSDConfig/__init__.py.in:441 +#: src/config/SSSDConfig/__init__.py.in:442 msgid "Sudo rule host attribute" msgstr "Sudo regel host attribuut" -#: src/config/SSSDConfig/__init__.py.in:442 +#: src/config/SSSDConfig/__init__.py.in:443 msgid "Sudo rule user attribute" msgstr "Sudo regel gebruiker attribuut" -#: src/config/SSSDConfig/__init__.py.in:443 +#: src/config/SSSDConfig/__init__.py.in:444 msgid "Sudo rule option attribute" msgstr "Sudo regel optie attribuut" -#: src/config/SSSDConfig/__init__.py.in:444 +#: src/config/SSSDConfig/__init__.py.in:445 msgid "Sudo rule runas attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:445 +#: src/config/SSSDConfig/__init__.py.in:446 msgid "Sudo rule runasuser attribute" msgstr "Sudo regel runasuser attribuut" -#: src/config/SSSDConfig/__init__.py.in:446 +#: src/config/SSSDConfig/__init__.py.in:447 msgid "Sudo rule runasgroup attribute" msgstr "Sudo regel runasgroup attribuut" -#: src/config/SSSDConfig/__init__.py.in:447 +#: src/config/SSSDConfig/__init__.py.in:448 msgid "Sudo rule notbefore attribute" msgstr "Sudo regel notbefore attribuut" -#: src/config/SSSDConfig/__init__.py.in:448 +#: src/config/SSSDConfig/__init__.py.in:449 msgid "Sudo rule notafter attribute" msgstr "Sudo regel notafter attribuut" -#: src/config/SSSDConfig/__init__.py.in:449 +#: src/config/SSSDConfig/__init__.py.in:450 msgid "Sudo rule order attribute" msgstr "Sudo regel volgorde attribuut" -#: src/config/SSSDConfig/__init__.py.in:452 +#: src/config/SSSDConfig/__init__.py.in:453 msgid "Object class for automounter maps" msgstr "Object class voor automounter maps" -#: src/config/SSSDConfig/__init__.py.in:453 +#: src/config/SSSDConfig/__init__.py.in:454 msgid "Automounter map name attribute" msgstr "Automounter map naam attribuut" -#: src/config/SSSDConfig/__init__.py.in:454 +#: src/config/SSSDConfig/__init__.py.in:455 msgid "Object class for automounter map entries" msgstr "Objectklasse voor automounter map ingaven" -#: src/config/SSSDConfig/__init__.py.in:455 +#: src/config/SSSDConfig/__init__.py.in:456 msgid "Automounter map entry key attribute" msgstr "Automounter map sleutel ingave attribuut" -#: src/config/SSSDConfig/__init__.py.in:456 +#: src/config/SSSDConfig/__init__.py.in:457 msgid "Automounter map entry value attribute" msgstr "Automounter map ingavewaarde attribuut" -#: src/config/SSSDConfig/__init__.py.in:457 +#: src/config/SSSDConfig/__init__.py.in:458 msgid "Base DN for automounter map lookups" msgstr "Basis DN voor automounter kaart opzoeken" -#: src/config/SSSDConfig/__init__.py.in:460 +#: src/config/SSSDConfig/__init__.py.in:461 msgid "Comma separated list of allowed users" msgstr "Kommagescheiden lijst van toegestane gebruikers" -#: src/config/SSSDConfig/__init__.py.in:461 +#: src/config/SSSDConfig/__init__.py.in:462 msgid "Comma separated list of prohibited users" msgstr "Kommagescheiden lijst van geweigerde gebruikers" -#: src/config/SSSDConfig/__init__.py.in:464 +#: src/config/SSSDConfig/__init__.py.in:465 msgid "Default shell, /bin/bash" msgstr "Standaard shell, /bin/bash" -#: src/config/SSSDConfig/__init__.py.in:465 +#: src/config/SSSDConfig/__init__.py.in:466 msgid "Base for home directories" msgstr "Basis voor gebruikersmappen" -#: src/config/SSSDConfig/__init__.py.in:468 +#: src/config/SSSDConfig/__init__.py.in:469 msgid "The number of preforked proxy children." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:471 +#: src/config/SSSDConfig/__init__.py.in:472 msgid "The name of the NSS library to use" msgstr "De naam van de NSS-bibliotheek die gebruikt wordt" -#: src/config/SSSDConfig/__init__.py.in:472 +#: src/config/SSSDConfig/__init__.py.in:473 msgid "Whether to look up canonical group name from cache if possible" msgstr "Moet indien mogelijk canonieke groepsnaam in cache opgezocht worden " -#: src/config/SSSDConfig/__init__.py.in:475 +#: src/config/SSSDConfig/__init__.py.in:476 msgid "PAM stack to use" msgstr "PAM-stack die gebruikt wordt" -#: src/monitor/monitor.c:2469 +#: src/monitor/monitor.c:2449 msgid "Become a daemon (default)" msgstr "Start in de achtergrond (standaard)" -#: src/monitor/monitor.c:2471 +#: src/monitor/monitor.c:2451 msgid "Run interactive (not a daemon)" msgstr "Start interactief (standaard)" -#: src/monitor/monitor.c:2474 +#: src/monitor/monitor.c:2454 msgid "Disable netlink interface" msgstr "" -#: src/monitor/monitor.c:2476 src/tools/sssctl/sssctl_logs.c:311 +#: src/monitor/monitor.c:2456 src/tools/sssctl/sssctl_logs.c:311 msgid "Specify a non-default config file" msgstr "Geef een niet-standaard configuratiebestand op" -#: src/monitor/monitor.c:2478 +#: src/monitor/monitor.c:2458 msgid "Refresh the configuration database, then exit" msgstr "" -#: src/monitor/monitor.c:2481 +#: src/monitor/monitor.c:2461 msgid "Print version number and exit" msgstr "Print versie nummer en sluit af" -#: src/monitor/monitor.c:2645 +#: src/monitor/monitor.c:2627 msgid "SSSD is already running\n" msgstr "" -#: src/providers/krb5/krb5_child.c:3032 src/providers/ldap/ldap_child.c:616 +#: src/providers/krb5/krb5_child.c:3216 src/providers/ldap/ldap_child.c:617 msgid "Debug level" msgstr "Debug niveau" -#: src/providers/krb5/krb5_child.c:3034 src/providers/ldap/ldap_child.c:618 +#: src/providers/krb5/krb5_child.c:3218 src/providers/ldap/ldap_child.c:619 msgid "Add debug timestamps" msgstr "Voeg tijdstempels toe aan debugberichten" -#: src/providers/krb5/krb5_child.c:3036 src/providers/ldap/ldap_child.c:620 +#: src/providers/krb5/krb5_child.c:3220 src/providers/ldap/ldap_child.c:621 msgid "Show timestamps with microseconds" msgstr "Toon tijdstempel met microseconden" -#: src/providers/krb5/krb5_child.c:3038 src/providers/ldap/ldap_child.c:622 +#: src/providers/krb5/krb5_child.c:3222 src/providers/ldap/ldap_child.c:623 msgid "An open file descriptor for the debug logs" msgstr "Een geopend bestand voor de debug logs" -#: src/providers/krb5/krb5_child.c:3041 src/providers/ldap/ldap_child.c:624 +#: src/providers/krb5/krb5_child.c:3225 src/providers/ldap/ldap_child.c:625 msgid "Send the debug output to stderr directly." msgstr "" -#: src/providers/krb5/krb5_child.c:3043 +#: src/providers/krb5/krb5_child.c:3228 msgid "The user to create FAST ccache as" msgstr "" -#: src/providers/krb5/krb5_child.c:3045 +#: src/providers/krb5/krb5_child.c:3230 msgid "The group to create FAST ccache as" msgstr "" -#: src/providers/krb5/krb5_child.c:3047 +#: src/providers/krb5/krb5_child.c:3232 msgid "Kerberos realm to use" msgstr "" -#: src/providers/krb5/krb5_child.c:3049 +#: src/providers/krb5/krb5_child.c:3234 msgid "Requested lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:3051 +#: src/providers/krb5/krb5_child.c:3236 msgid "Requested renewable lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:3053 +#: src/providers/krb5/krb5_child.c:3238 msgid "FAST options ('never', 'try', 'demand')" msgstr "" -#: src/providers/krb5/krb5_child.c:3056 +#: src/providers/krb5/krb5_child.c:3241 msgid "Specifies the server principal to use for FAST" msgstr "" -#: src/providers/krb5/krb5_child.c:3058 +#: src/providers/krb5/krb5_child.c:3243 msgid "Requests canonicalization of the principal name" msgstr "" -#: src/providers/data_provider_be.c:553 +#: src/providers/krb5/krb5_child.c:3245 +msgid "Use custom version of krb5_get_init_creds_password" +msgstr "" + +#: src/providers/data_provider_be.c:555 msgid "Domain of the information provider (mandatory)" msgstr "Domein voor de informatie provider (verplicht)" -#: src/sss_client/common.c:1061 +#: src/sss_client/common.c:1066 msgid "Privileged socket has wrong ownership or permissions." msgstr "Socket met privileges heeft verkeerde rechten of eigendom." -#: src/sss_client/common.c:1064 +#: src/sss_client/common.c:1069 msgid "Public socket has wrong ownership or permissions." msgstr "Publiek socket heeft verkeerde rechten of eigendom." -#: src/sss_client/common.c:1067 +#: src/sss_client/common.c:1072 msgid "Unexpected format of the server credential message." msgstr "Onverwacht formaat van het inloggegevensbericht van de server." -#: src/sss_client/common.c:1070 +#: src/sss_client/common.c:1075 msgid "SSSD is not run by root." msgstr "SSSD wordt niet door root gestart." -#: src/sss_client/common.c:1075 +#: src/sss_client/common.c:1080 msgid "An error occurred, but no description can be found." msgstr "" "Er is een fout opgetreden, maar er kan geen omschrijving gevonden worden." -#: src/sss_client/common.c:1081 +#: src/sss_client/common.c:1086 msgid "Unexpected error while looking for an error description" msgstr "Onverwachtte fout bij het opzoeken van een omschrijving" -#: src/sss_client/pam_sss.c:68 +#: src/sss_client/pam_sss.c:76 msgid "Permission denied. " msgstr "" -#: src/sss_client/pam_sss.c:69 src/sss_client/pam_sss.c:746 -#: src/sss_client/pam_sss.c:757 +#: src/sss_client/pam_sss.c:77 src/sss_client/pam_sss.c:782 +#: src/sss_client/pam_sss.c:793 msgid "Server message: " msgstr "Serverbericht:" -#: src/sss_client/pam_sss.c:264 +#: src/sss_client/pam_sss.c:300 msgid "Passwords do not match" msgstr "Wachtwoorden komen niet overeen" -#: src/sss_client/pam_sss.c:452 +#: src/sss_client/pam_sss.c:488 msgid "Password reset by root is not supported." msgstr "Wachtwoorden als root wijzigen wordt niet ondersteund." -#: src/sss_client/pam_sss.c:493 +#: src/sss_client/pam_sss.c:529 msgid "Authenticated with cached credentials" msgstr "Geauthenticeerd met gecachte inloggegevens." -#: src/sss_client/pam_sss.c:494 +#: src/sss_client/pam_sss.c:530 msgid ", your cached password will expire at: " msgstr ", uw wachtwoord verloopt op:" -#: src/sss_client/pam_sss.c:524 +#: src/sss_client/pam_sss.c:560 #, c-format msgid "Your password has expired. You have %1$d grace login(s) remaining." msgstr "" "Je wachtwoord is verlopen. Je hebt nog slechts %1$d login(s) beschikbaar." -#: src/sss_client/pam_sss.c:570 +#: src/sss_client/pam_sss.c:606 #, c-format msgid "Your password will expire in %1$d %2$s." msgstr "Je wachtwoord zal verlopen in %1$d %2$s." -#: src/sss_client/pam_sss.c:619 +#: src/sss_client/pam_sss.c:655 msgid "Authentication is denied until: " msgstr "Inloggen wordt geweigerd tot:" -#: src/sss_client/pam_sss.c:640 +#: src/sss_client/pam_sss.c:676 msgid "System is offline, password change not possible" msgstr "Systeem is offline, wachtwoord wijzigen niet mogelijk" -#: src/sss_client/pam_sss.c:655 +#: src/sss_client/pam_sss.c:691 msgid "" "After changing the OTP password, you need to log out and back in order to " "acquire a ticket" msgstr "" -#: src/sss_client/pam_sss.c:743 src/sss_client/pam_sss.c:756 +#: src/sss_client/pam_sss.c:779 src/sss_client/pam_sss.c:792 msgid "Password change failed. " msgstr "Wijzigen van wachtwoord mislukt." -#: src/sss_client/pam_sss.c:1670 +#: src/sss_client/pam_sss.c:1926 msgid "New Password: " msgstr "Nieuw Wachtwoord: " -#: src/sss_client/pam_sss.c:1671 +#: src/sss_client/pam_sss.c:1927 msgid "Reenter new Password: " msgstr "Voer nieuw wachtwoord nogmaals in: " -#: src/sss_client/pam_sss.c:1783 src/sss_client/pam_sss.c:1786 +#: src/sss_client/pam_sss.c:2039 src/sss_client/pam_sss.c:2042 msgid "First Factor: " msgstr "" -#: src/sss_client/pam_sss.c:1784 +#: src/sss_client/pam_sss.c:2040 src/sss_client/pam_sss.c:2202 msgid "Second Factor (optional): " msgstr "" -#: src/sss_client/pam_sss.c:1787 +#: src/sss_client/pam_sss.c:2043 src/sss_client/pam_sss.c:2205 msgid "Second Factor: " msgstr "" -#: src/sss_client/pam_sss.c:1792 +#: src/sss_client/pam_sss.c:2058 msgid "Password: " msgstr "Wachtwoord: " -#: src/sss_client/pam_sss.c:1832 +#: src/sss_client/pam_sss.c:2201 src/sss_client/pam_sss.c:2204 +#, fuzzy +msgid "First Factor (Current Password): " +msgstr "Huidig wachtwoord:" + +#: src/sss_client/pam_sss.c:2208 msgid "Current Password: " msgstr "Huidig wachtwoord:" -#: src/sss_client/pam_sss.c:2098 +#: src/sss_client/pam_sss.c:2536 msgid "Password expired. Change your password now." msgstr "Wachtwoord verlopen. Verander nu uw wachtwoord." @@ -2399,38 +2414,38 @@ msgstr "" msgid "Cached in InfoPipe" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:511 +#: src/tools/sssctl/sssctl_cache.c:512 #, c-format msgid "Error: Unable to get object [%d]: %s\n" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:527 +#: src/tools/sssctl/sssctl_cache.c:528 #, c-format msgid "%s: Unable to read value [%d]: %s\n" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:555 +#: src/tools/sssctl/sssctl_cache.c:556 msgid "Specify name." msgstr "" -#: src/tools/sssctl/sssctl_cache.c:565 +#: src/tools/sssctl/sssctl_cache.c:566 #, c-format msgid "Unable to parse name %s.\n" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:591 src/tools/sssctl/sssctl_cache.c:638 +#: src/tools/sssctl/sssctl_cache.c:592 src/tools/sssctl/sssctl_cache.c:639 msgid "Search by SID" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:592 +#: src/tools/sssctl/sssctl_cache.c:593 msgid "Search by user ID" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:601 +#: src/tools/sssctl/sssctl_cache.c:602 msgid "Initgroups expiration time" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:639 +#: src/tools/sssctl/sssctl_cache.c:640 msgid "Search by group ID" msgstr "" @@ -2468,7 +2483,7 @@ msgid "Unable to create backup directory [%d]: %s" msgstr "" #: src/tools/sssctl/sssctl_data.c:95 -msgid "SSSD backup of local data already exist, override?" +msgid "SSSD backup of local data already exists, override?" msgstr "" #: src/tools/sssctl/sssctl_data.c:111 diff --git a/po/pl.po b/po/pl.po index 2a5b0d7c931..9539dd81231 100644 --- a/po/pl.po +++ b/po/pl.po @@ -12,7 +12,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2017-10-20 16:16+0200\n" +"POT-Creation-Date: 2018-03-09 12:31+0100\n" "PO-Revision-Date: 2017-07-27 08:24-0400\n" "Last-Translator: Piotr Drąg \n" "Language-Team: Polish (http://www.transifex.com/projects/p/sssd/language/" @@ -545,12 +545,12 @@ msgid "Whether to automatically update the client's DNS entry" msgstr "Czy automatycznie aktualizować wpis DNS klienta" #: src/config/SSSDConfig/__init__.py.in:184 -#: src/config/SSSDConfig/__init__.py.in:205 +#: src/config/SSSDConfig/__init__.py.in:206 msgid "The TTL to apply to the client's DNS entry after updating it" msgstr "TTL do zastosowania do wpisu DNS klienta po jego zaktualizowaniu" #: src/config/SSSDConfig/__init__.py.in:185 -#: src/config/SSSDConfig/__init__.py.in:206 +#: src/config/SSSDConfig/__init__.py.in:207 msgid "The interface whose IP should be used for dynamic DNS updates" msgstr "" "Interfejs, którego adres IP powinien być używany do dynamicznych " @@ -600,155 +600,160 @@ msgstr "" "Jak długo dane uwierzytelniania w pamięci podręcznej mogą być używane do " "uwierzytelniania w pamięci podręcznej" -#: src/config/SSSDConfig/__init__.py.in:200 +#: src/config/SSSDConfig/__init__.py.in:198 +#, fuzzy +msgid "Whether to automatically create private groups for users" +msgstr "Czy automatycznie aktualizować wpis DNS klienta" + +#: src/config/SSSDConfig/__init__.py.in:201 msgid "IPA domain" msgstr "Domena IPA" -#: src/config/SSSDConfig/__init__.py.in:201 +#: src/config/SSSDConfig/__init__.py.in:202 msgid "IPA server address" msgstr "Adres serwera IPA" -#: src/config/SSSDConfig/__init__.py.in:202 +#: src/config/SSSDConfig/__init__.py.in:203 msgid "Address of backup IPA server" msgstr "Adres zapasowego serwera IPA" -#: src/config/SSSDConfig/__init__.py.in:203 +#: src/config/SSSDConfig/__init__.py.in:204 msgid "IPA client hostname" msgstr "Nazwa komputera klienta IPA" -#: src/config/SSSDConfig/__init__.py.in:204 +#: src/config/SSSDConfig/__init__.py.in:205 msgid "Whether to automatically update the client's DNS entry in FreeIPA" msgstr "" "Czy automatycznie aktualizować wpis DNS klienta w oprogramowaniu FreeIPA" -#: src/config/SSSDConfig/__init__.py.in:207 +#: src/config/SSSDConfig/__init__.py.in:208 msgid "Search base for HBAC related objects" msgstr "Podstawa wyszukiwania pod kątem obiektów związanych z HBAC" -#: src/config/SSSDConfig/__init__.py.in:208 +#: src/config/SSSDConfig/__init__.py.in:209 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server" msgstr "Czas między wyszukiwaniami reguł HBAC w serwerze IPA" -#: src/config/SSSDConfig/__init__.py.in:209 +#: src/config/SSSDConfig/__init__.py.in:210 msgid "" "The amount of time in seconds between lookups of the SELinux maps against " "the IPA server" msgstr "Czas w sekundach między wyszukiwaniami map SELinuksa w serwerze IPA" -#: src/config/SSSDConfig/__init__.py.in:210 +#: src/config/SSSDConfig/__init__.py.in:211 msgid "If set to false, host argument given by PAM will be ignored" msgstr "" "Jeśli ustawiono na fałsz, to parametr komputera podany przez PAM zostanie " "zignorowany" -#: src/config/SSSDConfig/__init__.py.in:211 +#: src/config/SSSDConfig/__init__.py.in:212 msgid "The automounter location this IPA client is using" msgstr "Położenie automountera, którego używa ten klient IPA" -#: src/config/SSSDConfig/__init__.py.in:212 +#: src/config/SSSDConfig/__init__.py.in:213 msgid "Search base for object containing info about IPA domain" msgstr "" "Podstawa wyszukiwania dla obiektów zawierających informacje o domenie IPA" -#: src/config/SSSDConfig/__init__.py.in:213 +#: src/config/SSSDConfig/__init__.py.in:214 msgid "Search base for objects containing info about ID ranges" msgstr "" "Podstawa wyszukiwania dla obiektów zawierających informacje o zakresach " "identyfikatorów" -#: src/config/SSSDConfig/__init__.py.in:214 -#: src/config/SSSDConfig/__init__.py.in:232 +#: src/config/SSSDConfig/__init__.py.in:215 +#: src/config/SSSDConfig/__init__.py.in:233 msgid "Enable DNS sites - location based service discovery" msgstr "Włącza witryny DNS — wykrywanie usług na podstawie położenia" -#: src/config/SSSDConfig/__init__.py.in:215 +#: src/config/SSSDConfig/__init__.py.in:216 msgid "Search base for view containers" msgstr "Podstawa wyszukiwania dla widoku kontenerów" -#: src/config/SSSDConfig/__init__.py.in:216 +#: src/config/SSSDConfig/__init__.py.in:217 msgid "Objectclass for view containers" msgstr "Klasa obiektu dla widoku kontenerów" -#: src/config/SSSDConfig/__init__.py.in:217 +#: src/config/SSSDConfig/__init__.py.in:218 msgid "Attribute with the name of the view" msgstr "Atrybut z nazwą widoku" -#: src/config/SSSDConfig/__init__.py.in:218 +#: src/config/SSSDConfig/__init__.py.in:219 msgid "Objectclass for override objects" msgstr "Klasa obiektu dla obiektów zastępowania" -#: src/config/SSSDConfig/__init__.py.in:219 +#: src/config/SSSDConfig/__init__.py.in:220 msgid "Attribute with the reference to the original object" msgstr "Atrybut z odniesieniem do pierwotnego obiektu" -#: src/config/SSSDConfig/__init__.py.in:220 +#: src/config/SSSDConfig/__init__.py.in:221 msgid "Objectclass for user override objects" msgstr "Klasa obiektu dla obiektów zastępowania użytkownika" -#: src/config/SSSDConfig/__init__.py.in:221 +#: src/config/SSSDConfig/__init__.py.in:222 msgid "Objectclass for group override objects" msgstr "Klasa obiektów dla obiektów zastępowania grup" -#: src/config/SSSDConfig/__init__.py.in:222 +#: src/config/SSSDConfig/__init__.py.in:223 #, fuzzy msgid "Search base for Desktop Profile related objects" msgstr "Podstawa wyszukiwania pod kątem obiektów związanych z HBAC" -#: src/config/SSSDConfig/__init__.py.in:223 +#: src/config/SSSDConfig/__init__.py.in:224 #, fuzzy msgid "" "The amount of time in seconds between lookups of the Desktop Profile rules " "against the IPA server" msgstr "Czas w sekundach między wyszukiwaniami map SELinuksa w serwerze IPA" -#: src/config/SSSDConfig/__init__.py.in:224 +#: src/config/SSSDConfig/__init__.py.in:225 #, fuzzy msgid "" "The amount of time in minutes between lookups of Desktop Profiles rules " "against the IPA server when the last request did not find any rule" msgstr "Czas między wyszukiwaniami reguł HBAC w serwerze IPA" -#: src/config/SSSDConfig/__init__.py.in:227 +#: src/config/SSSDConfig/__init__.py.in:228 msgid "Active Directory domain" msgstr "Domena Active Directory" -#: src/config/SSSDConfig/__init__.py.in:228 +#: src/config/SSSDConfig/__init__.py.in:229 msgid "Enabled Active Directory domains" msgstr "Włączone domeny Active Directory" -#: src/config/SSSDConfig/__init__.py.in:229 +#: src/config/SSSDConfig/__init__.py.in:230 msgid "Active Directory server address" msgstr "Adres serwera Active Directory" -#: src/config/SSSDConfig/__init__.py.in:230 +#: src/config/SSSDConfig/__init__.py.in:231 msgid "Active Directory backup server address" msgstr "Adres zapasowego serwera Active Directory" -#: src/config/SSSDConfig/__init__.py.in:231 +#: src/config/SSSDConfig/__init__.py.in:232 msgid "Active Directory client hostname" msgstr "Nazwa komputera klienta Active Directory" -#: src/config/SSSDConfig/__init__.py.in:233 -#: src/config/SSSDConfig/__init__.py.in:419 +#: src/config/SSSDConfig/__init__.py.in:234 +#: src/config/SSSDConfig/__init__.py.in:420 msgid "LDAP filter to determine access privileges" msgstr "Filtr LDAP do określenia uprawnień dostępu" -#: src/config/SSSDConfig/__init__.py.in:234 +#: src/config/SSSDConfig/__init__.py.in:235 msgid "Whether to use the Global Catalog for lookups" msgstr "Czy używać Global Catalog do wyszukiwań" -#: src/config/SSSDConfig/__init__.py.in:235 +#: src/config/SSSDConfig/__init__.py.in:236 msgid "Operation mode for GPO-based access control" msgstr "Tryb działania dla kontroli dostępu opartej na GPO" -#: src/config/SSSDConfig/__init__.py.in:236 +#: src/config/SSSDConfig/__init__.py.in:237 msgid "" "The amount of time between lookups of the GPO policy files against the AD " "server" msgstr "Czas między wyszukiwaniami plików polityki GPO w serwerze AD" -#: src/config/SSSDConfig/__init__.py.in:237 +#: src/config/SSSDConfig/__init__.py.in:238 msgid "" "PAM service names that map to the GPO (Deny)InteractiveLogonRight policy " "settings" @@ -756,7 +761,7 @@ msgstr "" "Nazwy usług PAM mapujących do ustawień polityki GPO " "(Deny)InteractiveLogonRight" -#: src/config/SSSDConfig/__init__.py.in:238 +#: src/config/SSSDConfig/__init__.py.in:239 msgid "" "PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight " "policy settings" @@ -764,260 +769,261 @@ msgstr "" "Nazwy usług PAM mapujących do ustawień polityki GPO " "(Deny)RemoteInteractiveLogonRight" -#: src/config/SSSDConfig/__init__.py.in:239 +#: src/config/SSSDConfig/__init__.py.in:240 msgid "" "PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings" msgstr "" "Nazwy usług PAM mapujących do ustawień polityki GPO (Deny)NetworkLogonRight" -#: src/config/SSSDConfig/__init__.py.in:240 +#: src/config/SSSDConfig/__init__.py.in:241 msgid "" "PAM service names that map to the GPO (Deny)BatchLogonRight policy settings" msgstr "" "Nazwy usług PAM mapujących do ustawień polityki GPO (Deny)BatchLogonRight" -#: src/config/SSSDConfig/__init__.py.in:241 +#: src/config/SSSDConfig/__init__.py.in:242 msgid "" "PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings" msgstr "" "Nazwy usług PAM mapujących do ustawień polityki GPO (Deny)ServiceLogonRight" -#: src/config/SSSDConfig/__init__.py.in:242 +#: src/config/SSSDConfig/__init__.py.in:243 msgid "PAM service names for which GPO-based access is always granted" msgstr "" "Nazwy usług PAM, dla których zawsze udzielany jest dostęp oparty na GPO" -#: src/config/SSSDConfig/__init__.py.in:243 +#: src/config/SSSDConfig/__init__.py.in:244 msgid "PAM service names for which GPO-based access is always denied" msgstr "" "Nazwy usług PAM, dla których zawsze odmawiany jest dostęp oparty na GPO" -#: src/config/SSSDConfig/__init__.py.in:244 +#: src/config/SSSDConfig/__init__.py.in:245 msgid "" "Default logon right (or permit/deny) to use for unmapped PAM service names" msgstr "" "Domyślne uprawnienie logowania (lub zezwolenie/odmowa) do użycia dla " "niemapowanych nazw usług PAM" -#: src/config/SSSDConfig/__init__.py.in:245 +#: src/config/SSSDConfig/__init__.py.in:246 msgid "a particular site to be used by the client" msgstr "konkretna strona używana przez klienta" -#: src/config/SSSDConfig/__init__.py.in:246 +#: src/config/SSSDConfig/__init__.py.in:247 msgid "" "Maximum age in days before the machine account password should be renewed" msgstr "" "Maksymalny wiek w dniach przed wymaganiem odnowienia hasła konta komputera" -#: src/config/SSSDConfig/__init__.py.in:247 +#: src/config/SSSDConfig/__init__.py.in:248 #, fuzzy msgid "Option for tuning the machine account renewal task" msgstr "Opcja dostrajania zadania odnawiania konta komputera" -#: src/config/SSSDConfig/__init__.py.in:250 #: src/config/SSSDConfig/__init__.py.in:251 +#: src/config/SSSDConfig/__init__.py.in:252 msgid "Kerberos server address" msgstr "Adres serwera Kerberos" -#: src/config/SSSDConfig/__init__.py.in:252 +#: src/config/SSSDConfig/__init__.py.in:253 msgid "Kerberos backup server address" msgstr "Adres zapasowego serwera Kerberos" -#: src/config/SSSDConfig/__init__.py.in:253 +#: src/config/SSSDConfig/__init__.py.in:254 msgid "Kerberos realm" msgstr "Obszar Kerberos" -#: src/config/SSSDConfig/__init__.py.in:254 +#: src/config/SSSDConfig/__init__.py.in:255 msgid "Authentication timeout" msgstr "Czas oczekiwania na uwierzytelnienie" -#: src/config/SSSDConfig/__init__.py.in:255 +#: src/config/SSSDConfig/__init__.py.in:256 msgid "Whether to create kdcinfo files" msgstr "Określa, czy tworzyć pliki kdcinfo" -#: src/config/SSSDConfig/__init__.py.in:256 +#: src/config/SSSDConfig/__init__.py.in:257 msgid "Where to drop krb5 config snippets" msgstr "Gdzie umieścić wstawki konfiguracji krb5" -#: src/config/SSSDConfig/__init__.py.in:259 +#: src/config/SSSDConfig/__init__.py.in:260 msgid "Directory to store credential caches" msgstr "" "Katalog do przechowywania pamięci podręcznych danych uwierzytelniających" -#: src/config/SSSDConfig/__init__.py.in:260 +#: src/config/SSSDConfig/__init__.py.in:261 msgid "Location of the user's credential cache" msgstr "Położenie pamięci podręcznej danych uwierzytelniających użytkownika" -#: src/config/SSSDConfig/__init__.py.in:261 +#: src/config/SSSDConfig/__init__.py.in:262 msgid "Location of the keytab to validate credentials" msgstr "Położenie tablicy kluczy do sprawdzania danych uwierzytelniających" -#: src/config/SSSDConfig/__init__.py.in:262 +#: src/config/SSSDConfig/__init__.py.in:263 msgid "Enable credential validation" msgstr "Włącza sprawdzanie danych uwierzytelniających" -#: src/config/SSSDConfig/__init__.py.in:263 +#: src/config/SSSDConfig/__init__.py.in:264 msgid "Store password if offline for later online authentication" msgstr "" "Przechowuje hasło, jeśli w trybie offline do późniejszego uwierzytelnienia " "w trybie online" -#: src/config/SSSDConfig/__init__.py.in:264 +#: src/config/SSSDConfig/__init__.py.in:265 msgid "Renewable lifetime of the TGT" msgstr "Odnawialny czas trwania TGT" -#: src/config/SSSDConfig/__init__.py.in:265 +#: src/config/SSSDConfig/__init__.py.in:266 msgid "Lifetime of the TGT" msgstr "Czas trwania TGT" -#: src/config/SSSDConfig/__init__.py.in:266 +#: src/config/SSSDConfig/__init__.py.in:267 msgid "Time between two checks for renewal" msgstr "Czas między dwoma sprawdzaniami odnowy" -#: src/config/SSSDConfig/__init__.py.in:267 +#: src/config/SSSDConfig/__init__.py.in:268 msgid "Enables FAST" msgstr "Włącza FAST" -#: src/config/SSSDConfig/__init__.py.in:268 +#: src/config/SSSDConfig/__init__.py.in:269 msgid "Selects the principal to use for FAST" msgstr "Wybiera naczelnika do użycia dla FAST" -#: src/config/SSSDConfig/__init__.py.in:269 +#: src/config/SSSDConfig/__init__.py.in:270 msgid "Enables principal canonicalization" msgstr "Włącza ujednolicanie naczelnika" -#: src/config/SSSDConfig/__init__.py.in:270 +#: src/config/SSSDConfig/__init__.py.in:271 msgid "Enables enterprise principals" msgstr "Włącza naczelników enterprise" -#: src/config/SSSDConfig/__init__.py.in:271 -msgid "A mapping from user names to kerberos principal names" +#: src/config/SSSDConfig/__init__.py.in:272 +#, fuzzy +msgid "A mapping from user names to Kerberos principal names" msgstr "Mapa nazw użytkowników do nazw naczelników Kerberos" -#: src/config/SSSDConfig/__init__.py.in:274 #: src/config/SSSDConfig/__init__.py.in:275 +#: src/config/SSSDConfig/__init__.py.in:276 msgid "Server where the change password service is running if not on the KDC" msgstr "" "Serwer, w którym jest uruchomiona usługa zmiany haseł, jeśli nie znajduje " "się w KDC" -#: src/config/SSSDConfig/__init__.py.in:278 +#: src/config/SSSDConfig/__init__.py.in:279 msgid "ldap_uri, The URI of the LDAP server" msgstr "ldap_uri, adres URI serwera LDAP" -#: src/config/SSSDConfig/__init__.py.in:279 +#: src/config/SSSDConfig/__init__.py.in:280 msgid "ldap_backup_uri, The URI of the LDAP server" msgstr "ldap_backup_uri, adres URI serwera LDAP" -#: src/config/SSSDConfig/__init__.py.in:280 +#: src/config/SSSDConfig/__init__.py.in:281 msgid "The default base DN" msgstr "Domyślna podstawowa DN" -#: src/config/SSSDConfig/__init__.py.in:281 +#: src/config/SSSDConfig/__init__.py.in:282 msgid "The Schema Type in use on the LDAP server, rfc2307" msgstr "Typ Schema do użycia na serwerze LDAP, RFC2307" -#: src/config/SSSDConfig/__init__.py.in:282 +#: src/config/SSSDConfig/__init__.py.in:283 msgid "The default bind DN" msgstr "Domyślne DN dowiązania" -#: src/config/SSSDConfig/__init__.py.in:283 +#: src/config/SSSDConfig/__init__.py.in:284 msgid "The type of the authentication token of the default bind DN" msgstr "Typ tokenu uwierzytelniania domyślnego DN dowiązania" -#: src/config/SSSDConfig/__init__.py.in:284 +#: src/config/SSSDConfig/__init__.py.in:285 msgid "The authentication token of the default bind DN" msgstr "Token uwierzytelniania domyślnego DN dowiązania" -#: src/config/SSSDConfig/__init__.py.in:285 +#: src/config/SSSDConfig/__init__.py.in:286 msgid "Length of time to attempt connection" msgstr "Czas do próby połączenia" -#: src/config/SSSDConfig/__init__.py.in:286 +#: src/config/SSSDConfig/__init__.py.in:287 msgid "Length of time to attempt synchronous LDAP operations" msgstr "Czas do próby synchronicznych działań LDAP" -#: src/config/SSSDConfig/__init__.py.in:287 +#: src/config/SSSDConfig/__init__.py.in:288 msgid "Length of time between attempts to reconnect while offline" msgstr "Czas między próbami ponownego połączenia w trybie offline" -#: src/config/SSSDConfig/__init__.py.in:288 +#: src/config/SSSDConfig/__init__.py.in:289 msgid "Use only the upper case for realm names" msgstr "Użycie tylko wielkich znaków w nazwach obszarów" -#: src/config/SSSDConfig/__init__.py.in:289 +#: src/config/SSSDConfig/__init__.py.in:290 msgid "File that contains CA certificates" msgstr "Plik zawierający certyfikaty CA" -#: src/config/SSSDConfig/__init__.py.in:290 +#: src/config/SSSDConfig/__init__.py.in:291 msgid "Path to CA certificate directory" msgstr "Ścieżka do katalogu certyfikatów CA" -#: src/config/SSSDConfig/__init__.py.in:291 +#: src/config/SSSDConfig/__init__.py.in:292 msgid "File that contains the client certificate" msgstr "Plik zawierający certyfikat klienta" -#: src/config/SSSDConfig/__init__.py.in:292 +#: src/config/SSSDConfig/__init__.py.in:293 msgid "File that contains the client key" msgstr "Plik zawierający klucz klienta" -#: src/config/SSSDConfig/__init__.py.in:293 +#: src/config/SSSDConfig/__init__.py.in:294 msgid "List of possible ciphers suites" msgstr "Lista możliwych zestawów szyfrów" -#: src/config/SSSDConfig/__init__.py.in:294 +#: src/config/SSSDConfig/__init__.py.in:295 msgid "Require TLS certificate verification" msgstr "Wymaga sprawdzenia certyfikatu TLS" -#: src/config/SSSDConfig/__init__.py.in:295 +#: src/config/SSSDConfig/__init__.py.in:296 msgid "Specify the sasl mechanism to use" msgstr "Podaje używany mechanizm SASL" -#: src/config/SSSDConfig/__init__.py.in:296 +#: src/config/SSSDConfig/__init__.py.in:297 msgid "Specify the sasl authorization id to use" msgstr "Podaje używany identyfikator upoważnienia SASL" -#: src/config/SSSDConfig/__init__.py.in:297 +#: src/config/SSSDConfig/__init__.py.in:298 msgid "Specify the sasl authorization realm to use" msgstr "Podaje obszar upoważnienia SASL do użycia" -#: src/config/SSSDConfig/__init__.py.in:298 +#: src/config/SSSDConfig/__init__.py.in:299 msgid "Specify the minimal SSF for LDAP sasl authorization" msgstr "Podaje minimalne SSF dla upoważnienia sasl LDAP" -#: src/config/SSSDConfig/__init__.py.in:299 +#: src/config/SSSDConfig/__init__.py.in:300 msgid "Kerberos service keytab" msgstr "Tablica kluczy usługi Kerberos" -#: src/config/SSSDConfig/__init__.py.in:300 +#: src/config/SSSDConfig/__init__.py.in:301 msgid "Use Kerberos auth for LDAP connection" msgstr "Używa uwierzytelniania Kerberos dla połączenia LDAP" -#: src/config/SSSDConfig/__init__.py.in:301 +#: src/config/SSSDConfig/__init__.py.in:302 msgid "Follow LDAP referrals" msgstr "Podąża za odsyłaniami LDAP" -#: src/config/SSSDConfig/__init__.py.in:302 +#: src/config/SSSDConfig/__init__.py.in:303 msgid "Lifetime of TGT for LDAP connection" msgstr "Czas trwania TGT dla połączenia LDAP" -#: src/config/SSSDConfig/__init__.py.in:303 +#: src/config/SSSDConfig/__init__.py.in:304 msgid "How to dereference aliases" msgstr "Jak wskazywać aliasy" -#: src/config/SSSDConfig/__init__.py.in:304 +#: src/config/SSSDConfig/__init__.py.in:305 msgid "Service name for DNS service lookups" msgstr "Nazwa usługi do wyszukiwań usługi DNS" -#: src/config/SSSDConfig/__init__.py.in:305 +#: src/config/SSSDConfig/__init__.py.in:306 msgid "The number of records to retrieve in a single LDAP query" msgstr "Liczba wpisów do pobrania w jednym zapytaniu LDAP" -#: src/config/SSSDConfig/__init__.py.in:306 +#: src/config/SSSDConfig/__init__.py.in:307 msgid "The number of members that must be missing to trigger a full deref" msgstr "Suma liczb, których musi brakować, aby wywołać pełne „deref”" -#: src/config/SSSDConfig/__init__.py.in:307 +#: src/config/SSSDConfig/__init__.py.in:308 msgid "" "Whether the LDAP library should perform a reverse lookup to canonicalize the " "host name during a SASL bind" @@ -1025,390 +1031,391 @@ msgstr "" "Określa, czy biblioteka LDAP powinna wykonywać odwrotne wyszukanie, aby " "ujednolicić nazwę komputera podczas dowiązania SASL" -#: src/config/SSSDConfig/__init__.py.in:309 +#: src/config/SSSDConfig/__init__.py.in:310 msgid "entryUSN attribute" msgstr "Atrybut entryUSN" -#: src/config/SSSDConfig/__init__.py.in:310 +#: src/config/SSSDConfig/__init__.py.in:311 msgid "lastUSN attribute" msgstr "Atrybut lastUSN" -#: src/config/SSSDConfig/__init__.py.in:312 +#: src/config/SSSDConfig/__init__.py.in:313 msgid "How long to retain a connection to the LDAP server before disconnecting" msgstr "Jak długo utrzymywać połączenie z serwerem LDAP przed rozłączeniem" -#: src/config/SSSDConfig/__init__.py.in:314 +#: src/config/SSSDConfig/__init__.py.in:315 msgid "Disable the LDAP paging control" msgstr "Wyłącza kontrolę stronicowania LDAP" -#: src/config/SSSDConfig/__init__.py.in:315 +#: src/config/SSSDConfig/__init__.py.in:316 msgid "Disable Active Directory range retrieval" msgstr "Wyłącza pobieranie zakresu Active Directory" -#: src/config/SSSDConfig/__init__.py.in:318 +#: src/config/SSSDConfig/__init__.py.in:319 msgid "Length of time to wait for a search request" msgstr "Czas oczekiwania na żądanie wyszukiwania" -#: src/config/SSSDConfig/__init__.py.in:319 +#: src/config/SSSDConfig/__init__.py.in:320 msgid "Length of time to wait for a enumeration request" msgstr "Czas oczekiwania na żądanie wyliczenia" -#: src/config/SSSDConfig/__init__.py.in:320 +#: src/config/SSSDConfig/__init__.py.in:321 msgid "Length of time between enumeration updates" msgstr "Czas między aktualizacjami wyliczania" -#: src/config/SSSDConfig/__init__.py.in:321 +#: src/config/SSSDConfig/__init__.py.in:322 msgid "Length of time between cache cleanups" msgstr "Czas między czyszczeniem pamięci podręcznej" -#: src/config/SSSDConfig/__init__.py.in:322 +#: src/config/SSSDConfig/__init__.py.in:323 msgid "Require TLS for ID lookups" msgstr "Wymaga TLS dla wyszukiwania identyfikatorów" -#: src/config/SSSDConfig/__init__.py.in:323 +#: src/config/SSSDConfig/__init__.py.in:324 msgid "Use ID-mapping of objectSID instead of pre-set IDs" msgstr "" "Używa mapowania identyfikatorów objectSID zamiast uprzednio ustawionych " "identyfikatorów" -#: src/config/SSSDConfig/__init__.py.in:324 +#: src/config/SSSDConfig/__init__.py.in:325 msgid "Base DN for user lookups" msgstr "Podstawowe DN dla wyszukiwania użytkowników" -#: src/config/SSSDConfig/__init__.py.in:325 +#: src/config/SSSDConfig/__init__.py.in:326 msgid "Scope of user lookups" msgstr "Zakres wyszukiwania użytkowników" -#: src/config/SSSDConfig/__init__.py.in:326 +#: src/config/SSSDConfig/__init__.py.in:327 msgid "Filter for user lookups" msgstr "Filtruje wyszukiwania użytkowników" -#: src/config/SSSDConfig/__init__.py.in:327 +#: src/config/SSSDConfig/__init__.py.in:328 msgid "Objectclass for users" msgstr "Klasa obiektów dla użytkowników" -#: src/config/SSSDConfig/__init__.py.in:328 +#: src/config/SSSDConfig/__init__.py.in:329 msgid "Username attribute" msgstr "Atrybut nazwy użytkownika" -#: src/config/SSSDConfig/__init__.py.in:330 +#: src/config/SSSDConfig/__init__.py.in:331 msgid "UID attribute" msgstr "Atrybut UID" -#: src/config/SSSDConfig/__init__.py.in:331 +#: src/config/SSSDConfig/__init__.py.in:332 msgid "Primary GID attribute" msgstr "Pierwszy atrybut GID" -#: src/config/SSSDConfig/__init__.py.in:332 +#: src/config/SSSDConfig/__init__.py.in:333 msgid "GECOS attribute" msgstr "Atrybut GECOS" -#: src/config/SSSDConfig/__init__.py.in:333 +#: src/config/SSSDConfig/__init__.py.in:334 msgid "Home directory attribute" msgstr "Atrybut katalogu domowego" -#: src/config/SSSDConfig/__init__.py.in:334 +#: src/config/SSSDConfig/__init__.py.in:335 msgid "Shell attribute" msgstr "Atrybut powłoki" -#: src/config/SSSDConfig/__init__.py.in:335 +#: src/config/SSSDConfig/__init__.py.in:336 msgid "UUID attribute" msgstr "Atrybut UUID" -#: src/config/SSSDConfig/__init__.py.in:336 -#: src/config/SSSDConfig/__init__.py.in:378 +#: src/config/SSSDConfig/__init__.py.in:337 +#: src/config/SSSDConfig/__init__.py.in:379 msgid "objectSID attribute" msgstr "Atrybut objectSID" -#: src/config/SSSDConfig/__init__.py.in:337 +#: src/config/SSSDConfig/__init__.py.in:338 msgid "Active Directory primary group attribute for ID-mapping" msgstr "Atrybut głównej grupy Active Directory dla mapowania identyfikatorów" -#: src/config/SSSDConfig/__init__.py.in:338 +#: src/config/SSSDConfig/__init__.py.in:339 msgid "User principal attribute (for Kerberos)" msgstr "Atrybut głównego użytkownika (dla Kerberos)" -#: src/config/SSSDConfig/__init__.py.in:339 +#: src/config/SSSDConfig/__init__.py.in:340 msgid "Full Name" msgstr "Imię i nazwisko" -#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:341 msgid "memberOf attribute" msgstr "Atrybut memberOf" -#: src/config/SSSDConfig/__init__.py.in:341 +#: src/config/SSSDConfig/__init__.py.in:342 msgid "Modification time attribute" msgstr "Atrybut czasu modyfikacji" -#: src/config/SSSDConfig/__init__.py.in:343 +#: src/config/SSSDConfig/__init__.py.in:344 msgid "shadowLastChange attribute" msgstr "Atrybut shadowLastChange" -#: src/config/SSSDConfig/__init__.py.in:344 +#: src/config/SSSDConfig/__init__.py.in:345 msgid "shadowMin attribute" msgstr "Atrybut shadowMin" -#: src/config/SSSDConfig/__init__.py.in:345 +#: src/config/SSSDConfig/__init__.py.in:346 msgid "shadowMax attribute" msgstr "Atrybut shadowMax" -#: src/config/SSSDConfig/__init__.py.in:346 +#: src/config/SSSDConfig/__init__.py.in:347 msgid "shadowWarning attribute" msgstr "Atrybut shadowWarning" -#: src/config/SSSDConfig/__init__.py.in:347 +#: src/config/SSSDConfig/__init__.py.in:348 msgid "shadowInactive attribute" msgstr "Atrybut shadowInactive" -#: src/config/SSSDConfig/__init__.py.in:348 +#: src/config/SSSDConfig/__init__.py.in:349 msgid "shadowExpire attribute" msgstr "Atrybut shadowExpire" -#: src/config/SSSDConfig/__init__.py.in:349 +#: src/config/SSSDConfig/__init__.py.in:350 msgid "shadowFlag attribute" msgstr "Atrybut shadowFlag" -#: src/config/SSSDConfig/__init__.py.in:350 +#: src/config/SSSDConfig/__init__.py.in:351 msgid "Attribute listing authorized PAM services" msgstr "Atrybut zawierający listę upoważnionych usług PAM" -#: src/config/SSSDConfig/__init__.py.in:351 +#: src/config/SSSDConfig/__init__.py.in:352 msgid "Attribute listing authorized server hosts" msgstr "Atrybut zawierający listę upoważnionych komputerów serwerowych" -#: src/config/SSSDConfig/__init__.py.in:352 +#: src/config/SSSDConfig/__init__.py.in:353 #, fuzzy msgid "Attribute listing authorized server rhosts" msgstr "Atrybut zawierający listę upoważnionych komputerów serwerowych" -#: src/config/SSSDConfig/__init__.py.in:353 +#: src/config/SSSDConfig/__init__.py.in:354 msgid "krbLastPwdChange attribute" msgstr "Atrybut krbLastPwdChange" -#: src/config/SSSDConfig/__init__.py.in:354 +#: src/config/SSSDConfig/__init__.py.in:355 msgid "krbPasswordExpiration attribute" msgstr "Atrybut krbPasswordExpiration" -#: src/config/SSSDConfig/__init__.py.in:355 +#: src/config/SSSDConfig/__init__.py.in:356 msgid "Attribute indicating that server side password policies are active" msgstr "Atrybut wskazujący, czy polityki haseł po stronie serwera są aktywne" -#: src/config/SSSDConfig/__init__.py.in:356 +#: src/config/SSSDConfig/__init__.py.in:357 msgid "accountExpires attribute of AD" msgstr "Atrybut accountExpires AD" -#: src/config/SSSDConfig/__init__.py.in:357 +#: src/config/SSSDConfig/__init__.py.in:358 msgid "userAccountControl attribute of AD" msgstr "Atrybut userAccountControl AD" -#: src/config/SSSDConfig/__init__.py.in:358 +#: src/config/SSSDConfig/__init__.py.in:359 msgid "nsAccountLock attribute" msgstr "Atrybut nsAccountLock" -#: src/config/SSSDConfig/__init__.py.in:359 +#: src/config/SSSDConfig/__init__.py.in:360 msgid "loginDisabled attribute of NDS" msgstr "Atrybut loginDisabled NDS" -#: src/config/SSSDConfig/__init__.py.in:360 +#: src/config/SSSDConfig/__init__.py.in:361 msgid "loginExpirationTime attribute of NDS" msgstr "Atrybut loginExpirationTime NDS" -#: src/config/SSSDConfig/__init__.py.in:361 +#: src/config/SSSDConfig/__init__.py.in:362 msgid "loginAllowedTimeMap attribute of NDS" msgstr "Atrybut loginAllowedTimeMap NDS" -#: src/config/SSSDConfig/__init__.py.in:362 +#: src/config/SSSDConfig/__init__.py.in:363 msgid "SSH public key attribute" msgstr "Atrybut klucza publicznego SSH" -#: src/config/SSSDConfig/__init__.py.in:363 +#: src/config/SSSDConfig/__init__.py.in:364 msgid "attribute listing allowed authentication types for a user" msgstr "" "atrybut zawierający listę dozwolonych typów uwierzytelniania dla użytkownika" -#: src/config/SSSDConfig/__init__.py.in:364 +#: src/config/SSSDConfig/__init__.py.in:365 msgid "attribute containing the X509 certificate of the user" msgstr "atrybut zawierający certyfikat X509 użytkownika" -#: src/config/SSSDConfig/__init__.py.in:365 +#: src/config/SSSDConfig/__init__.py.in:366 msgid "attribute containing the email address of the user" msgstr "atrybut zawierający adres e-mail użytkownika" -#: src/config/SSSDConfig/__init__.py.in:367 +#: src/config/SSSDConfig/__init__.py.in:368 msgid "A list of extra attributes to download along with the user entry" msgstr "Lista dodatkowych atrybutów do pobrania razem z wpisem użytkownika" -#: src/config/SSSDConfig/__init__.py.in:369 +#: src/config/SSSDConfig/__init__.py.in:370 msgid "Base DN for group lookups" msgstr "Podstawowe DN dla wyszukiwania grup" -#: src/config/SSSDConfig/__init__.py.in:372 +#: src/config/SSSDConfig/__init__.py.in:373 msgid "Objectclass for groups" msgstr "Klasa obiektów dla grup" -#: src/config/SSSDConfig/__init__.py.in:373 +#: src/config/SSSDConfig/__init__.py.in:374 msgid "Group name" msgstr "Nazwa grupy" -#: src/config/SSSDConfig/__init__.py.in:374 +#: src/config/SSSDConfig/__init__.py.in:375 msgid "Group password" msgstr "Hasło grupy" -#: src/config/SSSDConfig/__init__.py.in:375 +#: src/config/SSSDConfig/__init__.py.in:376 msgid "GID attribute" msgstr "Atrybut GID" -#: src/config/SSSDConfig/__init__.py.in:376 +#: src/config/SSSDConfig/__init__.py.in:377 msgid "Group member attribute" msgstr "Atrybut elementu grupy" -#: src/config/SSSDConfig/__init__.py.in:377 +#: src/config/SSSDConfig/__init__.py.in:378 msgid "Group UUID attribute" msgstr "Atrybut UUID grupy" -#: src/config/SSSDConfig/__init__.py.in:379 +#: src/config/SSSDConfig/__init__.py.in:380 msgid "Modification time attribute for groups" msgstr "Atrybut czasu modyfikacji grup" -#: src/config/SSSDConfig/__init__.py.in:380 +#: src/config/SSSDConfig/__init__.py.in:381 msgid "Type of the group and other flags" msgstr "Typ grupy i inne flagi" -#: src/config/SSSDConfig/__init__.py.in:381 +#: src/config/SSSDConfig/__init__.py.in:382 msgid "The LDAP group external member attribute" msgstr "Atrybut zewnętrznego członka grupy LDAP" -#: src/config/SSSDConfig/__init__.py.in:383 -msgid "Maximum nesting level SSSd will follow" +#: src/config/SSSDConfig/__init__.py.in:384 +#, fuzzy +msgid "Maximum nesting level SSSD will follow" msgstr "Maksymalny poziom zagnieżdżenia, jaki usługa SSSD będzie używała" -#: src/config/SSSDConfig/__init__.py.in:385 +#: src/config/SSSDConfig/__init__.py.in:386 msgid "Base DN for netgroup lookups" msgstr "Podstawowe DN dla wyszukiwania grupy sieciowej" -#: src/config/SSSDConfig/__init__.py.in:386 +#: src/config/SSSDConfig/__init__.py.in:387 msgid "Objectclass for netgroups" msgstr "Klasa obiektów dla grup sieciowych" -#: src/config/SSSDConfig/__init__.py.in:387 +#: src/config/SSSDConfig/__init__.py.in:388 msgid "Netgroup name" msgstr "Nazwa grupy sieciowej" -#: src/config/SSSDConfig/__init__.py.in:388 +#: src/config/SSSDConfig/__init__.py.in:389 msgid "Netgroups members attribute" msgstr "Atrybut elementów grupy sieciowej" -#: src/config/SSSDConfig/__init__.py.in:389 +#: src/config/SSSDConfig/__init__.py.in:390 msgid "Netgroup triple attribute" msgstr "Potrójny atrybut grupy sieciowej" -#: src/config/SSSDConfig/__init__.py.in:390 +#: src/config/SSSDConfig/__init__.py.in:391 msgid "Modification time attribute for netgroups" msgstr "Atrybut czasu modyfikacji grup sieciowych" -#: src/config/SSSDConfig/__init__.py.in:392 +#: src/config/SSSDConfig/__init__.py.in:393 msgid "Base DN for service lookups" msgstr "Podstawowe DN do wyszukiwania usług" -#: src/config/SSSDConfig/__init__.py.in:393 +#: src/config/SSSDConfig/__init__.py.in:394 msgid "Objectclass for services" msgstr "Klasa obiektów dla usług" -#: src/config/SSSDConfig/__init__.py.in:394 +#: src/config/SSSDConfig/__init__.py.in:395 msgid "Service name attribute" msgstr "Atrybut nazwy usługi" -#: src/config/SSSDConfig/__init__.py.in:395 +#: src/config/SSSDConfig/__init__.py.in:396 msgid "Service port attribute" msgstr "Atrybut portu usługi" -#: src/config/SSSDConfig/__init__.py.in:396 +#: src/config/SSSDConfig/__init__.py.in:397 msgid "Service protocol attribute" msgstr "Atrybut protokołu usługi" -#: src/config/SSSDConfig/__init__.py.in:399 +#: src/config/SSSDConfig/__init__.py.in:400 msgid "Lower bound for ID-mapping" msgstr "Niższa granica dla mapowania identyfikatorów" -#: src/config/SSSDConfig/__init__.py.in:400 +#: src/config/SSSDConfig/__init__.py.in:401 msgid "Upper bound for ID-mapping" msgstr "Wyższa granica dla mapowania identyfikatorów" -#: src/config/SSSDConfig/__init__.py.in:401 +#: src/config/SSSDConfig/__init__.py.in:402 msgid "Number of IDs for each slice when ID-mapping" msgstr "" "Liczba identyfikatorów dla każdego fragmentu podczas mapowania " "identyfikatorów" -#: src/config/SSSDConfig/__init__.py.in:402 +#: src/config/SSSDConfig/__init__.py.in:403 msgid "Use autorid-compatible algorithm for ID-mapping" msgstr "Używa algorytmu zgodnego z autorid do mapowania identyfikatorów" -#: src/config/SSSDConfig/__init__.py.in:403 +#: src/config/SSSDConfig/__init__.py.in:404 msgid "Name of the default domain for ID-mapping" msgstr "Nazwa domyślnej domeny dla mapowania identyfikatorów" -#: src/config/SSSDConfig/__init__.py.in:404 +#: src/config/SSSDConfig/__init__.py.in:405 msgid "SID of the default domain for ID-mapping" msgstr "SID domyślnej domeny dla mapowania identyfikatorów" -#: src/config/SSSDConfig/__init__.py.in:405 +#: src/config/SSSDConfig/__init__.py.in:406 msgid "Number of secondary slices" msgstr "Liczba drugorzędnych fragmentów" -#: src/config/SSSDConfig/__init__.py.in:407 +#: src/config/SSSDConfig/__init__.py.in:408 msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups" msgstr "Użycie LDAP_MATCHING_RULE_IN_CHAIN do wyszukiwania grup" -#: src/config/SSSDConfig/__init__.py.in:408 +#: src/config/SSSDConfig/__init__.py.in:409 msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups" msgstr "Użycie LDAP_MATCHING_RULE_IN_CHAIN do wyszukiwania grup inicjacyjnych" -#: src/config/SSSDConfig/__init__.py.in:409 +#: src/config/SSSDConfig/__init__.py.in:410 msgid "Whether to use Token-Groups" msgstr "Czy używać Token-Groups" -#: src/config/SSSDConfig/__init__.py.in:410 +#: src/config/SSSDConfig/__init__.py.in:411 msgid "Set lower boundary for allowed IDs from the LDAP server" msgstr "Ustawia dolną granicę dla dozwolonych identyfikatorów z serwera LDAP" -#: src/config/SSSDConfig/__init__.py.in:411 +#: src/config/SSSDConfig/__init__.py.in:412 msgid "Set upper boundary for allowed IDs from the LDAP server" msgstr "Ustawia górną granicę dla dozwolonych identyfikatorów z serwera LDAP" -#: src/config/SSSDConfig/__init__.py.in:412 +#: src/config/SSSDConfig/__init__.py.in:413 msgid "DN for ppolicy queries" msgstr "DN dla zapytań polityki" -#: src/config/SSSDConfig/__init__.py.in:413 +#: src/config/SSSDConfig/__init__.py.in:414 msgid "How many maximum entries to fetch during a wildcard request" msgstr "Ile maksymalnie wpisów pobierać podczas żądania z wieloznacznikiem" -#: src/config/SSSDConfig/__init__.py.in:416 +#: src/config/SSSDConfig/__init__.py.in:417 msgid "Policy to evaluate the password expiration" msgstr "Polityka do oszacowania wygaszenia hasła" -#: src/config/SSSDConfig/__init__.py.in:420 +#: src/config/SSSDConfig/__init__.py.in:421 msgid "Which attributes shall be used to evaluate if an account is expired" msgstr "Które atrybuty powinny być używane do sprawdzenia, czy konto wygasło" -#: src/config/SSSDConfig/__init__.py.in:421 +#: src/config/SSSDConfig/__init__.py.in:422 msgid "Which rules should be used to evaluate access control" msgstr "Które reguły powinny być używane do sprawdzania kontroli dostępu" -#: src/config/SSSDConfig/__init__.py.in:424 +#: src/config/SSSDConfig/__init__.py.in:425 msgid "URI of an LDAP server where password changes are allowed" msgstr "Adres URI serwera LDAP, gdzie zmiany hasła są dozwolone" -#: src/config/SSSDConfig/__init__.py.in:425 +#: src/config/SSSDConfig/__init__.py.in:426 msgid "URI of a backup LDAP server where password changes are allowed" msgstr "Adres URI zapasowego serwera LDAP, gdzie zmiany hasła są dozwolone" -#: src/config/SSSDConfig/__init__.py.in:426 +#: src/config/SSSDConfig/__init__.py.in:427 msgid "DNS service name for LDAP password change server" msgstr "Nazwa usługi DNS serwera zmiany hasła LDAP" -#: src/config/SSSDConfig/__init__.py.in:427 +#: src/config/SSSDConfig/__init__.py.in:428 msgid "" "Whether to update the ldap_user_shadow_last_change attribute after a " "password change" @@ -1416,24 +1423,24 @@ msgstr "" "Określa, czy zaktualizować atrybut ldap_user_shadow_last_change po zmianie " "hasła" -#: src/config/SSSDConfig/__init__.py.in:430 +#: src/config/SSSDConfig/__init__.py.in:431 msgid "Base DN for sudo rules lookups" msgstr "Podstawowe DN dla wyszukiwań reguł sudo" -#: src/config/SSSDConfig/__init__.py.in:431 +#: src/config/SSSDConfig/__init__.py.in:432 msgid "Automatic full refresh period" msgstr "Okres między automatycznymi pełnymi odświeżeniami" -#: src/config/SSSDConfig/__init__.py.in:432 +#: src/config/SSSDConfig/__init__.py.in:433 msgid "Automatic smart refresh period" msgstr "Okres między automatycznymi inteligentnymi odświeżeniami" -#: src/config/SSSDConfig/__init__.py.in:433 +#: src/config/SSSDConfig/__init__.py.in:434 msgid "Whether to filter rules by hostname, IP addresses and network" msgstr "" "Określa, czy filtrować reguły według nazwy komputera, adresów IP i sieci" -#: src/config/SSSDConfig/__init__.py.in:434 +#: src/config/SSSDConfig/__init__.py.in:435 msgid "" "Hostnames and/or fully qualified domain names of this machine to filter sudo " "rules" @@ -1441,282 +1448,286 @@ msgstr "" "Nazwy komputerów lub w pełni kwalifikowane nazwy domen tego komputera do " "filtrowania reguł sudo" -#: src/config/SSSDConfig/__init__.py.in:435 +#: src/config/SSSDConfig/__init__.py.in:436 msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" msgstr "" "Adresy lub sieci IPv4 lub IPv6 tego komputera do filtrowania reguł sudo" -#: src/config/SSSDConfig/__init__.py.in:436 +#: src/config/SSSDConfig/__init__.py.in:437 msgid "Whether to include rules that contains netgroup in host attribute" msgstr "" "Określa, czy zawierać reguły zawierające grupy sieciowe w atrybucie komputera" -#: src/config/SSSDConfig/__init__.py.in:437 +#: src/config/SSSDConfig/__init__.py.in:438 msgid "" "Whether to include rules that contains regular expression in host attribute" msgstr "" "Określa, czy zawierać reguły zawierające wyrażenia regularne w atrybucie " "komputera" -#: src/config/SSSDConfig/__init__.py.in:438 +#: src/config/SSSDConfig/__init__.py.in:439 msgid "Object class for sudo rules" msgstr "Klasa obiektów dla reguł sudo" -#: src/config/SSSDConfig/__init__.py.in:439 +#: src/config/SSSDConfig/__init__.py.in:440 msgid "Sudo rule name" msgstr "Nazwa reguły sudo" -#: src/config/SSSDConfig/__init__.py.in:440 +#: src/config/SSSDConfig/__init__.py.in:441 msgid "Sudo rule command attribute" msgstr "Atrybut polecenia reguły sudo" -#: src/config/SSSDConfig/__init__.py.in:441 +#: src/config/SSSDConfig/__init__.py.in:442 msgid "Sudo rule host attribute" msgstr "Atrybut komputera reguły sudo" -#: src/config/SSSDConfig/__init__.py.in:442 +#: src/config/SSSDConfig/__init__.py.in:443 msgid "Sudo rule user attribute" msgstr "Atrybut użytkownika reguły sudo" -#: src/config/SSSDConfig/__init__.py.in:443 +#: src/config/SSSDConfig/__init__.py.in:444 msgid "Sudo rule option attribute" msgstr "Atrybut opcji reguły sudo" -#: src/config/SSSDConfig/__init__.py.in:444 +#: src/config/SSSDConfig/__init__.py.in:445 msgid "Sudo rule runas attribute" msgstr "Atrybut runas reguły sudo" -#: src/config/SSSDConfig/__init__.py.in:445 +#: src/config/SSSDConfig/__init__.py.in:446 msgid "Sudo rule runasuser attribute" msgstr "Atrybut runasuser reguły sudo" -#: src/config/SSSDConfig/__init__.py.in:446 +#: src/config/SSSDConfig/__init__.py.in:447 msgid "Sudo rule runasgroup attribute" msgstr "Atrybut runasgroup reguły sudo" -#: src/config/SSSDConfig/__init__.py.in:447 +#: src/config/SSSDConfig/__init__.py.in:448 msgid "Sudo rule notbefore attribute" msgstr "Atrybut notbefore reguły sudo" -#: src/config/SSSDConfig/__init__.py.in:448 +#: src/config/SSSDConfig/__init__.py.in:449 msgid "Sudo rule notafter attribute" msgstr "Atrybut notafter reguły sudo" -#: src/config/SSSDConfig/__init__.py.in:449 +#: src/config/SSSDConfig/__init__.py.in:450 msgid "Sudo rule order attribute" msgstr "Atrybut kolejności reguły sudo" -#: src/config/SSSDConfig/__init__.py.in:452 +#: src/config/SSSDConfig/__init__.py.in:453 msgid "Object class for automounter maps" msgstr "Klasa obiektów dla map automountera" -#: src/config/SSSDConfig/__init__.py.in:453 +#: src/config/SSSDConfig/__init__.py.in:454 msgid "Automounter map name attribute" msgstr "Atrybut nazwy mapy automountera" -#: src/config/SSSDConfig/__init__.py.in:454 +#: src/config/SSSDConfig/__init__.py.in:455 msgid "Object class for automounter map entries" msgstr "Klasa obiektów dla wpisów map automountera" -#: src/config/SSSDConfig/__init__.py.in:455 +#: src/config/SSSDConfig/__init__.py.in:456 msgid "Automounter map entry key attribute" msgstr "Atrybut klucza wpisu mapy automountera" -#: src/config/SSSDConfig/__init__.py.in:456 +#: src/config/SSSDConfig/__init__.py.in:457 msgid "Automounter map entry value attribute" msgstr "Atrybut wartości wpisu mapy automountera" -#: src/config/SSSDConfig/__init__.py.in:457 +#: src/config/SSSDConfig/__init__.py.in:458 msgid "Base DN for automounter map lookups" msgstr "Podstawowe DN dla wyszukiwań map automountera" -#: src/config/SSSDConfig/__init__.py.in:460 +#: src/config/SSSDConfig/__init__.py.in:461 msgid "Comma separated list of allowed users" msgstr "Lista dozwolonych użytkowników oddzielonych przecinkami" -#: src/config/SSSDConfig/__init__.py.in:461 +#: src/config/SSSDConfig/__init__.py.in:462 msgid "Comma separated list of prohibited users" msgstr "Lista zabronionych użytkowników oddzielonych przecinkami" -#: src/config/SSSDConfig/__init__.py.in:464 +#: src/config/SSSDConfig/__init__.py.in:465 msgid "Default shell, /bin/bash" msgstr "Domyślna powłoka, /bin/bash" -#: src/config/SSSDConfig/__init__.py.in:465 +#: src/config/SSSDConfig/__init__.py.in:466 msgid "Base for home directories" msgstr "Podstawa katalogów domowych" -#: src/config/SSSDConfig/__init__.py.in:468 +#: src/config/SSSDConfig/__init__.py.in:469 msgid "The number of preforked proxy children." msgstr "Liczba elementów potomnych pośrednika przed rozwidleniem." -#: src/config/SSSDConfig/__init__.py.in:471 +#: src/config/SSSDConfig/__init__.py.in:472 msgid "The name of the NSS library to use" msgstr "Nazwa używanej biblioteki NSS" -#: src/config/SSSDConfig/__init__.py.in:472 +#: src/config/SSSDConfig/__init__.py.in:473 msgid "Whether to look up canonical group name from cache if possible" msgstr "" "Określa, czy wyszukiwać kanoniczną nazwę grupy w pamięci podręcznej, jeśli " "to możliwe" -#: src/config/SSSDConfig/__init__.py.in:475 +#: src/config/SSSDConfig/__init__.py.in:476 msgid "PAM stack to use" msgstr "Używany stos PAM" -#: src/monitor/monitor.c:2469 +#: src/monitor/monitor.c:2449 msgid "Become a daemon (default)" msgstr "Uruchamia jako usługa (domyślnie)" -#: src/monitor/monitor.c:2471 +#: src/monitor/monitor.c:2451 msgid "Run interactive (not a daemon)" msgstr "Uruchamia interaktywnie (nie jako usługa)" -#: src/monitor/monitor.c:2474 +#: src/monitor/monitor.c:2454 msgid "Disable netlink interface" msgstr "Wyłącza interfejs netlink" -#: src/monitor/monitor.c:2476 src/tools/sssctl/sssctl_logs.c:311 +#: src/monitor/monitor.c:2456 src/tools/sssctl/sssctl_logs.c:311 msgid "Specify a non-default config file" msgstr "Podaje niedomyślny plik konfiguracji" -#: src/monitor/monitor.c:2478 +#: src/monitor/monitor.c:2458 msgid "Refresh the configuration database, then exit" msgstr "Odświeża bazę danych konfiguracji, a następnie kończy działanie" -#: src/monitor/monitor.c:2481 +#: src/monitor/monitor.c:2461 msgid "Print version number and exit" msgstr "Wyświetla numer wersji i kończy działanie" -#: src/monitor/monitor.c:2645 +#: src/monitor/monitor.c:2627 msgid "SSSD is already running\n" msgstr "Usługa SSSD jest już uruchomiona\n" -#: src/providers/krb5/krb5_child.c:3032 src/providers/ldap/ldap_child.c:616 +#: src/providers/krb5/krb5_child.c:3216 src/providers/ldap/ldap_child.c:617 msgid "Debug level" msgstr "Poziom debugowania" -#: src/providers/krb5/krb5_child.c:3034 src/providers/ldap/ldap_child.c:618 +#: src/providers/krb5/krb5_child.c:3218 src/providers/ldap/ldap_child.c:619 msgid "Add debug timestamps" msgstr "Dodaje czasy debugowania" -#: src/providers/krb5/krb5_child.c:3036 src/providers/ldap/ldap_child.c:620 +#: src/providers/krb5/krb5_child.c:3220 src/providers/ldap/ldap_child.c:621 msgid "Show timestamps with microseconds" msgstr "Wyświetlanie dat z mikrosekundami" -#: src/providers/krb5/krb5_child.c:3038 src/providers/ldap/ldap_child.c:622 +#: src/providers/krb5/krb5_child.c:3222 src/providers/ldap/ldap_child.c:623 msgid "An open file descriptor for the debug logs" msgstr "Otwiera deskryptor pliku dla dzienników debugowania" -#: src/providers/krb5/krb5_child.c:3041 src/providers/ldap/ldap_child.c:624 +#: src/providers/krb5/krb5_child.c:3225 src/providers/ldap/ldap_child.c:625 msgid "Send the debug output to stderr directly." msgstr "" "Wysyła wyjście debugowania bezpośrednio do standardowego wyjścia błędów." -#: src/providers/krb5/krb5_child.c:3043 +#: src/providers/krb5/krb5_child.c:3228 msgid "The user to create FAST ccache as" msgstr "Użytkownik, jako który utworzyć ccache FAST" -#: src/providers/krb5/krb5_child.c:3045 +#: src/providers/krb5/krb5_child.c:3230 msgid "The group to create FAST ccache as" msgstr "Grupa, jako którą utworzyć ccache FAST" -#: src/providers/krb5/krb5_child.c:3047 +#: src/providers/krb5/krb5_child.c:3232 msgid "Kerberos realm to use" msgstr "Używany obszar Kerberosa" -#: src/providers/krb5/krb5_child.c:3049 +#: src/providers/krb5/krb5_child.c:3234 msgid "Requested lifetime of the ticket" msgstr "Żądany czas trwania biletu" -#: src/providers/krb5/krb5_child.c:3051 +#: src/providers/krb5/krb5_child.c:3236 msgid "Requested renewable lifetime of the ticket" msgstr "Żądany odnawialny czas trwania biletu" -#: src/providers/krb5/krb5_child.c:3053 +#: src/providers/krb5/krb5_child.c:3238 msgid "FAST options ('never', 'try', 'demand')" msgstr "Opcje FAST („never”, „try”, „demand”)" -#: src/providers/krb5/krb5_child.c:3056 +#: src/providers/krb5/krb5_child.c:3241 msgid "Specifies the server principal to use for FAST" msgstr "Podaje naczelnika serwera używanego dla FAST" -#: src/providers/krb5/krb5_child.c:3058 +#: src/providers/krb5/krb5_child.c:3243 msgid "Requests canonicalization of the principal name" msgstr "Żąda ujednolicenie nazwy naczelnika" -#: src/providers/data_provider_be.c:553 +#: src/providers/krb5/krb5_child.c:3245 +msgid "Use custom version of krb5_get_init_creds_password" +msgstr "" + +#: src/providers/data_provider_be.c:555 msgid "Domain of the information provider (mandatory)" msgstr "Domena dostawcy informacji (wymagane)" -#: src/sss_client/common.c:1061 +#: src/sss_client/common.c:1066 msgid "Privileged socket has wrong ownership or permissions." msgstr "Uprawnione gniazdo ma błędnego właściciela lub uprawnienia." -#: src/sss_client/common.c:1064 +#: src/sss_client/common.c:1069 msgid "Public socket has wrong ownership or permissions." msgstr "Publiczne gniazdo ma błędnego właściciela lub uprawnienia" -#: src/sss_client/common.c:1067 +#: src/sss_client/common.c:1072 msgid "Unexpected format of the server credential message." msgstr "Nieoczekiwany format komunikatu uwierzytelniającego serwera." -#: src/sss_client/common.c:1070 +#: src/sss_client/common.c:1075 msgid "SSSD is not run by root." msgstr "SSSD nie zostało uruchomione w trybie roota." -#: src/sss_client/common.c:1075 +#: src/sss_client/common.c:1080 msgid "An error occurred, but no description can be found." msgstr "Wystąpił błąd, ale nie odnaleziono jego opisu." -#: src/sss_client/common.c:1081 +#: src/sss_client/common.c:1086 msgid "Unexpected error while looking for an error description" msgstr "Nieoczekiwany błąd podczas wyszukiwania opisu błędu" -#: src/sss_client/pam_sss.c:68 +#: src/sss_client/pam_sss.c:76 msgid "Permission denied. " msgstr "Odmowa uprawnienia." -#: src/sss_client/pam_sss.c:69 src/sss_client/pam_sss.c:746 -#: src/sss_client/pam_sss.c:757 +#: src/sss_client/pam_sss.c:77 src/sss_client/pam_sss.c:782 +#: src/sss_client/pam_sss.c:793 msgid "Server message: " msgstr "Komunikat serwera: " -#: src/sss_client/pam_sss.c:264 +#: src/sss_client/pam_sss.c:300 msgid "Passwords do not match" msgstr "Hasła się nie zgadzają" -#: src/sss_client/pam_sss.c:452 +#: src/sss_client/pam_sss.c:488 msgid "Password reset by root is not supported." msgstr "Przywrócenie hasła przez użytkownika root nie jest obsługiwane." -#: src/sss_client/pam_sss.c:493 +#: src/sss_client/pam_sss.c:529 msgid "Authenticated with cached credentials" msgstr "Uwierzytelniono za pomocą danych z pamięci podręcznej" -#: src/sss_client/pam_sss.c:494 +#: src/sss_client/pam_sss.c:530 msgid ", your cached password will expire at: " msgstr ", hasło w pamięci podręcznej wygaśnie za: " -#: src/sss_client/pam_sss.c:524 +#: src/sss_client/pam_sss.c:560 #, c-format msgid "Your password has expired. You have %1$d grace login(s) remaining." msgstr "Hasło wygasło. Pozostało %1$d możliwych logowań." -#: src/sss_client/pam_sss.c:570 +#: src/sss_client/pam_sss.c:606 #, c-format msgid "Your password will expire in %1$d %2$s." msgstr "Hasło wygaśnie za %1$d %2$s." -#: src/sss_client/pam_sss.c:619 +#: src/sss_client/pam_sss.c:655 msgid "Authentication is denied until: " msgstr "Uwierzytelnianie jest zabronione do: " -#: src/sss_client/pam_sss.c:640 +#: src/sss_client/pam_sss.c:676 msgid "System is offline, password change not possible" msgstr "System jest w trybie offline, zmiana hasła nie jest możliwa" -#: src/sss_client/pam_sss.c:655 +#: src/sss_client/pam_sss.c:691 msgid "" "After changing the OTP password, you need to log out and back in order to " "acquire a ticket" @@ -1724,39 +1735,44 @@ msgstr "" "Po zmianie hasła OTP należy się wylogować i zalogować ponownie, aby uzyskać " "bilet" -#: src/sss_client/pam_sss.c:743 src/sss_client/pam_sss.c:756 +#: src/sss_client/pam_sss.c:779 src/sss_client/pam_sss.c:792 msgid "Password change failed. " msgstr "Zmiana hasła się nie powiodła. " -#: src/sss_client/pam_sss.c:1670 +#: src/sss_client/pam_sss.c:1926 msgid "New Password: " msgstr "Nowe hasło: " -#: src/sss_client/pam_sss.c:1671 +#: src/sss_client/pam_sss.c:1927 msgid "Reenter new Password: " msgstr "Proszę ponownie podać nowe hasło: " -#: src/sss_client/pam_sss.c:1783 src/sss_client/pam_sss.c:1786 +#: src/sss_client/pam_sss.c:2039 src/sss_client/pam_sss.c:2042 msgid "First Factor: " msgstr "Pierwszy czynnik: " -#: src/sss_client/pam_sss.c:1784 +#: src/sss_client/pam_sss.c:2040 src/sss_client/pam_sss.c:2202 msgid "Second Factor (optional): " msgstr "Drugi czynnik (opcjonalnie): " -#: src/sss_client/pam_sss.c:1787 +#: src/sss_client/pam_sss.c:2043 src/sss_client/pam_sss.c:2205 msgid "Second Factor: " msgstr "Drugi czynnik: " -#: src/sss_client/pam_sss.c:1792 +#: src/sss_client/pam_sss.c:2058 msgid "Password: " msgstr "Hasło: " -#: src/sss_client/pam_sss.c:1832 +#: src/sss_client/pam_sss.c:2201 src/sss_client/pam_sss.c:2204 +#, fuzzy +msgid "First Factor (Current Password): " +msgstr "Bieżące hasło: " + +#: src/sss_client/pam_sss.c:2208 msgid "Current Password: " msgstr "Bieżące hasło: " -#: src/sss_client/pam_sss.c:2098 +#: src/sss_client/pam_sss.c:2536 msgid "Password expired. Change your password now." msgstr "Hasło wygasło. Proszę je zmienić teraz." @@ -2429,38 +2445,38 @@ msgstr "Czas wygaśnięcia wpisu pamięci podręcznej" msgid "Cached in InfoPipe" msgstr "Umieszczono w pamięci podręcznej w InfoPipe" -#: src/tools/sssctl/sssctl_cache.c:511 +#: src/tools/sssctl/sssctl_cache.c:512 #, c-format msgid "Error: Unable to get object [%d]: %s\n" msgstr "Błąd: nie można uzyskać obiektu [%d]: %s\n" -#: src/tools/sssctl/sssctl_cache.c:527 +#: src/tools/sssctl/sssctl_cache.c:528 #, c-format msgid "%s: Unable to read value [%d]: %s\n" msgstr "%s: nie można odczytać wartości [%d]: %s\n" -#: src/tools/sssctl/sssctl_cache.c:555 +#: src/tools/sssctl/sssctl_cache.c:556 msgid "Specify name." msgstr "Należy podać nazwę." -#: src/tools/sssctl/sssctl_cache.c:565 +#: src/tools/sssctl/sssctl_cache.c:566 #, c-format msgid "Unable to parse name %s.\n" msgstr "Nie można przetworzyć nazwy %s.\n" -#: src/tools/sssctl/sssctl_cache.c:591 src/tools/sssctl/sssctl_cache.c:638 +#: src/tools/sssctl/sssctl_cache.c:592 src/tools/sssctl/sssctl_cache.c:639 msgid "Search by SID" msgstr "Wyszukuje według SID" -#: src/tools/sssctl/sssctl_cache.c:592 +#: src/tools/sssctl/sssctl_cache.c:593 msgid "Search by user ID" msgstr "Wyszukuje według identyfikatorów użytkowników" -#: src/tools/sssctl/sssctl_cache.c:601 +#: src/tools/sssctl/sssctl_cache.c:602 msgid "Initgroups expiration time" msgstr "Czas wygaśnięcia grup inicjacji" -#: src/tools/sssctl/sssctl_cache.c:639 +#: src/tools/sssctl/sssctl_cache.c:640 msgid "Search by group ID" msgstr "Wyszukuje według identyfikatorów grup" @@ -2502,7 +2518,8 @@ msgid "Unable to create backup directory [%d]: %s" msgstr "Nie można utworzyć katalogu kopii zapasowej [%d]: %s" #: src/tools/sssctl/sssctl_data.c:95 -msgid "SSSD backup of local data already exist, override?" +#, fuzzy +msgid "SSSD backup of local data already exists, override?" msgstr "Kopia zapasowa SSSD lokalnych danych już istnieje, zastąpić?" #: src/tools/sssctl/sssctl_data.c:111 diff --git a/po/pt.po b/po/pt.po index a52752ad532..c5f36920924 100644 --- a/po/pt.po +++ b/po/pt.po @@ -7,7 +7,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2017-10-20 16:16+0200\n" +"POT-Creation-Date: 2018-03-09 12:31+0100\n" "PO-Revision-Date: 2014-12-14 11:47-0500\n" "Last-Translator: Copied by Zanata \n" "Language-Team: Portuguese (http://www.transifex.com/projects/p/sssd/language/" @@ -501,12 +501,12 @@ msgid "Whether to automatically update the client's DNS entry" msgstr "" #: src/config/SSSDConfig/__init__.py.in:184 -#: src/config/SSSDConfig/__init__.py.in:205 +#: src/config/SSSDConfig/__init__.py.in:206 msgid "The TTL to apply to the client's DNS entry after updating it" msgstr "" #: src/config/SSSDConfig/__init__.py.in:185 -#: src/config/SSSDConfig/__init__.py.in:206 +#: src/config/SSSDConfig/__init__.py.in:207 msgid "The interface whose IP should be used for dynamic DNS updates" msgstr "" @@ -550,1116 +550,1129 @@ msgstr "" msgid "How long can cached credentials be used for cached authentication" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:200 +#: src/config/SSSDConfig/__init__.py.in:198 +msgid "Whether to automatically create private groups for users" +msgstr "" + +#: src/config/SSSDConfig/__init__.py.in:201 msgid "IPA domain" msgstr "Domínio IPA" -#: src/config/SSSDConfig/__init__.py.in:201 +#: src/config/SSSDConfig/__init__.py.in:202 msgid "IPA server address" msgstr "Endereço do servidor IPA" -#: src/config/SSSDConfig/__init__.py.in:202 +#: src/config/SSSDConfig/__init__.py.in:203 msgid "Address of backup IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:203 +#: src/config/SSSDConfig/__init__.py.in:204 msgid "IPA client hostname" msgstr "Nome da máquina do cliente IPA" -#: src/config/SSSDConfig/__init__.py.in:204 +#: src/config/SSSDConfig/__init__.py.in:205 msgid "Whether to automatically update the client's DNS entry in FreeIPA" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:207 +#: src/config/SSSDConfig/__init__.py.in:208 msgid "Search base for HBAC related objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:208 +#: src/config/SSSDConfig/__init__.py.in:209 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:209 +#: src/config/SSSDConfig/__init__.py.in:210 msgid "" "The amount of time in seconds between lookups of the SELinux maps against " "the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:210 +#: src/config/SSSDConfig/__init__.py.in:211 msgid "If set to false, host argument given by PAM will be ignored" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:211 +#: src/config/SSSDConfig/__init__.py.in:212 msgid "The automounter location this IPA client is using" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:212 +#: src/config/SSSDConfig/__init__.py.in:213 msgid "Search base for object containing info about IPA domain" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:213 +#: src/config/SSSDConfig/__init__.py.in:214 msgid "Search base for objects containing info about ID ranges" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:214 -#: src/config/SSSDConfig/__init__.py.in:232 +#: src/config/SSSDConfig/__init__.py.in:215 +#: src/config/SSSDConfig/__init__.py.in:233 msgid "Enable DNS sites - location based service discovery" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:215 +#: src/config/SSSDConfig/__init__.py.in:216 msgid "Search base for view containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:216 +#: src/config/SSSDConfig/__init__.py.in:217 msgid "Objectclass for view containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:217 +#: src/config/SSSDConfig/__init__.py.in:218 msgid "Attribute with the name of the view" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:218 +#: src/config/SSSDConfig/__init__.py.in:219 msgid "Objectclass for override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:219 +#: src/config/SSSDConfig/__init__.py.in:220 msgid "Attribute with the reference to the original object" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:220 +#: src/config/SSSDConfig/__init__.py.in:221 msgid "Objectclass for user override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:221 +#: src/config/SSSDConfig/__init__.py.in:222 msgid "Objectclass for group override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:222 +#: src/config/SSSDConfig/__init__.py.in:223 msgid "Search base for Desktop Profile related objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:223 +#: src/config/SSSDConfig/__init__.py.in:224 msgid "" "The amount of time in seconds between lookups of the Desktop Profile rules " "against the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:224 +#: src/config/SSSDConfig/__init__.py.in:225 msgid "" "The amount of time in minutes between lookups of Desktop Profiles rules " "against the IPA server when the last request did not find any rule" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:227 +#: src/config/SSSDConfig/__init__.py.in:228 msgid "Active Directory domain" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:228 +#: src/config/SSSDConfig/__init__.py.in:229 msgid "Enabled Active Directory domains" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:229 +#: src/config/SSSDConfig/__init__.py.in:230 msgid "Active Directory server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:230 +#: src/config/SSSDConfig/__init__.py.in:231 msgid "Active Directory backup server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:231 +#: src/config/SSSDConfig/__init__.py.in:232 msgid "Active Directory client hostname" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:233 -#: src/config/SSSDConfig/__init__.py.in:419 +#: src/config/SSSDConfig/__init__.py.in:234 +#: src/config/SSSDConfig/__init__.py.in:420 msgid "LDAP filter to determine access privileges" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:234 +#: src/config/SSSDConfig/__init__.py.in:235 msgid "Whether to use the Global Catalog for lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:235 +#: src/config/SSSDConfig/__init__.py.in:236 msgid "Operation mode for GPO-based access control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:236 +#: src/config/SSSDConfig/__init__.py.in:237 msgid "" "The amount of time between lookups of the GPO policy files against the AD " "server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:237 +#: src/config/SSSDConfig/__init__.py.in:238 msgid "" "PAM service names that map to the GPO (Deny)InteractiveLogonRight policy " "settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:238 +#: src/config/SSSDConfig/__init__.py.in:239 msgid "" "PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight " "policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:239 +#: src/config/SSSDConfig/__init__.py.in:240 msgid "" "PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:240 +#: src/config/SSSDConfig/__init__.py.in:241 msgid "" "PAM service names that map to the GPO (Deny)BatchLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:241 +#: src/config/SSSDConfig/__init__.py.in:242 msgid "" "PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:242 +#: src/config/SSSDConfig/__init__.py.in:243 msgid "PAM service names for which GPO-based access is always granted" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:243 +#: src/config/SSSDConfig/__init__.py.in:244 msgid "PAM service names for which GPO-based access is always denied" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:244 +#: src/config/SSSDConfig/__init__.py.in:245 msgid "" "Default logon right (or permit/deny) to use for unmapped PAM service names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:245 +#: src/config/SSSDConfig/__init__.py.in:246 msgid "a particular site to be used by the client" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:246 +#: src/config/SSSDConfig/__init__.py.in:247 msgid "" "Maximum age in days before the machine account password should be renewed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:247 +#: src/config/SSSDConfig/__init__.py.in:248 msgid "Option for tuning the machine account renewal task" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:250 #: src/config/SSSDConfig/__init__.py.in:251 +#: src/config/SSSDConfig/__init__.py.in:252 msgid "Kerberos server address" msgstr "Endereço do servidor Kerberos" -#: src/config/SSSDConfig/__init__.py.in:252 +#: src/config/SSSDConfig/__init__.py.in:253 msgid "Kerberos backup server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:253 +#: src/config/SSSDConfig/__init__.py.in:254 msgid "Kerberos realm" msgstr "Reino Kerberos" -#: src/config/SSSDConfig/__init__.py.in:254 +#: src/config/SSSDConfig/__init__.py.in:255 msgid "Authentication timeout" msgstr "Tempo de expiração da autenticação" -#: src/config/SSSDConfig/__init__.py.in:255 +#: src/config/SSSDConfig/__init__.py.in:256 msgid "Whether to create kdcinfo files" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:256 +#: src/config/SSSDConfig/__init__.py.in:257 msgid "Where to drop krb5 config snippets" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:259 +#: src/config/SSSDConfig/__init__.py.in:260 msgid "Directory to store credential caches" msgstr "Directório para armazenar as caches de credenciais" -#: src/config/SSSDConfig/__init__.py.in:260 +#: src/config/SSSDConfig/__init__.py.in:261 msgid "Location of the user's credential cache" msgstr "Localização da cache de credenciais dos utilizadores" -#: src/config/SSSDConfig/__init__.py.in:261 +#: src/config/SSSDConfig/__init__.py.in:262 msgid "Location of the keytab to validate credentials" msgstr "Localização da tabela de chaves (keytab) para validar credenciais" -#: src/config/SSSDConfig/__init__.py.in:262 +#: src/config/SSSDConfig/__init__.py.in:263 msgid "Enable credential validation" msgstr "Activar validação de credenciais" -#: src/config/SSSDConfig/__init__.py.in:263 +#: src/config/SSSDConfig/__init__.py.in:264 msgid "Store password if offline for later online authentication" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:264 +#: src/config/SSSDConfig/__init__.py.in:265 msgid "Renewable lifetime of the TGT" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:265 +#: src/config/SSSDConfig/__init__.py.in:266 msgid "Lifetime of the TGT" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:266 +#: src/config/SSSDConfig/__init__.py.in:267 msgid "Time between two checks for renewal" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:267 +#: src/config/SSSDConfig/__init__.py.in:268 msgid "Enables FAST" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:268 +#: src/config/SSSDConfig/__init__.py.in:269 msgid "Selects the principal to use for FAST" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:269 +#: src/config/SSSDConfig/__init__.py.in:270 msgid "Enables principal canonicalization" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:270 +#: src/config/SSSDConfig/__init__.py.in:271 msgid "Enables enterprise principals" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:271 -msgid "A mapping from user names to kerberos principal names" +#: src/config/SSSDConfig/__init__.py.in:272 +msgid "A mapping from user names to Kerberos principal names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:274 #: src/config/SSSDConfig/__init__.py.in:275 +#: src/config/SSSDConfig/__init__.py.in:276 msgid "Server where the change password service is running if not on the KDC" msgstr "" "Servidor onde está em execução o serviço de alteração de senha, se não " "coincide com o KDC" -#: src/config/SSSDConfig/__init__.py.in:278 +#: src/config/SSSDConfig/__init__.py.in:279 msgid "ldap_uri, The URI of the LDAP server" msgstr "ldap_uri, O URI do servidor LDAP" -#: src/config/SSSDConfig/__init__.py.in:279 +#: src/config/SSSDConfig/__init__.py.in:280 msgid "ldap_backup_uri, The URI of the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:280 +#: src/config/SSSDConfig/__init__.py.in:281 msgid "The default base DN" msgstr "A base DN por omissão" -#: src/config/SSSDConfig/__init__.py.in:281 +#: src/config/SSSDConfig/__init__.py.in:282 msgid "The Schema Type in use on the LDAP server, rfc2307" msgstr "O tipo de Schema em utilização no servidor LDAP, rfc2307" -#: src/config/SSSDConfig/__init__.py.in:282 +#: src/config/SSSDConfig/__init__.py.in:283 msgid "The default bind DN" msgstr "O DN por omissão para a ligação" -#: src/config/SSSDConfig/__init__.py.in:283 +#: src/config/SSSDConfig/__init__.py.in:284 msgid "The type of the authentication token of the default bind DN" msgstr "O tipo de token de autenticação do bind DN por omissão" -#: src/config/SSSDConfig/__init__.py.in:284 +#: src/config/SSSDConfig/__init__.py.in:285 msgid "The authentication token of the default bind DN" msgstr "O token de autenticação do bind DN por omissão" -#: src/config/SSSDConfig/__init__.py.in:285 +#: src/config/SSSDConfig/__init__.py.in:286 msgid "Length of time to attempt connection" msgstr "Período de tempo para tentar ligação" -#: src/config/SSSDConfig/__init__.py.in:286 +#: src/config/SSSDConfig/__init__.py.in:287 msgid "Length of time to attempt synchronous LDAP operations" msgstr "Tempo de espera para tentar operações LDAP síncronas" -#: src/config/SSSDConfig/__init__.py.in:287 +#: src/config/SSSDConfig/__init__.py.in:288 msgid "Length of time between attempts to reconnect while offline" msgstr "Tempo de espera entre tentativas para re-conectar quando desligado" -#: src/config/SSSDConfig/__init__.py.in:288 +#: src/config/SSSDConfig/__init__.py.in:289 msgid "Use only the upper case for realm names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:289 +#: src/config/SSSDConfig/__init__.py.in:290 msgid "File that contains CA certificates" msgstr "Ficheiro que contêm os certificados CA" -#: src/config/SSSDConfig/__init__.py.in:290 +#: src/config/SSSDConfig/__init__.py.in:291 msgid "Path to CA certificate directory" msgstr "Caminho para o directório do certificado CA" -#: src/config/SSSDConfig/__init__.py.in:291 +#: src/config/SSSDConfig/__init__.py.in:292 msgid "File that contains the client certificate" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:292 +#: src/config/SSSDConfig/__init__.py.in:293 msgid "File that contains the client key" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:293 +#: src/config/SSSDConfig/__init__.py.in:294 msgid "List of possible ciphers suites" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:294 +#: src/config/SSSDConfig/__init__.py.in:295 msgid "Require TLS certificate verification" msgstr "Obriga a verificação de certificados TLS" -#: src/config/SSSDConfig/__init__.py.in:295 +#: src/config/SSSDConfig/__init__.py.in:296 msgid "Specify the sasl mechanism to use" msgstr "Especificar mecanismo sasl a utilizar" -#: src/config/SSSDConfig/__init__.py.in:296 +#: src/config/SSSDConfig/__init__.py.in:297 msgid "Specify the sasl authorization id to use" msgstr "Especifique o id sasl para utilizar na autorização" -#: src/config/SSSDConfig/__init__.py.in:297 +#: src/config/SSSDConfig/__init__.py.in:298 msgid "Specify the sasl authorization realm to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:298 +#: src/config/SSSDConfig/__init__.py.in:299 msgid "Specify the minimal SSF for LDAP sasl authorization" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:299 +#: src/config/SSSDConfig/__init__.py.in:300 msgid "Kerberos service keytab" msgstr "Separador chave do serviço Kerberos" -#: src/config/SSSDConfig/__init__.py.in:300 +#: src/config/SSSDConfig/__init__.py.in:301 msgid "Use Kerberos auth for LDAP connection" msgstr "Utilizar autenticação Kerberos para ligações LDAP" -#: src/config/SSSDConfig/__init__.py.in:301 +#: src/config/SSSDConfig/__init__.py.in:302 msgid "Follow LDAP referrals" msgstr "Seguir os referrals LDAP" -#: src/config/SSSDConfig/__init__.py.in:302 +#: src/config/SSSDConfig/__init__.py.in:303 msgid "Lifetime of TGT for LDAP connection" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:303 +#: src/config/SSSDConfig/__init__.py.in:304 msgid "How to dereference aliases" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:304 +#: src/config/SSSDConfig/__init__.py.in:305 msgid "Service name for DNS service lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:305 +#: src/config/SSSDConfig/__init__.py.in:306 msgid "The number of records to retrieve in a single LDAP query" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:306 +#: src/config/SSSDConfig/__init__.py.in:307 msgid "The number of members that must be missing to trigger a full deref" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:307 +#: src/config/SSSDConfig/__init__.py.in:308 msgid "" "Whether the LDAP library should perform a reverse lookup to canonicalize the " "host name during a SASL bind" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:309 +#: src/config/SSSDConfig/__init__.py.in:310 msgid "entryUSN attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:310 +#: src/config/SSSDConfig/__init__.py.in:311 msgid "lastUSN attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:312 +#: src/config/SSSDConfig/__init__.py.in:313 msgid "How long to retain a connection to the LDAP server before disconnecting" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:314 +#: src/config/SSSDConfig/__init__.py.in:315 msgid "Disable the LDAP paging control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:315 +#: src/config/SSSDConfig/__init__.py.in:316 msgid "Disable Active Directory range retrieval" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:318 +#: src/config/SSSDConfig/__init__.py.in:319 msgid "Length of time to wait for a search request" msgstr "Tempo de espera por um pedido de pesquisa" -#: src/config/SSSDConfig/__init__.py.in:319 +#: src/config/SSSDConfig/__init__.py.in:320 msgid "Length of time to wait for a enumeration request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:320 +#: src/config/SSSDConfig/__init__.py.in:321 msgid "Length of time between enumeration updates" msgstr "Período de tempo entre enumeração de actualizações" -#: src/config/SSSDConfig/__init__.py.in:321 +#: src/config/SSSDConfig/__init__.py.in:322 msgid "Length of time between cache cleanups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:322 +#: src/config/SSSDConfig/__init__.py.in:323 msgid "Require TLS for ID lookups" msgstr "Requer TLS para consultas de ID" -#: src/config/SSSDConfig/__init__.py.in:323 +#: src/config/SSSDConfig/__init__.py.in:324 msgid "Use ID-mapping of objectSID instead of pre-set IDs" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:324 +#: src/config/SSSDConfig/__init__.py.in:325 msgid "Base DN for user lookups" msgstr "DN base para pesquisa de utilizadores" -#: src/config/SSSDConfig/__init__.py.in:325 +#: src/config/SSSDConfig/__init__.py.in:326 msgid "Scope of user lookups" msgstr "Âmbito das pesquisas do utilizador" -#: src/config/SSSDConfig/__init__.py.in:326 +#: src/config/SSSDConfig/__init__.py.in:327 msgid "Filter for user lookups" msgstr "Filtro para as pesquisas do utilizador" -#: src/config/SSSDConfig/__init__.py.in:327 +#: src/config/SSSDConfig/__init__.py.in:328 msgid "Objectclass for users" msgstr "Objectclass para utilizadores" -#: src/config/SSSDConfig/__init__.py.in:328 +#: src/config/SSSDConfig/__init__.py.in:329 msgid "Username attribute" msgstr "Atributo do nome do utilizador" -#: src/config/SSSDConfig/__init__.py.in:330 +#: src/config/SSSDConfig/__init__.py.in:331 msgid "UID attribute" msgstr "Atributo UID" -#: src/config/SSSDConfig/__init__.py.in:331 +#: src/config/SSSDConfig/__init__.py.in:332 msgid "Primary GID attribute" msgstr "Atributo GID primário" -#: src/config/SSSDConfig/__init__.py.in:332 +#: src/config/SSSDConfig/__init__.py.in:333 msgid "GECOS attribute" msgstr "Atributo GECOS" -#: src/config/SSSDConfig/__init__.py.in:333 +#: src/config/SSSDConfig/__init__.py.in:334 msgid "Home directory attribute" msgstr "Atributo da pasta pessoal" -#: src/config/SSSDConfig/__init__.py.in:334 +#: src/config/SSSDConfig/__init__.py.in:335 msgid "Shell attribute" msgstr "Atributo da Shell" -#: src/config/SSSDConfig/__init__.py.in:335 +#: src/config/SSSDConfig/__init__.py.in:336 msgid "UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:336 -#: src/config/SSSDConfig/__init__.py.in:378 +#: src/config/SSSDConfig/__init__.py.in:337 +#: src/config/SSSDConfig/__init__.py.in:379 msgid "objectSID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:337 +#: src/config/SSSDConfig/__init__.py.in:338 msgid "Active Directory primary group attribute for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:338 +#: src/config/SSSDConfig/__init__.py.in:339 msgid "User principal attribute (for Kerberos)" msgstr "Atributo principal do utilizador (para Kerberos)" -#: src/config/SSSDConfig/__init__.py.in:339 +#: src/config/SSSDConfig/__init__.py.in:340 msgid "Full Name" msgstr "Nome Completo" -#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:341 msgid "memberOf attribute" msgstr "Atributo memberOf" -#: src/config/SSSDConfig/__init__.py.in:341 +#: src/config/SSSDConfig/__init__.py.in:342 msgid "Modification time attribute" msgstr "Atributo da alteração da data" -#: src/config/SSSDConfig/__init__.py.in:343 +#: src/config/SSSDConfig/__init__.py.in:344 msgid "shadowLastChange attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:344 +#: src/config/SSSDConfig/__init__.py.in:345 msgid "shadowMin attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:345 +#: src/config/SSSDConfig/__init__.py.in:346 msgid "shadowMax attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:346 +#: src/config/SSSDConfig/__init__.py.in:347 msgid "shadowWarning attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:347 +#: src/config/SSSDConfig/__init__.py.in:348 msgid "shadowInactive attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:348 +#: src/config/SSSDConfig/__init__.py.in:349 msgid "shadowExpire attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:349 +#: src/config/SSSDConfig/__init__.py.in:350 msgid "shadowFlag attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:350 +#: src/config/SSSDConfig/__init__.py.in:351 msgid "Attribute listing authorized PAM services" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:351 +#: src/config/SSSDConfig/__init__.py.in:352 msgid "Attribute listing authorized server hosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:352 +#: src/config/SSSDConfig/__init__.py.in:353 msgid "Attribute listing authorized server rhosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:353 +#: src/config/SSSDConfig/__init__.py.in:354 msgid "krbLastPwdChange attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:354 +#: src/config/SSSDConfig/__init__.py.in:355 msgid "krbPasswordExpiration attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:355 +#: src/config/SSSDConfig/__init__.py.in:356 msgid "Attribute indicating that server side password policies are active" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:356 +#: src/config/SSSDConfig/__init__.py.in:357 msgid "accountExpires attribute of AD" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:357 +#: src/config/SSSDConfig/__init__.py.in:358 msgid "userAccountControl attribute of AD" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:358 +#: src/config/SSSDConfig/__init__.py.in:359 msgid "nsAccountLock attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:359 +#: src/config/SSSDConfig/__init__.py.in:360 msgid "loginDisabled attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:360 +#: src/config/SSSDConfig/__init__.py.in:361 msgid "loginExpirationTime attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:361 +#: src/config/SSSDConfig/__init__.py.in:362 msgid "loginAllowedTimeMap attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:362 +#: src/config/SSSDConfig/__init__.py.in:363 msgid "SSH public key attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:363 +#: src/config/SSSDConfig/__init__.py.in:364 msgid "attribute listing allowed authentication types for a user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:364 +#: src/config/SSSDConfig/__init__.py.in:365 msgid "attribute containing the X509 certificate of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:365 +#: src/config/SSSDConfig/__init__.py.in:366 msgid "attribute containing the email address of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:367 +#: src/config/SSSDConfig/__init__.py.in:368 msgid "A list of extra attributes to download along with the user entry" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:369 +#: src/config/SSSDConfig/__init__.py.in:370 msgid "Base DN for group lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:372 +#: src/config/SSSDConfig/__init__.py.in:373 msgid "Objectclass for groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:373 +#: src/config/SSSDConfig/__init__.py.in:374 msgid "Group name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:374 +#: src/config/SSSDConfig/__init__.py.in:375 msgid "Group password" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:375 +#: src/config/SSSDConfig/__init__.py.in:376 msgid "GID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:376 +#: src/config/SSSDConfig/__init__.py.in:377 msgid "Group member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:377 +#: src/config/SSSDConfig/__init__.py.in:378 msgid "Group UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:379 +#: src/config/SSSDConfig/__init__.py.in:380 msgid "Modification time attribute for groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:380 +#: src/config/SSSDConfig/__init__.py.in:381 msgid "Type of the group and other flags" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:381 +#: src/config/SSSDConfig/__init__.py.in:382 msgid "The LDAP group external member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:383 -msgid "Maximum nesting level SSSd will follow" +#: src/config/SSSDConfig/__init__.py.in:384 +msgid "Maximum nesting level SSSD will follow" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:385 +#: src/config/SSSDConfig/__init__.py.in:386 msgid "Base DN for netgroup lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:386 +#: src/config/SSSDConfig/__init__.py.in:387 msgid "Objectclass for netgroups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:387 +#: src/config/SSSDConfig/__init__.py.in:388 msgid "Netgroup name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:388 +#: src/config/SSSDConfig/__init__.py.in:389 msgid "Netgroups members attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:389 +#: src/config/SSSDConfig/__init__.py.in:390 msgid "Netgroup triple attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:390 +#: src/config/SSSDConfig/__init__.py.in:391 msgid "Modification time attribute for netgroups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:392 +#: src/config/SSSDConfig/__init__.py.in:393 msgid "Base DN for service lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:393 +#: src/config/SSSDConfig/__init__.py.in:394 msgid "Objectclass for services" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:394 +#: src/config/SSSDConfig/__init__.py.in:395 msgid "Service name attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:395 +#: src/config/SSSDConfig/__init__.py.in:396 msgid "Service port attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:396 +#: src/config/SSSDConfig/__init__.py.in:397 msgid "Service protocol attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:399 +#: src/config/SSSDConfig/__init__.py.in:400 msgid "Lower bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:400 +#: src/config/SSSDConfig/__init__.py.in:401 msgid "Upper bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:401 +#: src/config/SSSDConfig/__init__.py.in:402 msgid "Number of IDs for each slice when ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:402 +#: src/config/SSSDConfig/__init__.py.in:403 msgid "Use autorid-compatible algorithm for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:403 +#: src/config/SSSDConfig/__init__.py.in:404 msgid "Name of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:404 +#: src/config/SSSDConfig/__init__.py.in:405 msgid "SID of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:405 +#: src/config/SSSDConfig/__init__.py.in:406 msgid "Number of secondary slices" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:407 +#: src/config/SSSDConfig/__init__.py.in:408 msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:408 +#: src/config/SSSDConfig/__init__.py.in:409 msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:409 +#: src/config/SSSDConfig/__init__.py.in:410 msgid "Whether to use Token-Groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:410 +#: src/config/SSSDConfig/__init__.py.in:411 msgid "Set lower boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:411 +#: src/config/SSSDConfig/__init__.py.in:412 msgid "Set upper boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:412 +#: src/config/SSSDConfig/__init__.py.in:413 msgid "DN for ppolicy queries" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:413 +#: src/config/SSSDConfig/__init__.py.in:414 msgid "How many maximum entries to fetch during a wildcard request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:416 +#: src/config/SSSDConfig/__init__.py.in:417 msgid "Policy to evaluate the password expiration" msgstr "Politica para avaliar a expiração da senha" -#: src/config/SSSDConfig/__init__.py.in:420 +#: src/config/SSSDConfig/__init__.py.in:421 msgid "Which attributes shall be used to evaluate if an account is expired" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:421 +#: src/config/SSSDConfig/__init__.py.in:422 msgid "Which rules should be used to evaluate access control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:424 +#: src/config/SSSDConfig/__init__.py.in:425 msgid "URI of an LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:425 +#: src/config/SSSDConfig/__init__.py.in:426 msgid "URI of a backup LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:426 +#: src/config/SSSDConfig/__init__.py.in:427 msgid "DNS service name for LDAP password change server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:427 +#: src/config/SSSDConfig/__init__.py.in:428 msgid "" "Whether to update the ldap_user_shadow_last_change attribute after a " "password change" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:430 +#: src/config/SSSDConfig/__init__.py.in:431 msgid "Base DN for sudo rules lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:431 +#: src/config/SSSDConfig/__init__.py.in:432 msgid "Automatic full refresh period" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:432 +#: src/config/SSSDConfig/__init__.py.in:433 msgid "Automatic smart refresh period" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:433 +#: src/config/SSSDConfig/__init__.py.in:434 msgid "Whether to filter rules by hostname, IP addresses and network" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:434 +#: src/config/SSSDConfig/__init__.py.in:435 msgid "" "Hostnames and/or fully qualified domain names of this machine to filter sudo " "rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:435 +#: src/config/SSSDConfig/__init__.py.in:436 msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:436 +#: src/config/SSSDConfig/__init__.py.in:437 msgid "Whether to include rules that contains netgroup in host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:437 +#: src/config/SSSDConfig/__init__.py.in:438 msgid "" "Whether to include rules that contains regular expression in host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:438 +#: src/config/SSSDConfig/__init__.py.in:439 msgid "Object class for sudo rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:439 +#: src/config/SSSDConfig/__init__.py.in:440 msgid "Sudo rule name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:440 +#: src/config/SSSDConfig/__init__.py.in:441 msgid "Sudo rule command attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:441 +#: src/config/SSSDConfig/__init__.py.in:442 msgid "Sudo rule host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:442 +#: src/config/SSSDConfig/__init__.py.in:443 msgid "Sudo rule user attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:443 +#: src/config/SSSDConfig/__init__.py.in:444 msgid "Sudo rule option attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:444 +#: src/config/SSSDConfig/__init__.py.in:445 msgid "Sudo rule runas attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:445 +#: src/config/SSSDConfig/__init__.py.in:446 msgid "Sudo rule runasuser attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:446 +#: src/config/SSSDConfig/__init__.py.in:447 msgid "Sudo rule runasgroup attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:447 +#: src/config/SSSDConfig/__init__.py.in:448 msgid "Sudo rule notbefore attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:448 +#: src/config/SSSDConfig/__init__.py.in:449 msgid "Sudo rule notafter attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:449 +#: src/config/SSSDConfig/__init__.py.in:450 msgid "Sudo rule order attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:452 +#: src/config/SSSDConfig/__init__.py.in:453 msgid "Object class for automounter maps" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:453 +#: src/config/SSSDConfig/__init__.py.in:454 msgid "Automounter map name attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:454 +#: src/config/SSSDConfig/__init__.py.in:455 msgid "Object class for automounter map entries" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:455 +#: src/config/SSSDConfig/__init__.py.in:456 msgid "Automounter map entry key attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:456 +#: src/config/SSSDConfig/__init__.py.in:457 msgid "Automounter map entry value attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:457 +#: src/config/SSSDConfig/__init__.py.in:458 msgid "Base DN for automounter map lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:460 +#: src/config/SSSDConfig/__init__.py.in:461 msgid "Comma separated list of allowed users" msgstr "Lista de utilizadores autorizados separados por vírgulas" -#: src/config/SSSDConfig/__init__.py.in:461 +#: src/config/SSSDConfig/__init__.py.in:462 msgid "Comma separated list of prohibited users" msgstr "Lista de utilizadores não autorizados separados por vírgulas" -#: src/config/SSSDConfig/__init__.py.in:464 +#: src/config/SSSDConfig/__init__.py.in:465 msgid "Default shell, /bin/bash" msgstr "Shell pré-definida, /bin/bash" -#: src/config/SSSDConfig/__init__.py.in:465 +#: src/config/SSSDConfig/__init__.py.in:466 msgid "Base for home directories" msgstr "Directório base para as pastas pessoais" -#: src/config/SSSDConfig/__init__.py.in:468 +#: src/config/SSSDConfig/__init__.py.in:469 msgid "The number of preforked proxy children." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:471 +#: src/config/SSSDConfig/__init__.py.in:472 msgid "The name of the NSS library to use" msgstr "O nome da biblioteca NSS a utilizar" -#: src/config/SSSDConfig/__init__.py.in:472 +#: src/config/SSSDConfig/__init__.py.in:473 msgid "Whether to look up canonical group name from cache if possible" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:475 +#: src/config/SSSDConfig/__init__.py.in:476 msgid "PAM stack to use" msgstr "Stack PAM a utilizar" -#: src/monitor/monitor.c:2469 +#: src/monitor/monitor.c:2449 msgid "Become a daemon (default)" msgstr "Tornar-se num serviço (omissão)" -#: src/monitor/monitor.c:2471 +#: src/monitor/monitor.c:2451 msgid "Run interactive (not a daemon)" msgstr "Executar interactivamente (não como serviço)" -#: src/monitor/monitor.c:2474 +#: src/monitor/monitor.c:2454 msgid "Disable netlink interface" msgstr "" -#: src/monitor/monitor.c:2476 src/tools/sssctl/sssctl_logs.c:311 +#: src/monitor/monitor.c:2456 src/tools/sssctl/sssctl_logs.c:311 msgid "Specify a non-default config file" msgstr "Especificar um ficheiro de configuração não standard" -#: src/monitor/monitor.c:2478 +#: src/monitor/monitor.c:2458 msgid "Refresh the configuration database, then exit" msgstr "" -#: src/monitor/monitor.c:2481 +#: src/monitor/monitor.c:2461 msgid "Print version number and exit" msgstr "" -#: src/monitor/monitor.c:2645 +#: src/monitor/monitor.c:2627 msgid "SSSD is already running\n" msgstr "" -#: src/providers/krb5/krb5_child.c:3032 src/providers/ldap/ldap_child.c:616 +#: src/providers/krb5/krb5_child.c:3216 src/providers/ldap/ldap_child.c:617 msgid "Debug level" msgstr "Nível de depuração" -#: src/providers/krb5/krb5_child.c:3034 src/providers/ldap/ldap_child.c:618 +#: src/providers/krb5/krb5_child.c:3218 src/providers/ldap/ldap_child.c:619 msgid "Add debug timestamps" msgstr "Adicionar tempos na depuração" -#: src/providers/krb5/krb5_child.c:3036 src/providers/ldap/ldap_child.c:620 +#: src/providers/krb5/krb5_child.c:3220 src/providers/ldap/ldap_child.c:621 msgid "Show timestamps with microseconds" msgstr "" -#: src/providers/krb5/krb5_child.c:3038 src/providers/ldap/ldap_child.c:622 +#: src/providers/krb5/krb5_child.c:3222 src/providers/ldap/ldap_child.c:623 msgid "An open file descriptor for the debug logs" msgstr "Um descritor de ficheiro aberto para os registos de depuração" -#: src/providers/krb5/krb5_child.c:3041 src/providers/ldap/ldap_child.c:624 +#: src/providers/krb5/krb5_child.c:3225 src/providers/ldap/ldap_child.c:625 msgid "Send the debug output to stderr directly." msgstr "" -#: src/providers/krb5/krb5_child.c:3043 +#: src/providers/krb5/krb5_child.c:3228 msgid "The user to create FAST ccache as" msgstr "" -#: src/providers/krb5/krb5_child.c:3045 +#: src/providers/krb5/krb5_child.c:3230 msgid "The group to create FAST ccache as" msgstr "" -#: src/providers/krb5/krb5_child.c:3047 +#: src/providers/krb5/krb5_child.c:3232 msgid "Kerberos realm to use" msgstr "" -#: src/providers/krb5/krb5_child.c:3049 +#: src/providers/krb5/krb5_child.c:3234 msgid "Requested lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:3051 +#: src/providers/krb5/krb5_child.c:3236 msgid "Requested renewable lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:3053 +#: src/providers/krb5/krb5_child.c:3238 msgid "FAST options ('never', 'try', 'demand')" msgstr "" -#: src/providers/krb5/krb5_child.c:3056 +#: src/providers/krb5/krb5_child.c:3241 msgid "Specifies the server principal to use for FAST" msgstr "" -#: src/providers/krb5/krb5_child.c:3058 +#: src/providers/krb5/krb5_child.c:3243 msgid "Requests canonicalization of the principal name" msgstr "" -#: src/providers/data_provider_be.c:553 +#: src/providers/krb5/krb5_child.c:3245 +msgid "Use custom version of krb5_get_init_creds_password" +msgstr "" + +#: src/providers/data_provider_be.c:555 msgid "Domain of the information provider (mandatory)" msgstr "Domínio do fornecedor de informação (obrigatório)" -#: src/sss_client/common.c:1061 +#: src/sss_client/common.c:1066 msgid "Privileged socket has wrong ownership or permissions." msgstr "" -#: src/sss_client/common.c:1064 +#: src/sss_client/common.c:1069 msgid "Public socket has wrong ownership or permissions." msgstr "" -#: src/sss_client/common.c:1067 +#: src/sss_client/common.c:1072 msgid "Unexpected format of the server credential message." msgstr "" -#: src/sss_client/common.c:1070 +#: src/sss_client/common.c:1075 msgid "SSSD is not run by root." msgstr "" -#: src/sss_client/common.c:1075 +#: src/sss_client/common.c:1080 msgid "An error occurred, but no description can be found." msgstr "" -#: src/sss_client/common.c:1081 +#: src/sss_client/common.c:1086 msgid "Unexpected error while looking for an error description" msgstr "" -#: src/sss_client/pam_sss.c:68 +#: src/sss_client/pam_sss.c:76 msgid "Permission denied. " msgstr "" -#: src/sss_client/pam_sss.c:69 src/sss_client/pam_sss.c:746 -#: src/sss_client/pam_sss.c:757 +#: src/sss_client/pam_sss.c:77 src/sss_client/pam_sss.c:782 +#: src/sss_client/pam_sss.c:793 msgid "Server message: " msgstr "Mensagem do Servidor: " -#: src/sss_client/pam_sss.c:264 +#: src/sss_client/pam_sss.c:300 msgid "Passwords do not match" msgstr "Senhas não coincidem" -#: src/sss_client/pam_sss.c:452 +#: src/sss_client/pam_sss.c:488 msgid "Password reset by root is not supported." msgstr "" -#: src/sss_client/pam_sss.c:493 +#: src/sss_client/pam_sss.c:529 msgid "Authenticated with cached credentials" msgstr "" -#: src/sss_client/pam_sss.c:494 +#: src/sss_client/pam_sss.c:530 msgid ", your cached password will expire at: " msgstr ", a sua senha guardada em cache irá expirar em: " -#: src/sss_client/pam_sss.c:524 +#: src/sss_client/pam_sss.c:560 #, c-format msgid "Your password has expired. You have %1$d grace login(s) remaining." msgstr "" -#: src/sss_client/pam_sss.c:570 +#: src/sss_client/pam_sss.c:606 #, c-format msgid "Your password will expire in %1$d %2$s." msgstr "" -#: src/sss_client/pam_sss.c:619 +#: src/sss_client/pam_sss.c:655 msgid "Authentication is denied until: " msgstr "" -#: src/sss_client/pam_sss.c:640 +#: src/sss_client/pam_sss.c:676 msgid "System is offline, password change not possible" msgstr "O sistema está offline, a mudança de senha não é possível" -#: src/sss_client/pam_sss.c:655 +#: src/sss_client/pam_sss.c:691 msgid "" "After changing the OTP password, you need to log out and back in order to " "acquire a ticket" msgstr "" -#: src/sss_client/pam_sss.c:743 src/sss_client/pam_sss.c:756 +#: src/sss_client/pam_sss.c:779 src/sss_client/pam_sss.c:792 msgid "Password change failed. " msgstr "Alteração da senha falhou." -#: src/sss_client/pam_sss.c:1670 +#: src/sss_client/pam_sss.c:1926 msgid "New Password: " msgstr "Nova Senha: " -#: src/sss_client/pam_sss.c:1671 +#: src/sss_client/pam_sss.c:1927 msgid "Reenter new Password: " msgstr "Digite a senha novamente: " -#: src/sss_client/pam_sss.c:1783 src/sss_client/pam_sss.c:1786 +#: src/sss_client/pam_sss.c:2039 src/sss_client/pam_sss.c:2042 msgid "First Factor: " msgstr "" -#: src/sss_client/pam_sss.c:1784 +#: src/sss_client/pam_sss.c:2040 src/sss_client/pam_sss.c:2202 msgid "Second Factor (optional): " msgstr "" -#: src/sss_client/pam_sss.c:1787 +#: src/sss_client/pam_sss.c:2043 src/sss_client/pam_sss.c:2205 msgid "Second Factor: " msgstr "" -#: src/sss_client/pam_sss.c:1792 +#: src/sss_client/pam_sss.c:2058 msgid "Password: " msgstr "Senha: " -#: src/sss_client/pam_sss.c:1832 +#: src/sss_client/pam_sss.c:2201 src/sss_client/pam_sss.c:2204 +#, fuzzy +msgid "First Factor (Current Password): " +msgstr "Senha actual: " + +#: src/sss_client/pam_sss.c:2208 msgid "Current Password: " msgstr "Senha actual: " -#: src/sss_client/pam_sss.c:2098 +#: src/sss_client/pam_sss.c:2536 msgid "Password expired. Change your password now." msgstr "A senha expirou. Altere a sua senha agora." @@ -2310,38 +2323,38 @@ msgstr "" msgid "Cached in InfoPipe" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:511 +#: src/tools/sssctl/sssctl_cache.c:512 #, c-format msgid "Error: Unable to get object [%d]: %s\n" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:527 +#: src/tools/sssctl/sssctl_cache.c:528 #, c-format msgid "%s: Unable to read value [%d]: %s\n" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:555 +#: src/tools/sssctl/sssctl_cache.c:556 msgid "Specify name." msgstr "" -#: src/tools/sssctl/sssctl_cache.c:565 +#: src/tools/sssctl/sssctl_cache.c:566 #, c-format msgid "Unable to parse name %s.\n" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:591 src/tools/sssctl/sssctl_cache.c:638 +#: src/tools/sssctl/sssctl_cache.c:592 src/tools/sssctl/sssctl_cache.c:639 msgid "Search by SID" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:592 +#: src/tools/sssctl/sssctl_cache.c:593 msgid "Search by user ID" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:601 +#: src/tools/sssctl/sssctl_cache.c:602 msgid "Initgroups expiration time" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:639 +#: src/tools/sssctl/sssctl_cache.c:640 msgid "Search by group ID" msgstr "" @@ -2379,7 +2392,7 @@ msgid "Unable to create backup directory [%d]: %s" msgstr "" #: src/tools/sssctl/sssctl_data.c:95 -msgid "SSSD backup of local data already exist, override?" +msgid "SSSD backup of local data already exists, override?" msgstr "" #: src/tools/sssctl/sssctl_data.c:111 diff --git a/po/pt_BR.po b/po/pt_BR.po index 7e76dd923a4..1b6ad00df9c 100644 --- a/po/pt_BR.po +++ b/po/pt_BR.po @@ -3,7 +3,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2017-10-20 16:16+0200\n" +"POT-Creation-Date: 2018-03-09 12:31+0100\n" "PO-Revision-Date: 2015-10-27 08:15-0400\n" "Last-Translator: Marco Aurélio Krause \n" "Language-Team: Portuguese (Brazil)\n" @@ -486,12 +486,12 @@ msgid "Whether to automatically update the client's DNS entry" msgstr "" #: src/config/SSSDConfig/__init__.py.in:184 -#: src/config/SSSDConfig/__init__.py.in:205 +#: src/config/SSSDConfig/__init__.py.in:206 msgid "The TTL to apply to the client's DNS entry after updating it" msgstr "" #: src/config/SSSDConfig/__init__.py.in:185 -#: src/config/SSSDConfig/__init__.py.in:206 +#: src/config/SSSDConfig/__init__.py.in:207 msgid "The interface whose IP should be used for dynamic DNS updates" msgstr "" @@ -535,1114 +535,1126 @@ msgstr "" msgid "How long can cached credentials be used for cached authentication" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:200 -msgid "IPA domain" +#: src/config/SSSDConfig/__init__.py.in:198 +msgid "Whether to automatically create private groups for users" msgstr "" #: src/config/SSSDConfig/__init__.py.in:201 -msgid "IPA server address" +msgid "IPA domain" msgstr "" #: src/config/SSSDConfig/__init__.py.in:202 -msgid "Address of backup IPA server" +msgid "IPA server address" msgstr "" #: src/config/SSSDConfig/__init__.py.in:203 -msgid "IPA client hostname" +msgid "Address of backup IPA server" msgstr "" #: src/config/SSSDConfig/__init__.py.in:204 +msgid "IPA client hostname" +msgstr "" + +#: src/config/SSSDConfig/__init__.py.in:205 msgid "Whether to automatically update the client's DNS entry in FreeIPA" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:207 +#: src/config/SSSDConfig/__init__.py.in:208 msgid "Search base for HBAC related objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:208 +#: src/config/SSSDConfig/__init__.py.in:209 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:209 +#: src/config/SSSDConfig/__init__.py.in:210 msgid "" "The amount of time in seconds between lookups of the SELinux maps against " "the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:210 +#: src/config/SSSDConfig/__init__.py.in:211 msgid "If set to false, host argument given by PAM will be ignored" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:211 +#: src/config/SSSDConfig/__init__.py.in:212 msgid "The automounter location this IPA client is using" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:212 +#: src/config/SSSDConfig/__init__.py.in:213 msgid "Search base for object containing info about IPA domain" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:213 +#: src/config/SSSDConfig/__init__.py.in:214 msgid "Search base for objects containing info about ID ranges" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:214 -#: src/config/SSSDConfig/__init__.py.in:232 +#: src/config/SSSDConfig/__init__.py.in:215 +#: src/config/SSSDConfig/__init__.py.in:233 msgid "Enable DNS sites - location based service discovery" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:215 +#: src/config/SSSDConfig/__init__.py.in:216 msgid "Search base for view containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:216 +#: src/config/SSSDConfig/__init__.py.in:217 msgid "Objectclass for view containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:217 +#: src/config/SSSDConfig/__init__.py.in:218 msgid "Attribute with the name of the view" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:218 +#: src/config/SSSDConfig/__init__.py.in:219 msgid "Objectclass for override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:219 +#: src/config/SSSDConfig/__init__.py.in:220 msgid "Attribute with the reference to the original object" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:220 +#: src/config/SSSDConfig/__init__.py.in:221 msgid "Objectclass for user override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:221 +#: src/config/SSSDConfig/__init__.py.in:222 msgid "Objectclass for group override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:222 +#: src/config/SSSDConfig/__init__.py.in:223 msgid "Search base for Desktop Profile related objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:223 +#: src/config/SSSDConfig/__init__.py.in:224 msgid "" "The amount of time in seconds between lookups of the Desktop Profile rules " "against the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:224 +#: src/config/SSSDConfig/__init__.py.in:225 msgid "" "The amount of time in minutes between lookups of Desktop Profiles rules " "against the IPA server when the last request did not find any rule" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:227 +#: src/config/SSSDConfig/__init__.py.in:228 msgid "Active Directory domain" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:228 +#: src/config/SSSDConfig/__init__.py.in:229 msgid "Enabled Active Directory domains" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:229 +#: src/config/SSSDConfig/__init__.py.in:230 msgid "Active Directory server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:230 +#: src/config/SSSDConfig/__init__.py.in:231 msgid "Active Directory backup server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:231 +#: src/config/SSSDConfig/__init__.py.in:232 msgid "Active Directory client hostname" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:233 -#: src/config/SSSDConfig/__init__.py.in:419 +#: src/config/SSSDConfig/__init__.py.in:234 +#: src/config/SSSDConfig/__init__.py.in:420 msgid "LDAP filter to determine access privileges" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:234 +#: src/config/SSSDConfig/__init__.py.in:235 msgid "Whether to use the Global Catalog for lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:235 +#: src/config/SSSDConfig/__init__.py.in:236 msgid "Operation mode for GPO-based access control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:236 +#: src/config/SSSDConfig/__init__.py.in:237 msgid "" "The amount of time between lookups of the GPO policy files against the AD " "server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:237 +#: src/config/SSSDConfig/__init__.py.in:238 msgid "" "PAM service names that map to the GPO (Deny)InteractiveLogonRight policy " "settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:238 +#: src/config/SSSDConfig/__init__.py.in:239 msgid "" "PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight " "policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:239 +#: src/config/SSSDConfig/__init__.py.in:240 msgid "" "PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:240 +#: src/config/SSSDConfig/__init__.py.in:241 msgid "" "PAM service names that map to the GPO (Deny)BatchLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:241 +#: src/config/SSSDConfig/__init__.py.in:242 msgid "" "PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:242 +#: src/config/SSSDConfig/__init__.py.in:243 msgid "PAM service names for which GPO-based access is always granted" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:243 +#: src/config/SSSDConfig/__init__.py.in:244 msgid "PAM service names for which GPO-based access is always denied" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:244 +#: src/config/SSSDConfig/__init__.py.in:245 msgid "" "Default logon right (or permit/deny) to use for unmapped PAM service names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:245 +#: src/config/SSSDConfig/__init__.py.in:246 msgid "a particular site to be used by the client" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:246 +#: src/config/SSSDConfig/__init__.py.in:247 msgid "" "Maximum age in days before the machine account password should be renewed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:247 +#: src/config/SSSDConfig/__init__.py.in:248 msgid "Option for tuning the machine account renewal task" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:250 #: src/config/SSSDConfig/__init__.py.in:251 +#: src/config/SSSDConfig/__init__.py.in:252 msgid "Kerberos server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:252 +#: src/config/SSSDConfig/__init__.py.in:253 msgid "Kerberos backup server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:253 +#: src/config/SSSDConfig/__init__.py.in:254 msgid "Kerberos realm" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:254 +#: src/config/SSSDConfig/__init__.py.in:255 msgid "Authentication timeout" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:255 +#: src/config/SSSDConfig/__init__.py.in:256 msgid "Whether to create kdcinfo files" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:256 +#: src/config/SSSDConfig/__init__.py.in:257 msgid "Where to drop krb5 config snippets" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:259 +#: src/config/SSSDConfig/__init__.py.in:260 msgid "Directory to store credential caches" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:260 +#: src/config/SSSDConfig/__init__.py.in:261 msgid "Location of the user's credential cache" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:261 +#: src/config/SSSDConfig/__init__.py.in:262 msgid "Location of the keytab to validate credentials" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:262 +#: src/config/SSSDConfig/__init__.py.in:263 msgid "Enable credential validation" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:263 +#: src/config/SSSDConfig/__init__.py.in:264 msgid "Store password if offline for later online authentication" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:264 +#: src/config/SSSDConfig/__init__.py.in:265 msgid "Renewable lifetime of the TGT" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:265 +#: src/config/SSSDConfig/__init__.py.in:266 msgid "Lifetime of the TGT" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:266 +#: src/config/SSSDConfig/__init__.py.in:267 msgid "Time between two checks for renewal" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:267 +#: src/config/SSSDConfig/__init__.py.in:268 msgid "Enables FAST" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:268 +#: src/config/SSSDConfig/__init__.py.in:269 msgid "Selects the principal to use for FAST" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:269 +#: src/config/SSSDConfig/__init__.py.in:270 msgid "Enables principal canonicalization" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:270 +#: src/config/SSSDConfig/__init__.py.in:271 msgid "Enables enterprise principals" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:271 -msgid "A mapping from user names to kerberos principal names" +#: src/config/SSSDConfig/__init__.py.in:272 +msgid "A mapping from user names to Kerberos principal names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:274 #: src/config/SSSDConfig/__init__.py.in:275 +#: src/config/SSSDConfig/__init__.py.in:276 msgid "Server where the change password service is running if not on the KDC" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:278 +#: src/config/SSSDConfig/__init__.py.in:279 msgid "ldap_uri, The URI of the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:279 +#: src/config/SSSDConfig/__init__.py.in:280 msgid "ldap_backup_uri, The URI of the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:280 +#: src/config/SSSDConfig/__init__.py.in:281 msgid "The default base DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:281 +#: src/config/SSSDConfig/__init__.py.in:282 msgid "The Schema Type in use on the LDAP server, rfc2307" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:282 +#: src/config/SSSDConfig/__init__.py.in:283 msgid "The default bind DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:283 +#: src/config/SSSDConfig/__init__.py.in:284 msgid "The type of the authentication token of the default bind DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:284 +#: src/config/SSSDConfig/__init__.py.in:285 msgid "The authentication token of the default bind DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:285 +#: src/config/SSSDConfig/__init__.py.in:286 msgid "Length of time to attempt connection" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:286 +#: src/config/SSSDConfig/__init__.py.in:287 msgid "Length of time to attempt synchronous LDAP operations" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:287 +#: src/config/SSSDConfig/__init__.py.in:288 msgid "Length of time between attempts to reconnect while offline" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:288 +#: src/config/SSSDConfig/__init__.py.in:289 msgid "Use only the upper case for realm names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:289 +#: src/config/SSSDConfig/__init__.py.in:290 msgid "File that contains CA certificates" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:290 +#: src/config/SSSDConfig/__init__.py.in:291 msgid "Path to CA certificate directory" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:291 +#: src/config/SSSDConfig/__init__.py.in:292 msgid "File that contains the client certificate" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:292 +#: src/config/SSSDConfig/__init__.py.in:293 msgid "File that contains the client key" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:293 +#: src/config/SSSDConfig/__init__.py.in:294 msgid "List of possible ciphers suites" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:294 +#: src/config/SSSDConfig/__init__.py.in:295 msgid "Require TLS certificate verification" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:295 +#: src/config/SSSDConfig/__init__.py.in:296 msgid "Specify the sasl mechanism to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:296 +#: src/config/SSSDConfig/__init__.py.in:297 msgid "Specify the sasl authorization id to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:297 +#: src/config/SSSDConfig/__init__.py.in:298 msgid "Specify the sasl authorization realm to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:298 +#: src/config/SSSDConfig/__init__.py.in:299 msgid "Specify the minimal SSF for LDAP sasl authorization" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:299 +#: src/config/SSSDConfig/__init__.py.in:300 msgid "Kerberos service keytab" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:300 +#: src/config/SSSDConfig/__init__.py.in:301 msgid "Use Kerberos auth for LDAP connection" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:301 +#: src/config/SSSDConfig/__init__.py.in:302 msgid "Follow LDAP referrals" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:302 +#: src/config/SSSDConfig/__init__.py.in:303 msgid "Lifetime of TGT for LDAP connection" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:303 +#: src/config/SSSDConfig/__init__.py.in:304 msgid "How to dereference aliases" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:304 +#: src/config/SSSDConfig/__init__.py.in:305 msgid "Service name for DNS service lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:305 +#: src/config/SSSDConfig/__init__.py.in:306 msgid "The number of records to retrieve in a single LDAP query" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:306 +#: src/config/SSSDConfig/__init__.py.in:307 msgid "The number of members that must be missing to trigger a full deref" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:307 +#: src/config/SSSDConfig/__init__.py.in:308 msgid "" "Whether the LDAP library should perform a reverse lookup to canonicalize the " "host name during a SASL bind" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:309 +#: src/config/SSSDConfig/__init__.py.in:310 msgid "entryUSN attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:310 +#: src/config/SSSDConfig/__init__.py.in:311 msgid "lastUSN attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:312 +#: src/config/SSSDConfig/__init__.py.in:313 msgid "How long to retain a connection to the LDAP server before disconnecting" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:314 +#: src/config/SSSDConfig/__init__.py.in:315 msgid "Disable the LDAP paging control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:315 +#: src/config/SSSDConfig/__init__.py.in:316 msgid "Disable Active Directory range retrieval" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:318 +#: src/config/SSSDConfig/__init__.py.in:319 msgid "Length of time to wait for a search request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:319 +#: src/config/SSSDConfig/__init__.py.in:320 msgid "Length of time to wait for a enumeration request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:320 +#: src/config/SSSDConfig/__init__.py.in:321 msgid "Length of time between enumeration updates" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:321 +#: src/config/SSSDConfig/__init__.py.in:322 msgid "Length of time between cache cleanups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:322 +#: src/config/SSSDConfig/__init__.py.in:323 msgid "Require TLS for ID lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:323 +#: src/config/SSSDConfig/__init__.py.in:324 msgid "Use ID-mapping of objectSID instead of pre-set IDs" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:324 +#: src/config/SSSDConfig/__init__.py.in:325 msgid "Base DN for user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:325 +#: src/config/SSSDConfig/__init__.py.in:326 msgid "Scope of user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:326 +#: src/config/SSSDConfig/__init__.py.in:327 msgid "Filter for user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:327 +#: src/config/SSSDConfig/__init__.py.in:328 msgid "Objectclass for users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:328 +#: src/config/SSSDConfig/__init__.py.in:329 msgid "Username attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:330 +#: src/config/SSSDConfig/__init__.py.in:331 msgid "UID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:331 +#: src/config/SSSDConfig/__init__.py.in:332 msgid "Primary GID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:332 +#: src/config/SSSDConfig/__init__.py.in:333 msgid "GECOS attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:333 +#: src/config/SSSDConfig/__init__.py.in:334 msgid "Home directory attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:334 +#: src/config/SSSDConfig/__init__.py.in:335 msgid "Shell attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:335 +#: src/config/SSSDConfig/__init__.py.in:336 msgid "UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:336 -#: src/config/SSSDConfig/__init__.py.in:378 +#: src/config/SSSDConfig/__init__.py.in:337 +#: src/config/SSSDConfig/__init__.py.in:379 msgid "objectSID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:337 +#: src/config/SSSDConfig/__init__.py.in:338 msgid "Active Directory primary group attribute for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:338 +#: src/config/SSSDConfig/__init__.py.in:339 msgid "User principal attribute (for Kerberos)" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:339 +#: src/config/SSSDConfig/__init__.py.in:340 msgid "Full Name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:341 msgid "memberOf attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:341 +#: src/config/SSSDConfig/__init__.py.in:342 msgid "Modification time attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:343 +#: src/config/SSSDConfig/__init__.py.in:344 msgid "shadowLastChange attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:344 +#: src/config/SSSDConfig/__init__.py.in:345 msgid "shadowMin attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:345 +#: src/config/SSSDConfig/__init__.py.in:346 msgid "shadowMax attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:346 +#: src/config/SSSDConfig/__init__.py.in:347 msgid "shadowWarning attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:347 +#: src/config/SSSDConfig/__init__.py.in:348 msgid "shadowInactive attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:348 +#: src/config/SSSDConfig/__init__.py.in:349 msgid "shadowExpire attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:349 +#: src/config/SSSDConfig/__init__.py.in:350 msgid "shadowFlag attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:350 +#: src/config/SSSDConfig/__init__.py.in:351 msgid "Attribute listing authorized PAM services" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:351 +#: src/config/SSSDConfig/__init__.py.in:352 msgid "Attribute listing authorized server hosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:352 +#: src/config/SSSDConfig/__init__.py.in:353 msgid "Attribute listing authorized server rhosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:353 +#: src/config/SSSDConfig/__init__.py.in:354 msgid "krbLastPwdChange attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:354 +#: src/config/SSSDConfig/__init__.py.in:355 msgid "krbPasswordExpiration attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:355 +#: src/config/SSSDConfig/__init__.py.in:356 msgid "Attribute indicating that server side password policies are active" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:356 +#: src/config/SSSDConfig/__init__.py.in:357 msgid "accountExpires attribute of AD" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:357 +#: src/config/SSSDConfig/__init__.py.in:358 msgid "userAccountControl attribute of AD" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:358 +#: src/config/SSSDConfig/__init__.py.in:359 msgid "nsAccountLock attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:359 +#: src/config/SSSDConfig/__init__.py.in:360 msgid "loginDisabled attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:360 +#: src/config/SSSDConfig/__init__.py.in:361 msgid "loginExpirationTime attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:361 +#: src/config/SSSDConfig/__init__.py.in:362 msgid "loginAllowedTimeMap attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:362 +#: src/config/SSSDConfig/__init__.py.in:363 msgid "SSH public key attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:363 +#: src/config/SSSDConfig/__init__.py.in:364 msgid "attribute listing allowed authentication types for a user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:364 +#: src/config/SSSDConfig/__init__.py.in:365 msgid "attribute containing the X509 certificate of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:365 +#: src/config/SSSDConfig/__init__.py.in:366 msgid "attribute containing the email address of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:367 +#: src/config/SSSDConfig/__init__.py.in:368 msgid "A list of extra attributes to download along with the user entry" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:369 +#: src/config/SSSDConfig/__init__.py.in:370 msgid "Base DN for group lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:372 +#: src/config/SSSDConfig/__init__.py.in:373 msgid "Objectclass for groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:373 +#: src/config/SSSDConfig/__init__.py.in:374 msgid "Group name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:374 +#: src/config/SSSDConfig/__init__.py.in:375 msgid "Group password" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:375 +#: src/config/SSSDConfig/__init__.py.in:376 msgid "GID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:376 +#: src/config/SSSDConfig/__init__.py.in:377 msgid "Group member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:377 +#: src/config/SSSDConfig/__init__.py.in:378 msgid "Group UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:379 +#: src/config/SSSDConfig/__init__.py.in:380 msgid "Modification time attribute for groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:380 +#: src/config/SSSDConfig/__init__.py.in:381 msgid "Type of the group and other flags" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:381 +#: src/config/SSSDConfig/__init__.py.in:382 msgid "The LDAP group external member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:383 -msgid "Maximum nesting level SSSd will follow" +#: src/config/SSSDConfig/__init__.py.in:384 +msgid "Maximum nesting level SSSD will follow" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:385 +#: src/config/SSSDConfig/__init__.py.in:386 msgid "Base DN for netgroup lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:386 +#: src/config/SSSDConfig/__init__.py.in:387 msgid "Objectclass for netgroups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:387 +#: src/config/SSSDConfig/__init__.py.in:388 msgid "Netgroup name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:388 +#: src/config/SSSDConfig/__init__.py.in:389 msgid "Netgroups members attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:389 +#: src/config/SSSDConfig/__init__.py.in:390 msgid "Netgroup triple attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:390 +#: src/config/SSSDConfig/__init__.py.in:391 msgid "Modification time attribute for netgroups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:392 +#: src/config/SSSDConfig/__init__.py.in:393 msgid "Base DN for service lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:393 +#: src/config/SSSDConfig/__init__.py.in:394 msgid "Objectclass for services" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:394 +#: src/config/SSSDConfig/__init__.py.in:395 msgid "Service name attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:395 +#: src/config/SSSDConfig/__init__.py.in:396 msgid "Service port attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:396 +#: src/config/SSSDConfig/__init__.py.in:397 msgid "Service protocol attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:399 +#: src/config/SSSDConfig/__init__.py.in:400 msgid "Lower bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:400 +#: src/config/SSSDConfig/__init__.py.in:401 msgid "Upper bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:401 +#: src/config/SSSDConfig/__init__.py.in:402 msgid "Number of IDs for each slice when ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:402 +#: src/config/SSSDConfig/__init__.py.in:403 msgid "Use autorid-compatible algorithm for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:403 +#: src/config/SSSDConfig/__init__.py.in:404 msgid "Name of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:404 +#: src/config/SSSDConfig/__init__.py.in:405 msgid "SID of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:405 +#: src/config/SSSDConfig/__init__.py.in:406 msgid "Number of secondary slices" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:407 +#: src/config/SSSDConfig/__init__.py.in:408 msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:408 +#: src/config/SSSDConfig/__init__.py.in:409 msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:409 +#: src/config/SSSDConfig/__init__.py.in:410 msgid "Whether to use Token-Groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:410 +#: src/config/SSSDConfig/__init__.py.in:411 msgid "Set lower boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:411 +#: src/config/SSSDConfig/__init__.py.in:412 msgid "Set upper boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:412 +#: src/config/SSSDConfig/__init__.py.in:413 msgid "DN for ppolicy queries" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:413 +#: src/config/SSSDConfig/__init__.py.in:414 msgid "How many maximum entries to fetch during a wildcard request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:416 +#: src/config/SSSDConfig/__init__.py.in:417 msgid "Policy to evaluate the password expiration" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:420 +#: src/config/SSSDConfig/__init__.py.in:421 msgid "Which attributes shall be used to evaluate if an account is expired" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:421 +#: src/config/SSSDConfig/__init__.py.in:422 msgid "Which rules should be used to evaluate access control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:424 +#: src/config/SSSDConfig/__init__.py.in:425 msgid "URI of an LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:425 +#: src/config/SSSDConfig/__init__.py.in:426 msgid "URI of a backup LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:426 +#: src/config/SSSDConfig/__init__.py.in:427 msgid "DNS service name for LDAP password change server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:427 +#: src/config/SSSDConfig/__init__.py.in:428 msgid "" "Whether to update the ldap_user_shadow_last_change attribute after a " "password change" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:430 +#: src/config/SSSDConfig/__init__.py.in:431 msgid "Base DN for sudo rules lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:431 +#: src/config/SSSDConfig/__init__.py.in:432 msgid "Automatic full refresh period" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:432 +#: src/config/SSSDConfig/__init__.py.in:433 msgid "Automatic smart refresh period" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:433 +#: src/config/SSSDConfig/__init__.py.in:434 msgid "Whether to filter rules by hostname, IP addresses and network" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:434 +#: src/config/SSSDConfig/__init__.py.in:435 msgid "" "Hostnames and/or fully qualified domain names of this machine to filter sudo " "rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:435 +#: src/config/SSSDConfig/__init__.py.in:436 msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:436 +#: src/config/SSSDConfig/__init__.py.in:437 msgid "Whether to include rules that contains netgroup in host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:437 +#: src/config/SSSDConfig/__init__.py.in:438 msgid "" "Whether to include rules that contains regular expression in host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:438 +#: src/config/SSSDConfig/__init__.py.in:439 msgid "Object class for sudo rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:439 +#: src/config/SSSDConfig/__init__.py.in:440 msgid "Sudo rule name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:440 +#: src/config/SSSDConfig/__init__.py.in:441 msgid "Sudo rule command attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:441 +#: src/config/SSSDConfig/__init__.py.in:442 msgid "Sudo rule host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:442 +#: src/config/SSSDConfig/__init__.py.in:443 msgid "Sudo rule user attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:443 +#: src/config/SSSDConfig/__init__.py.in:444 msgid "Sudo rule option attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:444 +#: src/config/SSSDConfig/__init__.py.in:445 msgid "Sudo rule runas attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:445 +#: src/config/SSSDConfig/__init__.py.in:446 msgid "Sudo rule runasuser attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:446 +#: src/config/SSSDConfig/__init__.py.in:447 msgid "Sudo rule runasgroup attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:447 +#: src/config/SSSDConfig/__init__.py.in:448 msgid "Sudo rule notbefore attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:448 +#: src/config/SSSDConfig/__init__.py.in:449 msgid "Sudo rule notafter attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:449 +#: src/config/SSSDConfig/__init__.py.in:450 msgid "Sudo rule order attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:452 +#: src/config/SSSDConfig/__init__.py.in:453 msgid "Object class for automounter maps" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:453 +#: src/config/SSSDConfig/__init__.py.in:454 msgid "Automounter map name attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:454 +#: src/config/SSSDConfig/__init__.py.in:455 msgid "Object class for automounter map entries" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:455 +#: src/config/SSSDConfig/__init__.py.in:456 msgid "Automounter map entry key attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:456 +#: src/config/SSSDConfig/__init__.py.in:457 msgid "Automounter map entry value attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:457 +#: src/config/SSSDConfig/__init__.py.in:458 msgid "Base DN for automounter map lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:460 +#: src/config/SSSDConfig/__init__.py.in:461 msgid "Comma separated list of allowed users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:461 +#: src/config/SSSDConfig/__init__.py.in:462 msgid "Comma separated list of prohibited users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:464 +#: src/config/SSSDConfig/__init__.py.in:465 msgid "Default shell, /bin/bash" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:465 +#: src/config/SSSDConfig/__init__.py.in:466 msgid "Base for home directories" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:468 +#: src/config/SSSDConfig/__init__.py.in:469 msgid "The number of preforked proxy children." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:471 +#: src/config/SSSDConfig/__init__.py.in:472 msgid "The name of the NSS library to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:472 +#: src/config/SSSDConfig/__init__.py.in:473 msgid "Whether to look up canonical group name from cache if possible" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:475 +#: src/config/SSSDConfig/__init__.py.in:476 msgid "PAM stack to use" msgstr "" -#: src/monitor/monitor.c:2469 +#: src/monitor/monitor.c:2449 msgid "Become a daemon (default)" msgstr "" -#: src/monitor/monitor.c:2471 +#: src/monitor/monitor.c:2451 msgid "Run interactive (not a daemon)" msgstr "" -#: src/monitor/monitor.c:2474 +#: src/monitor/monitor.c:2454 msgid "Disable netlink interface" msgstr "" -#: src/monitor/monitor.c:2476 src/tools/sssctl/sssctl_logs.c:311 +#: src/monitor/monitor.c:2456 src/tools/sssctl/sssctl_logs.c:311 msgid "Specify a non-default config file" msgstr "" -#: src/monitor/monitor.c:2478 +#: src/monitor/monitor.c:2458 msgid "Refresh the configuration database, then exit" msgstr "" -#: src/monitor/monitor.c:2481 +#: src/monitor/monitor.c:2461 msgid "Print version number and exit" msgstr "" -#: src/monitor/monitor.c:2645 +#: src/monitor/monitor.c:2627 msgid "SSSD is already running\n" msgstr "" -#: src/providers/krb5/krb5_child.c:3032 src/providers/ldap/ldap_child.c:616 +#: src/providers/krb5/krb5_child.c:3216 src/providers/ldap/ldap_child.c:617 msgid "Debug level" msgstr "" -#: src/providers/krb5/krb5_child.c:3034 src/providers/ldap/ldap_child.c:618 +#: src/providers/krb5/krb5_child.c:3218 src/providers/ldap/ldap_child.c:619 msgid "Add debug timestamps" msgstr "" -#: src/providers/krb5/krb5_child.c:3036 src/providers/ldap/ldap_child.c:620 +#: src/providers/krb5/krb5_child.c:3220 src/providers/ldap/ldap_child.c:621 msgid "Show timestamps with microseconds" msgstr "" -#: src/providers/krb5/krb5_child.c:3038 src/providers/ldap/ldap_child.c:622 +#: src/providers/krb5/krb5_child.c:3222 src/providers/ldap/ldap_child.c:623 msgid "An open file descriptor for the debug logs" msgstr "" -#: src/providers/krb5/krb5_child.c:3041 src/providers/ldap/ldap_child.c:624 +#: src/providers/krb5/krb5_child.c:3225 src/providers/ldap/ldap_child.c:625 msgid "Send the debug output to stderr directly." msgstr "" -#: src/providers/krb5/krb5_child.c:3043 +#: src/providers/krb5/krb5_child.c:3228 msgid "The user to create FAST ccache as" msgstr "" -#: src/providers/krb5/krb5_child.c:3045 +#: src/providers/krb5/krb5_child.c:3230 msgid "The group to create FAST ccache as" msgstr "" -#: src/providers/krb5/krb5_child.c:3047 +#: src/providers/krb5/krb5_child.c:3232 msgid "Kerberos realm to use" msgstr "" -#: src/providers/krb5/krb5_child.c:3049 +#: src/providers/krb5/krb5_child.c:3234 msgid "Requested lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:3051 +#: src/providers/krb5/krb5_child.c:3236 msgid "Requested renewable lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:3053 +#: src/providers/krb5/krb5_child.c:3238 msgid "FAST options ('never', 'try', 'demand')" msgstr "" -#: src/providers/krb5/krb5_child.c:3056 +#: src/providers/krb5/krb5_child.c:3241 msgid "Specifies the server principal to use for FAST" msgstr "" -#: src/providers/krb5/krb5_child.c:3058 +#: src/providers/krb5/krb5_child.c:3243 msgid "Requests canonicalization of the principal name" msgstr "" -#: src/providers/data_provider_be.c:553 +#: src/providers/krb5/krb5_child.c:3245 +msgid "Use custom version of krb5_get_init_creds_password" +msgstr "" + +#: src/providers/data_provider_be.c:555 msgid "Domain of the information provider (mandatory)" msgstr "" -#: src/sss_client/common.c:1061 +#: src/sss_client/common.c:1066 msgid "Privileged socket has wrong ownership or permissions." msgstr "" -#: src/sss_client/common.c:1064 +#: src/sss_client/common.c:1069 msgid "Public socket has wrong ownership or permissions." msgstr "" -#: src/sss_client/common.c:1067 +#: src/sss_client/common.c:1072 msgid "Unexpected format of the server credential message." msgstr "" -#: src/sss_client/common.c:1070 +#: src/sss_client/common.c:1075 msgid "SSSD is not run by root." msgstr "" -#: src/sss_client/common.c:1075 +#: src/sss_client/common.c:1080 msgid "An error occurred, but no description can be found." msgstr "" -#: src/sss_client/common.c:1081 +#: src/sss_client/common.c:1086 msgid "Unexpected error while looking for an error description" msgstr "" -#: src/sss_client/pam_sss.c:68 +#: src/sss_client/pam_sss.c:76 msgid "Permission denied. " msgstr "" -#: src/sss_client/pam_sss.c:69 src/sss_client/pam_sss.c:746 -#: src/sss_client/pam_sss.c:757 +#: src/sss_client/pam_sss.c:77 src/sss_client/pam_sss.c:782 +#: src/sss_client/pam_sss.c:793 msgid "Server message: " msgstr "" -#: src/sss_client/pam_sss.c:264 +#: src/sss_client/pam_sss.c:300 msgid "Passwords do not match" msgstr "" -#: src/sss_client/pam_sss.c:452 +#: src/sss_client/pam_sss.c:488 msgid "Password reset by root is not supported." msgstr "" -#: src/sss_client/pam_sss.c:493 +#: src/sss_client/pam_sss.c:529 msgid "Authenticated with cached credentials" msgstr "" -#: src/sss_client/pam_sss.c:494 +#: src/sss_client/pam_sss.c:530 msgid ", your cached password will expire at: " msgstr "" -#: src/sss_client/pam_sss.c:524 +#: src/sss_client/pam_sss.c:560 #, c-format msgid "Your password has expired. You have %1$d grace login(s) remaining." msgstr "" -#: src/sss_client/pam_sss.c:570 +#: src/sss_client/pam_sss.c:606 #, c-format msgid "Your password will expire in %1$d %2$s." msgstr "" -#: src/sss_client/pam_sss.c:619 +#: src/sss_client/pam_sss.c:655 msgid "Authentication is denied until: " msgstr "" -#: src/sss_client/pam_sss.c:640 +#: src/sss_client/pam_sss.c:676 msgid "System is offline, password change not possible" msgstr "" -#: src/sss_client/pam_sss.c:655 +#: src/sss_client/pam_sss.c:691 msgid "" "After changing the OTP password, you need to log out and back in order to " "acquire a ticket" msgstr "" -#: src/sss_client/pam_sss.c:743 src/sss_client/pam_sss.c:756 +#: src/sss_client/pam_sss.c:779 src/sss_client/pam_sss.c:792 msgid "Password change failed. " msgstr "" -#: src/sss_client/pam_sss.c:1670 +#: src/sss_client/pam_sss.c:1926 msgid "New Password: " msgstr "" -#: src/sss_client/pam_sss.c:1671 +#: src/sss_client/pam_sss.c:1927 msgid "Reenter new Password: " msgstr "" -#: src/sss_client/pam_sss.c:1783 src/sss_client/pam_sss.c:1786 +#: src/sss_client/pam_sss.c:2039 src/sss_client/pam_sss.c:2042 msgid "First Factor: " msgstr "" -#: src/sss_client/pam_sss.c:1784 +#: src/sss_client/pam_sss.c:2040 src/sss_client/pam_sss.c:2202 msgid "Second Factor (optional): " msgstr "" -#: src/sss_client/pam_sss.c:1787 +#: src/sss_client/pam_sss.c:2043 src/sss_client/pam_sss.c:2205 msgid "Second Factor: " msgstr "" -#: src/sss_client/pam_sss.c:1792 +#: src/sss_client/pam_sss.c:2058 msgid "Password: " msgstr "" -#: src/sss_client/pam_sss.c:1832 +#: src/sss_client/pam_sss.c:2201 src/sss_client/pam_sss.c:2204 +msgid "First Factor (Current Password): " +msgstr "" + +#: src/sss_client/pam_sss.c:2208 msgid "Current Password: " msgstr "" -#: src/sss_client/pam_sss.c:2098 +#: src/sss_client/pam_sss.c:2536 msgid "Password expired. Change your password now." msgstr "" @@ -2275,38 +2287,38 @@ msgstr "" msgid "Cached in InfoPipe" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:511 +#: src/tools/sssctl/sssctl_cache.c:512 #, c-format msgid "Error: Unable to get object [%d]: %s\n" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:527 +#: src/tools/sssctl/sssctl_cache.c:528 #, c-format msgid "%s: Unable to read value [%d]: %s\n" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:555 +#: src/tools/sssctl/sssctl_cache.c:556 msgid "Specify name." msgstr "" -#: src/tools/sssctl/sssctl_cache.c:565 +#: src/tools/sssctl/sssctl_cache.c:566 #, c-format msgid "Unable to parse name %s.\n" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:591 src/tools/sssctl/sssctl_cache.c:638 +#: src/tools/sssctl/sssctl_cache.c:592 src/tools/sssctl/sssctl_cache.c:639 msgid "Search by SID" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:592 +#: src/tools/sssctl/sssctl_cache.c:593 msgid "Search by user ID" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:601 +#: src/tools/sssctl/sssctl_cache.c:602 msgid "Initgroups expiration time" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:639 +#: src/tools/sssctl/sssctl_cache.c:640 msgid "Search by group ID" msgstr "" @@ -2344,7 +2356,7 @@ msgid "Unable to create backup directory [%d]: %s" msgstr "" #: src/tools/sssctl/sssctl_data.c:95 -msgid "SSSD backup of local data already exist, override?" +msgid "SSSD backup of local data already exists, override?" msgstr "" #: src/tools/sssctl/sssctl_data.c:111 diff --git a/po/ru.po b/po/ru.po index 795c8601562..59b4105655e 100644 --- a/po/ru.po +++ b/po/ru.po @@ -9,7 +9,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2017-10-20 16:16+0200\n" +"POT-Creation-Date: 2018-03-09 12:31+0100\n" "PO-Revision-Date: 2016-02-23 10:04-0500\n" "Last-Translator: Oleksii Levan \n" "Language-Team: Russian (http://www.transifex.com/projects/p/sssd/language/" @@ -519,12 +519,12 @@ msgid "Whether to automatically update the client's DNS entry" msgstr "" #: src/config/SSSDConfig/__init__.py.in:184 -#: src/config/SSSDConfig/__init__.py.in:205 +#: src/config/SSSDConfig/__init__.py.in:206 msgid "The TTL to apply to the client's DNS entry after updating it" msgstr "" #: src/config/SSSDConfig/__init__.py.in:185 -#: src/config/SSSDConfig/__init__.py.in:206 +#: src/config/SSSDConfig/__init__.py.in:207 msgid "The interface whose IP should be used for dynamic DNS updates" msgstr "Интерфейс, адрес которого будет использован для обновления DNS" @@ -568,1119 +568,1133 @@ msgstr "" msgid "How long can cached credentials be used for cached authentication" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:200 +#: src/config/SSSDConfig/__init__.py.in:198 +#, fuzzy +msgid "Whether to automatically create private groups for users" +msgstr "Если требуется автоматическое обновление записи в" + +#: src/config/SSSDConfig/__init__.py.in:201 msgid "IPA domain" msgstr "IPA-домен" -#: src/config/SSSDConfig/__init__.py.in:201 +#: src/config/SSSDConfig/__init__.py.in:202 msgid "IPA server address" msgstr "адрес сервера IPA" -#: src/config/SSSDConfig/__init__.py.in:202 +#: src/config/SSSDConfig/__init__.py.in:203 msgid "Address of backup IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:203 +#: src/config/SSSDConfig/__init__.py.in:204 msgid "IPA client hostname" msgstr "имя узла клиента IPA" -#: src/config/SSSDConfig/__init__.py.in:204 +#: src/config/SSSDConfig/__init__.py.in:205 msgid "Whether to automatically update the client's DNS entry in FreeIPA" msgstr "Если требуется автоматическое обновление записи в" -#: src/config/SSSDConfig/__init__.py.in:207 +#: src/config/SSSDConfig/__init__.py.in:208 msgid "Search base for HBAC related objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:208 +#: src/config/SSSDConfig/__init__.py.in:209 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:209 +#: src/config/SSSDConfig/__init__.py.in:210 msgid "" "The amount of time in seconds between lookups of the SELinux maps against " "the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:210 +#: src/config/SSSDConfig/__init__.py.in:211 msgid "If set to false, host argument given by PAM will be ignored" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:211 +#: src/config/SSSDConfig/__init__.py.in:212 msgid "The automounter location this IPA client is using" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:212 +#: src/config/SSSDConfig/__init__.py.in:213 msgid "Search base for object containing info about IPA domain" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:213 +#: src/config/SSSDConfig/__init__.py.in:214 msgid "Search base for objects containing info about ID ranges" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:214 -#: src/config/SSSDConfig/__init__.py.in:232 +#: src/config/SSSDConfig/__init__.py.in:215 +#: src/config/SSSDConfig/__init__.py.in:233 msgid "Enable DNS sites - location based service discovery" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:215 +#: src/config/SSSDConfig/__init__.py.in:216 msgid "Search base for view containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:216 +#: src/config/SSSDConfig/__init__.py.in:217 msgid "Objectclass for view containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:217 +#: src/config/SSSDConfig/__init__.py.in:218 msgid "Attribute with the name of the view" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:218 +#: src/config/SSSDConfig/__init__.py.in:219 msgid "Objectclass for override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:219 +#: src/config/SSSDConfig/__init__.py.in:220 msgid "Attribute with the reference to the original object" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:220 +#: src/config/SSSDConfig/__init__.py.in:221 msgid "Objectclass for user override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:221 +#: src/config/SSSDConfig/__init__.py.in:222 msgid "Objectclass for group override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:222 +#: src/config/SSSDConfig/__init__.py.in:223 msgid "Search base for Desktop Profile related objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:223 +#: src/config/SSSDConfig/__init__.py.in:224 msgid "" "The amount of time in seconds between lookups of the Desktop Profile rules " "against the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:224 +#: src/config/SSSDConfig/__init__.py.in:225 msgid "" "The amount of time in minutes between lookups of Desktop Profiles rules " "against the IPA server when the last request did not find any rule" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:227 +#: src/config/SSSDConfig/__init__.py.in:228 msgid "Active Directory domain" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:228 +#: src/config/SSSDConfig/__init__.py.in:229 msgid "Enabled Active Directory domains" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:229 +#: src/config/SSSDConfig/__init__.py.in:230 msgid "Active Directory server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:230 +#: src/config/SSSDConfig/__init__.py.in:231 msgid "Active Directory backup server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:231 +#: src/config/SSSDConfig/__init__.py.in:232 msgid "Active Directory client hostname" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:233 -#: src/config/SSSDConfig/__init__.py.in:419 +#: src/config/SSSDConfig/__init__.py.in:234 +#: src/config/SSSDConfig/__init__.py.in:420 msgid "LDAP filter to determine access privileges" msgstr "Фильтр LDAP для определения прав доступа" -#: src/config/SSSDConfig/__init__.py.in:234 +#: src/config/SSSDConfig/__init__.py.in:235 msgid "Whether to use the Global Catalog for lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:235 +#: src/config/SSSDConfig/__init__.py.in:236 msgid "Operation mode for GPO-based access control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:236 +#: src/config/SSSDConfig/__init__.py.in:237 msgid "" "The amount of time between lookups of the GPO policy files against the AD " "server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:237 +#: src/config/SSSDConfig/__init__.py.in:238 msgid "" "PAM service names that map to the GPO (Deny)InteractiveLogonRight policy " "settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:238 +#: src/config/SSSDConfig/__init__.py.in:239 msgid "" "PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight " "policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:239 +#: src/config/SSSDConfig/__init__.py.in:240 msgid "" "PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:240 +#: src/config/SSSDConfig/__init__.py.in:241 msgid "" "PAM service names that map to the GPO (Deny)BatchLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:241 +#: src/config/SSSDConfig/__init__.py.in:242 msgid "" "PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:242 +#: src/config/SSSDConfig/__init__.py.in:243 msgid "PAM service names for which GPO-based access is always granted" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:243 +#: src/config/SSSDConfig/__init__.py.in:244 msgid "PAM service names for which GPO-based access is always denied" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:244 +#: src/config/SSSDConfig/__init__.py.in:245 msgid "" "Default logon right (or permit/deny) to use for unmapped PAM service names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:245 +#: src/config/SSSDConfig/__init__.py.in:246 msgid "a particular site to be used by the client" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:246 +#: src/config/SSSDConfig/__init__.py.in:247 msgid "" "Maximum age in days before the machine account password should be renewed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:247 +#: src/config/SSSDConfig/__init__.py.in:248 msgid "Option for tuning the machine account renewal task" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:250 #: src/config/SSSDConfig/__init__.py.in:251 +#: src/config/SSSDConfig/__init__.py.in:252 msgid "Kerberos server address" msgstr "Имя сервера Kerberos" -#: src/config/SSSDConfig/__init__.py.in:252 +#: src/config/SSSDConfig/__init__.py.in:253 msgid "Kerberos backup server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:253 +#: src/config/SSSDConfig/__init__.py.in:254 msgid "Kerberos realm" msgstr "Область действия Kerberos" -#: src/config/SSSDConfig/__init__.py.in:254 +#: src/config/SSSDConfig/__init__.py.in:255 msgid "Authentication timeout" msgstr "Тайм-аут проверки подлинности" -#: src/config/SSSDConfig/__init__.py.in:255 +#: src/config/SSSDConfig/__init__.py.in:256 msgid "Whether to create kdcinfo files" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:256 +#: src/config/SSSDConfig/__init__.py.in:257 msgid "Where to drop krb5 config snippets" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:259 +#: src/config/SSSDConfig/__init__.py.in:260 msgid "Directory to store credential caches" msgstr "Каталог для хранения кэшей учётных данных" -#: src/config/SSSDConfig/__init__.py.in:260 +#: src/config/SSSDConfig/__init__.py.in:261 msgid "Location of the user's credential cache" msgstr "Расположения кэша учётных данных пользователей" -#: src/config/SSSDConfig/__init__.py.in:261 +#: src/config/SSSDConfig/__init__.py.in:262 msgid "Location of the keytab to validate credentials" msgstr "Расположение keytab-файла для проверки учётных данных" -#: src/config/SSSDConfig/__init__.py.in:262 +#: src/config/SSSDConfig/__init__.py.in:263 msgid "Enable credential validation" msgstr "Включить проверку учётных данных" -#: src/config/SSSDConfig/__init__.py.in:263 +#: src/config/SSSDConfig/__init__.py.in:264 msgid "Store password if offline for later online authentication" msgstr "" "При отсутствии соединения сохранить пароль и пройти аутентификацию позже" -#: src/config/SSSDConfig/__init__.py.in:264 +#: src/config/SSSDConfig/__init__.py.in:265 msgid "Renewable lifetime of the TGT" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:265 +#: src/config/SSSDConfig/__init__.py.in:266 msgid "Lifetime of the TGT" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:266 +#: src/config/SSSDConfig/__init__.py.in:267 msgid "Time between two checks for renewal" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:267 +#: src/config/SSSDConfig/__init__.py.in:268 msgid "Enables FAST" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:268 +#: src/config/SSSDConfig/__init__.py.in:269 msgid "Selects the principal to use for FAST" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:269 +#: src/config/SSSDConfig/__init__.py.in:270 msgid "Enables principal canonicalization" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:270 +#: src/config/SSSDConfig/__init__.py.in:271 msgid "Enables enterprise principals" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:271 -msgid "A mapping from user names to kerberos principal names" +#: src/config/SSSDConfig/__init__.py.in:272 +msgid "A mapping from user names to Kerberos principal names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:274 #: src/config/SSSDConfig/__init__.py.in:275 +#: src/config/SSSDConfig/__init__.py.in:276 msgid "Server where the change password service is running if not on the KDC" msgstr "Сервер, на котором запущена служба смены пароля (если не на KDC)" -#: src/config/SSSDConfig/__init__.py.in:278 +#: src/config/SSSDConfig/__init__.py.in:279 msgid "ldap_uri, The URI of the LDAP server" msgstr "ldap_uri, URI сервера LDAP " -#: src/config/SSSDConfig/__init__.py.in:279 +#: src/config/SSSDConfig/__init__.py.in:280 msgid "ldap_backup_uri, The URI of the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:280 +#: src/config/SSSDConfig/__init__.py.in:281 msgid "The default base DN" msgstr "Base DN по умолчанию" -#: src/config/SSSDConfig/__init__.py.in:281 +#: src/config/SSSDConfig/__init__.py.in:282 msgid "The Schema Type in use on the LDAP server, rfc2307" msgstr "Тип схемы, используемой на LDAP-сервере, rfc2307" -#: src/config/SSSDConfig/__init__.py.in:282 +#: src/config/SSSDConfig/__init__.py.in:283 msgid "The default bind DN" msgstr "Bind DN по умолчанию" -#: src/config/SSSDConfig/__init__.py.in:283 +#: src/config/SSSDConfig/__init__.py.in:284 msgid "The type of the authentication token of the default bind DN" msgstr "Тип маркера проверки подлинности для bind DN по умолчанию" -#: src/config/SSSDConfig/__init__.py.in:284 +#: src/config/SSSDConfig/__init__.py.in:285 msgid "The authentication token of the default bind DN" msgstr "Маркер проверки подлинности для bind DN по умолчанию" -#: src/config/SSSDConfig/__init__.py.in:285 +#: src/config/SSSDConfig/__init__.py.in:286 msgid "Length of time to attempt connection" msgstr "Временной интервал для попытки соединения" -#: src/config/SSSDConfig/__init__.py.in:286 +#: src/config/SSSDConfig/__init__.py.in:287 msgid "Length of time to attempt synchronous LDAP operations" msgstr "Временной интервал для попытки синхронизации операций LDAP" -#: src/config/SSSDConfig/__init__.py.in:287 +#: src/config/SSSDConfig/__init__.py.in:288 msgid "Length of time between attempts to reconnect while offline" msgstr "" "Временной интервал между попытками возобновления соединения в автономного " "режиме" -#: src/config/SSSDConfig/__init__.py.in:288 +#: src/config/SSSDConfig/__init__.py.in:289 msgid "Use only the upper case for realm names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:289 +#: src/config/SSSDConfig/__init__.py.in:290 msgid "File that contains CA certificates" msgstr "Файл содержащий сертификаты CA" -#: src/config/SSSDConfig/__init__.py.in:290 +#: src/config/SSSDConfig/__init__.py.in:291 msgid "Path to CA certificate directory" msgstr "Путь к каталогу с сертификатами CA" -#: src/config/SSSDConfig/__init__.py.in:291 +#: src/config/SSSDConfig/__init__.py.in:292 msgid "File that contains the client certificate" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:292 +#: src/config/SSSDConfig/__init__.py.in:293 msgid "File that contains the client key" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:293 +#: src/config/SSSDConfig/__init__.py.in:294 msgid "List of possible ciphers suites" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:294 +#: src/config/SSSDConfig/__init__.py.in:295 msgid "Require TLS certificate verification" msgstr "Требуется проверка сертификата TLS" -#: src/config/SSSDConfig/__init__.py.in:295 +#: src/config/SSSDConfig/__init__.py.in:296 msgid "Specify the sasl mechanism to use" msgstr "Укажите механизм sasl" -#: src/config/SSSDConfig/__init__.py.in:296 +#: src/config/SSSDConfig/__init__.py.in:297 msgid "Specify the sasl authorization id to use" msgstr "Укажите идентификатор авторизации sasl" -#: src/config/SSSDConfig/__init__.py.in:297 +#: src/config/SSSDConfig/__init__.py.in:298 msgid "Specify the sasl authorization realm to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:298 +#: src/config/SSSDConfig/__init__.py.in:299 msgid "Specify the minimal SSF for LDAP sasl authorization" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:299 +#: src/config/SSSDConfig/__init__.py.in:300 msgid "Kerberos service keytab" msgstr "Keytab-файл службы Kerberos" -#: src/config/SSSDConfig/__init__.py.in:300 +#: src/config/SSSDConfig/__init__.py.in:301 msgid "Use Kerberos auth for LDAP connection" msgstr "Использовать проверку подлинности Kerberos для LDAP-соединения" -#: src/config/SSSDConfig/__init__.py.in:301 +#: src/config/SSSDConfig/__init__.py.in:302 msgid "Follow LDAP referrals" msgstr "Следовать ссылкам LDAP" -#: src/config/SSSDConfig/__init__.py.in:302 +#: src/config/SSSDConfig/__init__.py.in:303 msgid "Lifetime of TGT for LDAP connection" msgstr "Время жизни TGT для LDAP-соединений" -#: src/config/SSSDConfig/__init__.py.in:303 +#: src/config/SSSDConfig/__init__.py.in:304 msgid "How to dereference aliases" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:304 +#: src/config/SSSDConfig/__init__.py.in:305 msgid "Service name for DNS service lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:305 +#: src/config/SSSDConfig/__init__.py.in:306 msgid "The number of records to retrieve in a single LDAP query" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:306 +#: src/config/SSSDConfig/__init__.py.in:307 msgid "The number of members that must be missing to trigger a full deref" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:307 +#: src/config/SSSDConfig/__init__.py.in:308 msgid "" "Whether the LDAP library should perform a reverse lookup to canonicalize the " "host name during a SASL bind" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:309 +#: src/config/SSSDConfig/__init__.py.in:310 msgid "entryUSN attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:310 +#: src/config/SSSDConfig/__init__.py.in:311 msgid "lastUSN attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:312 +#: src/config/SSSDConfig/__init__.py.in:313 msgid "How long to retain a connection to the LDAP server before disconnecting" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:314 +#: src/config/SSSDConfig/__init__.py.in:315 msgid "Disable the LDAP paging control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:315 +#: src/config/SSSDConfig/__init__.py.in:316 msgid "Disable Active Directory range retrieval" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:318 +#: src/config/SSSDConfig/__init__.py.in:319 msgid "Length of time to wait for a search request" msgstr "Временной интервал, в течение которого ожидать поискового запроса" -#: src/config/SSSDConfig/__init__.py.in:319 +#: src/config/SSSDConfig/__init__.py.in:320 msgid "Length of time to wait for a enumeration request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:320 +#: src/config/SSSDConfig/__init__.py.in:321 msgid "Length of time between enumeration updates" msgstr "Временной интервал между обновлениями перечисления" -#: src/config/SSSDConfig/__init__.py.in:321 +#: src/config/SSSDConfig/__init__.py.in:322 msgid "Length of time between cache cleanups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:322 +#: src/config/SSSDConfig/__init__.py.in:323 msgid "Require TLS for ID lookups" msgstr "Требовать TLS для запросов ID" -#: src/config/SSSDConfig/__init__.py.in:323 +#: src/config/SSSDConfig/__init__.py.in:324 msgid "Use ID-mapping of objectSID instead of pre-set IDs" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:324 +#: src/config/SSSDConfig/__init__.py.in:325 msgid "Base DN for user lookups" msgstr "Base DN для поиска" -#: src/config/SSSDConfig/__init__.py.in:325 +#: src/config/SSSDConfig/__init__.py.in:326 msgid "Scope of user lookups" msgstr "Глубина поиска" -#: src/config/SSSDConfig/__init__.py.in:326 +#: src/config/SSSDConfig/__init__.py.in:327 msgid "Filter for user lookups" msgstr "Фильтр поиска" -#: src/config/SSSDConfig/__init__.py.in:327 +#: src/config/SSSDConfig/__init__.py.in:328 msgid "Objectclass for users" msgstr "Objectclass для пользователей" -#: src/config/SSSDConfig/__init__.py.in:328 +#: src/config/SSSDConfig/__init__.py.in:329 msgid "Username attribute" msgstr "Атрибут «username»" -#: src/config/SSSDConfig/__init__.py.in:330 +#: src/config/SSSDConfig/__init__.py.in:331 msgid "UID attribute" msgstr "Атрибут «UID»" -#: src/config/SSSDConfig/__init__.py.in:331 +#: src/config/SSSDConfig/__init__.py.in:332 msgid "Primary GID attribute" msgstr "Атрибут «primary GID»" -#: src/config/SSSDConfig/__init__.py.in:332 +#: src/config/SSSDConfig/__init__.py.in:333 msgid "GECOS attribute" msgstr "Атрибут «GECOS»" -#: src/config/SSSDConfig/__init__.py.in:333 +#: src/config/SSSDConfig/__init__.py.in:334 msgid "Home directory attribute" msgstr "Атрибут домашнего каталога" -#: src/config/SSSDConfig/__init__.py.in:334 +#: src/config/SSSDConfig/__init__.py.in:335 msgid "Shell attribute" msgstr "Атрибут оболочки" -#: src/config/SSSDConfig/__init__.py.in:335 +#: src/config/SSSDConfig/__init__.py.in:336 msgid "UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:336 -#: src/config/SSSDConfig/__init__.py.in:378 +#: src/config/SSSDConfig/__init__.py.in:337 +#: src/config/SSSDConfig/__init__.py.in:379 msgid "objectSID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:337 +#: src/config/SSSDConfig/__init__.py.in:338 msgid "Active Directory primary group attribute for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:338 +#: src/config/SSSDConfig/__init__.py.in:339 msgid "User principal attribute (for Kerberos)" msgstr "Атрибут участника-пользователя (для Kerberos)" -#: src/config/SSSDConfig/__init__.py.in:339 +#: src/config/SSSDConfig/__init__.py.in:340 msgid "Full Name" msgstr "Полное имя" -#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:341 msgid "memberOf attribute" msgstr "Атрибут memberOf" -#: src/config/SSSDConfig/__init__.py.in:341 +#: src/config/SSSDConfig/__init__.py.in:342 msgid "Modification time attribute" msgstr "Атрибут времени изменения" -#: src/config/SSSDConfig/__init__.py.in:343 +#: src/config/SSSDConfig/__init__.py.in:344 msgid "shadowLastChange attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:344 +#: src/config/SSSDConfig/__init__.py.in:345 msgid "shadowMin attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:345 +#: src/config/SSSDConfig/__init__.py.in:346 msgid "shadowMax attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:346 +#: src/config/SSSDConfig/__init__.py.in:347 msgid "shadowWarning attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:347 +#: src/config/SSSDConfig/__init__.py.in:348 msgid "shadowInactive attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:348 +#: src/config/SSSDConfig/__init__.py.in:349 msgid "shadowExpire attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:349 +#: src/config/SSSDConfig/__init__.py.in:350 msgid "shadowFlag attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:350 +#: src/config/SSSDConfig/__init__.py.in:351 msgid "Attribute listing authorized PAM services" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:351 +#: src/config/SSSDConfig/__init__.py.in:352 msgid "Attribute listing authorized server hosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:352 +#: src/config/SSSDConfig/__init__.py.in:353 msgid "Attribute listing authorized server rhosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:353 +#: src/config/SSSDConfig/__init__.py.in:354 msgid "krbLastPwdChange attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:354 +#: src/config/SSSDConfig/__init__.py.in:355 msgid "krbPasswordExpiration attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:355 +#: src/config/SSSDConfig/__init__.py.in:356 msgid "Attribute indicating that server side password policies are active" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:356 +#: src/config/SSSDConfig/__init__.py.in:357 msgid "accountExpires attribute of AD" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:357 +#: src/config/SSSDConfig/__init__.py.in:358 msgid "userAccountControl attribute of AD" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:358 +#: src/config/SSSDConfig/__init__.py.in:359 msgid "nsAccountLock attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:359 +#: src/config/SSSDConfig/__init__.py.in:360 msgid "loginDisabled attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:360 +#: src/config/SSSDConfig/__init__.py.in:361 msgid "loginExpirationTime attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:361 +#: src/config/SSSDConfig/__init__.py.in:362 msgid "loginAllowedTimeMap attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:362 +#: src/config/SSSDConfig/__init__.py.in:363 msgid "SSH public key attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:363 +#: src/config/SSSDConfig/__init__.py.in:364 msgid "attribute listing allowed authentication types for a user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:364 +#: src/config/SSSDConfig/__init__.py.in:365 msgid "attribute containing the X509 certificate of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:365 +#: src/config/SSSDConfig/__init__.py.in:366 msgid "attribute containing the email address of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:367 +#: src/config/SSSDConfig/__init__.py.in:368 msgid "A list of extra attributes to download along with the user entry" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:369 +#: src/config/SSSDConfig/__init__.py.in:370 msgid "Base DN for group lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:372 +#: src/config/SSSDConfig/__init__.py.in:373 msgid "Objectclass for groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:373 +#: src/config/SSSDConfig/__init__.py.in:374 msgid "Group name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:374 +#: src/config/SSSDConfig/__init__.py.in:375 msgid "Group password" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:375 +#: src/config/SSSDConfig/__init__.py.in:376 msgid "GID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:376 +#: src/config/SSSDConfig/__init__.py.in:377 msgid "Group member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:377 +#: src/config/SSSDConfig/__init__.py.in:378 msgid "Group UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:379 +#: src/config/SSSDConfig/__init__.py.in:380 msgid "Modification time attribute for groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:380 +#: src/config/SSSDConfig/__init__.py.in:381 msgid "Type of the group and other flags" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:381 +#: src/config/SSSDConfig/__init__.py.in:382 msgid "The LDAP group external member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:383 -msgid "Maximum nesting level SSSd will follow" +#: src/config/SSSDConfig/__init__.py.in:384 +msgid "Maximum nesting level SSSD will follow" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:385 +#: src/config/SSSDConfig/__init__.py.in:386 msgid "Base DN for netgroup lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:386 +#: src/config/SSSDConfig/__init__.py.in:387 msgid "Objectclass for netgroups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:387 +#: src/config/SSSDConfig/__init__.py.in:388 msgid "Netgroup name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:388 +#: src/config/SSSDConfig/__init__.py.in:389 msgid "Netgroups members attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:389 +#: src/config/SSSDConfig/__init__.py.in:390 msgid "Netgroup triple attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:390 +#: src/config/SSSDConfig/__init__.py.in:391 msgid "Modification time attribute for netgroups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:392 +#: src/config/SSSDConfig/__init__.py.in:393 msgid "Base DN for service lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:393 +#: src/config/SSSDConfig/__init__.py.in:394 msgid "Objectclass for services" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:394 +#: src/config/SSSDConfig/__init__.py.in:395 msgid "Service name attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:395 +#: src/config/SSSDConfig/__init__.py.in:396 msgid "Service port attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:396 +#: src/config/SSSDConfig/__init__.py.in:397 msgid "Service protocol attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:399 +#: src/config/SSSDConfig/__init__.py.in:400 msgid "Lower bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:400 +#: src/config/SSSDConfig/__init__.py.in:401 msgid "Upper bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:401 +#: src/config/SSSDConfig/__init__.py.in:402 msgid "Number of IDs for each slice when ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:402 +#: src/config/SSSDConfig/__init__.py.in:403 msgid "Use autorid-compatible algorithm for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:403 +#: src/config/SSSDConfig/__init__.py.in:404 msgid "Name of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:404 +#: src/config/SSSDConfig/__init__.py.in:405 msgid "SID of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:405 +#: src/config/SSSDConfig/__init__.py.in:406 msgid "Number of secondary slices" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:407 +#: src/config/SSSDConfig/__init__.py.in:408 msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:408 +#: src/config/SSSDConfig/__init__.py.in:409 msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:409 +#: src/config/SSSDConfig/__init__.py.in:410 msgid "Whether to use Token-Groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:410 +#: src/config/SSSDConfig/__init__.py.in:411 msgid "Set lower boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:411 +#: src/config/SSSDConfig/__init__.py.in:412 msgid "Set upper boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:412 +#: src/config/SSSDConfig/__init__.py.in:413 msgid "DN for ppolicy queries" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:413 +#: src/config/SSSDConfig/__init__.py.in:414 msgid "How many maximum entries to fetch during a wildcard request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:416 +#: src/config/SSSDConfig/__init__.py.in:417 msgid "Policy to evaluate the password expiration" msgstr "Политика вычисления окончания срока действия пароля" -#: src/config/SSSDConfig/__init__.py.in:420 +#: src/config/SSSDConfig/__init__.py.in:421 msgid "Which attributes shall be used to evaluate if an account is expired" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:421 +#: src/config/SSSDConfig/__init__.py.in:422 msgid "Which rules should be used to evaluate access control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:424 +#: src/config/SSSDConfig/__init__.py.in:425 msgid "URI of an LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:425 +#: src/config/SSSDConfig/__init__.py.in:426 msgid "URI of a backup LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:426 +#: src/config/SSSDConfig/__init__.py.in:427 msgid "DNS service name for LDAP password change server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:427 +#: src/config/SSSDConfig/__init__.py.in:428 msgid "" "Whether to update the ldap_user_shadow_last_change attribute after a " "password change" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:430 +#: src/config/SSSDConfig/__init__.py.in:431 msgid "Base DN for sudo rules lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:431 +#: src/config/SSSDConfig/__init__.py.in:432 msgid "Automatic full refresh period" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:432 +#: src/config/SSSDConfig/__init__.py.in:433 msgid "Automatic smart refresh period" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:433 +#: src/config/SSSDConfig/__init__.py.in:434 msgid "Whether to filter rules by hostname, IP addresses and network" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:434 +#: src/config/SSSDConfig/__init__.py.in:435 msgid "" "Hostnames and/or fully qualified domain names of this machine to filter sudo " "rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:435 +#: src/config/SSSDConfig/__init__.py.in:436 msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:436 +#: src/config/SSSDConfig/__init__.py.in:437 msgid "Whether to include rules that contains netgroup in host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:437 +#: src/config/SSSDConfig/__init__.py.in:438 msgid "" "Whether to include rules that contains regular expression in host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:438 +#: src/config/SSSDConfig/__init__.py.in:439 msgid "Object class for sudo rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:439 +#: src/config/SSSDConfig/__init__.py.in:440 msgid "Sudo rule name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:440 +#: src/config/SSSDConfig/__init__.py.in:441 msgid "Sudo rule command attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:441 +#: src/config/SSSDConfig/__init__.py.in:442 msgid "Sudo rule host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:442 +#: src/config/SSSDConfig/__init__.py.in:443 msgid "Sudo rule user attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:443 +#: src/config/SSSDConfig/__init__.py.in:444 msgid "Sudo rule option attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:444 +#: src/config/SSSDConfig/__init__.py.in:445 msgid "Sudo rule runas attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:445 +#: src/config/SSSDConfig/__init__.py.in:446 msgid "Sudo rule runasuser attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:446 +#: src/config/SSSDConfig/__init__.py.in:447 msgid "Sudo rule runasgroup attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:447 +#: src/config/SSSDConfig/__init__.py.in:448 msgid "Sudo rule notbefore attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:448 +#: src/config/SSSDConfig/__init__.py.in:449 msgid "Sudo rule notafter attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:449 +#: src/config/SSSDConfig/__init__.py.in:450 msgid "Sudo rule order attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:452 +#: src/config/SSSDConfig/__init__.py.in:453 msgid "Object class for automounter maps" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:453 +#: src/config/SSSDConfig/__init__.py.in:454 msgid "Automounter map name attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:454 +#: src/config/SSSDConfig/__init__.py.in:455 msgid "Object class for automounter map entries" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:455 +#: src/config/SSSDConfig/__init__.py.in:456 msgid "Automounter map entry key attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:456 +#: src/config/SSSDConfig/__init__.py.in:457 msgid "Automounter map entry value attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:457 +#: src/config/SSSDConfig/__init__.py.in:458 msgid "Base DN for automounter map lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:460 +#: src/config/SSSDConfig/__init__.py.in:461 msgid "Comma separated list of allowed users" msgstr "Разделённый запятыми список разрешённых пользователей" -#: src/config/SSSDConfig/__init__.py.in:461 +#: src/config/SSSDConfig/__init__.py.in:462 msgid "Comma separated list of prohibited users" msgstr "Разделённый запятыми список запрещённых пользователей" -#: src/config/SSSDConfig/__init__.py.in:464 +#: src/config/SSSDConfig/__init__.py.in:465 msgid "Default shell, /bin/bash" msgstr "Оболочка по умолчанию, /bin/bash" -#: src/config/SSSDConfig/__init__.py.in:465 +#: src/config/SSSDConfig/__init__.py.in:466 msgid "Base for home directories" msgstr "Место для домашних каталогов" -#: src/config/SSSDConfig/__init__.py.in:468 +#: src/config/SSSDConfig/__init__.py.in:469 msgid "The number of preforked proxy children." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:471 +#: src/config/SSSDConfig/__init__.py.in:472 msgid "The name of the NSS library to use" msgstr "Имя используемой библиотеки NSS" -#: src/config/SSSDConfig/__init__.py.in:472 +#: src/config/SSSDConfig/__init__.py.in:473 msgid "Whether to look up canonical group name from cache if possible" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:475 +#: src/config/SSSDConfig/__init__.py.in:476 msgid "PAM stack to use" msgstr "Используемый стек PAM" -#: src/monitor/monitor.c:2469 +#: src/monitor/monitor.c:2449 msgid "Become a daemon (default)" msgstr "Запускаться в качестве службы (по умолчанию)" -#: src/monitor/monitor.c:2471 +#: src/monitor/monitor.c:2451 msgid "Run interactive (not a daemon)" msgstr "Запускаться интерактивно (не службой)" -#: src/monitor/monitor.c:2474 +#: src/monitor/monitor.c:2454 msgid "Disable netlink interface" msgstr "" -#: src/monitor/monitor.c:2476 src/tools/sssctl/sssctl_logs.c:311 +#: src/monitor/monitor.c:2456 src/tools/sssctl/sssctl_logs.c:311 msgid "Specify a non-default config file" msgstr "Указать файл конфигурации" -#: src/monitor/monitor.c:2478 +#: src/monitor/monitor.c:2458 msgid "Refresh the configuration database, then exit" msgstr "" -#: src/monitor/monitor.c:2481 +#: src/monitor/monitor.c:2461 msgid "Print version number and exit" msgstr "" -#: src/monitor/monitor.c:2645 +#: src/monitor/monitor.c:2627 msgid "SSSD is already running\n" msgstr "" -#: src/providers/krb5/krb5_child.c:3032 src/providers/ldap/ldap_child.c:616 +#: src/providers/krb5/krb5_child.c:3216 src/providers/ldap/ldap_child.c:617 msgid "Debug level" msgstr "Уровень отладки" -#: src/providers/krb5/krb5_child.c:3034 src/providers/ldap/ldap_child.c:618 +#: src/providers/krb5/krb5_child.c:3218 src/providers/ldap/ldap_child.c:619 msgid "Add debug timestamps" msgstr "Добавить отладочные отметки времени" -#: src/providers/krb5/krb5_child.c:3036 src/providers/ldap/ldap_child.c:620 +#: src/providers/krb5/krb5_child.c:3220 src/providers/ldap/ldap_child.c:621 msgid "Show timestamps with microseconds" msgstr "" -#: src/providers/krb5/krb5_child.c:3038 src/providers/ldap/ldap_child.c:622 +#: src/providers/krb5/krb5_child.c:3222 src/providers/ldap/ldap_child.c:623 msgid "An open file descriptor for the debug logs" msgstr "Открытый дескриптор файла для журналов отладки" -#: src/providers/krb5/krb5_child.c:3041 src/providers/ldap/ldap_child.c:624 +#: src/providers/krb5/krb5_child.c:3225 src/providers/ldap/ldap_child.c:625 msgid "Send the debug output to stderr directly." msgstr "" -#: src/providers/krb5/krb5_child.c:3043 +#: src/providers/krb5/krb5_child.c:3228 msgid "The user to create FAST ccache as" msgstr "" -#: src/providers/krb5/krb5_child.c:3045 +#: src/providers/krb5/krb5_child.c:3230 msgid "The group to create FAST ccache as" msgstr "" -#: src/providers/krb5/krb5_child.c:3047 +#: src/providers/krb5/krb5_child.c:3232 msgid "Kerberos realm to use" msgstr "" -#: src/providers/krb5/krb5_child.c:3049 +#: src/providers/krb5/krb5_child.c:3234 msgid "Requested lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:3051 +#: src/providers/krb5/krb5_child.c:3236 msgid "Requested renewable lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:3053 +#: src/providers/krb5/krb5_child.c:3238 msgid "FAST options ('never', 'try', 'demand')" msgstr "" -#: src/providers/krb5/krb5_child.c:3056 +#: src/providers/krb5/krb5_child.c:3241 msgid "Specifies the server principal to use for FAST" msgstr "" -#: src/providers/krb5/krb5_child.c:3058 +#: src/providers/krb5/krb5_child.c:3243 msgid "Requests canonicalization of the principal name" msgstr "" -#: src/providers/data_provider_be.c:553 +#: src/providers/krb5/krb5_child.c:3245 +msgid "Use custom version of krb5_get_init_creds_password" +msgstr "" + +#: src/providers/data_provider_be.c:555 msgid "Domain of the information provider (mandatory)" msgstr "Домен поставщика информации (обязательный)" -#: src/sss_client/common.c:1061 +#: src/sss_client/common.c:1066 msgid "Privileged socket has wrong ownership or permissions." msgstr "" "Для привилегированного сокета установлен неверный владелец или права доступа." -#: src/sss_client/common.c:1064 +#: src/sss_client/common.c:1069 msgid "Public socket has wrong ownership or permissions." msgstr "" "Для общедоступного сокета установлен неверный владелец или права доступа." -#: src/sss_client/common.c:1067 +#: src/sss_client/common.c:1072 msgid "Unexpected format of the server credential message." msgstr "" -#: src/sss_client/common.c:1070 +#: src/sss_client/common.c:1075 msgid "SSSD is not run by root." msgstr "" -#: src/sss_client/common.c:1075 +#: src/sss_client/common.c:1080 msgid "An error occurred, but no description can be found." msgstr "" -#: src/sss_client/common.c:1081 +#: src/sss_client/common.c:1086 msgid "Unexpected error while looking for an error description" msgstr "" -#: src/sss_client/pam_sss.c:68 +#: src/sss_client/pam_sss.c:76 msgid "Permission denied. " msgstr "" -#: src/sss_client/pam_sss.c:69 src/sss_client/pam_sss.c:746 -#: src/sss_client/pam_sss.c:757 +#: src/sss_client/pam_sss.c:77 src/sss_client/pam_sss.c:782 +#: src/sss_client/pam_sss.c:793 msgid "Server message: " msgstr "Сообщение сервера:" -#: src/sss_client/pam_sss.c:264 +#: src/sss_client/pam_sss.c:300 msgid "Passwords do not match" msgstr "Пароли не совпадают" -#: src/sss_client/pam_sss.c:452 +#: src/sss_client/pam_sss.c:488 msgid "Password reset by root is not supported." msgstr "" -#: src/sss_client/pam_sss.c:493 +#: src/sss_client/pam_sss.c:529 msgid "Authenticated with cached credentials" msgstr "" -#: src/sss_client/pam_sss.c:494 +#: src/sss_client/pam_sss.c:530 msgid ", your cached password will expire at: " msgstr ", срок действия вашего кэшированного пароль истечёт:" -#: src/sss_client/pam_sss.c:524 +#: src/sss_client/pam_sss.c:560 #, c-format msgid "Your password has expired. You have %1$d grace login(s) remaining." msgstr "" -#: src/sss_client/pam_sss.c:570 +#: src/sss_client/pam_sss.c:606 #, c-format msgid "Your password will expire in %1$d %2$s." msgstr "" -#: src/sss_client/pam_sss.c:619 +#: src/sss_client/pam_sss.c:655 msgid "Authentication is denied until: " msgstr "" -#: src/sss_client/pam_sss.c:640 +#: src/sss_client/pam_sss.c:676 msgid "System is offline, password change not possible" msgstr "Система находится в автономном режиме, невозможно сменить пароль" -#: src/sss_client/pam_sss.c:655 +#: src/sss_client/pam_sss.c:691 msgid "" "After changing the OTP password, you need to log out and back in order to " "acquire a ticket" msgstr "" -#: src/sss_client/pam_sss.c:743 src/sss_client/pam_sss.c:756 +#: src/sss_client/pam_sss.c:779 src/sss_client/pam_sss.c:792 msgid "Password change failed. " msgstr "Не удалось сменить пароль." -#: src/sss_client/pam_sss.c:1670 +#: src/sss_client/pam_sss.c:1926 msgid "New Password: " msgstr "Новый пароль:" -#: src/sss_client/pam_sss.c:1671 +#: src/sss_client/pam_sss.c:1927 msgid "Reenter new Password: " msgstr "Введите новый пароль ещё раз:" -#: src/sss_client/pam_sss.c:1783 src/sss_client/pam_sss.c:1786 +#: src/sss_client/pam_sss.c:2039 src/sss_client/pam_sss.c:2042 msgid "First Factor: " msgstr "" -#: src/sss_client/pam_sss.c:1784 +#: src/sss_client/pam_sss.c:2040 src/sss_client/pam_sss.c:2202 msgid "Second Factor (optional): " msgstr "" -#: src/sss_client/pam_sss.c:1787 +#: src/sss_client/pam_sss.c:2043 src/sss_client/pam_sss.c:2205 msgid "Second Factor: " msgstr "" -#: src/sss_client/pam_sss.c:1792 +#: src/sss_client/pam_sss.c:2058 msgid "Password: " msgstr "Пароль:" -#: src/sss_client/pam_sss.c:1832 +#: src/sss_client/pam_sss.c:2201 src/sss_client/pam_sss.c:2204 +#, fuzzy +msgid "First Factor (Current Password): " +msgstr "Текущий пароль:" + +#: src/sss_client/pam_sss.c:2208 msgid "Current Password: " msgstr "Текущий пароль:" -#: src/sss_client/pam_sss.c:2098 +#: src/sss_client/pam_sss.c:2536 msgid "Password expired. Change your password now." msgstr "Срок действия пароля истёк. Необходимо сейчас изменить ваш пароль." @@ -2328,38 +2342,38 @@ msgstr "" msgid "Cached in InfoPipe" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:511 +#: src/tools/sssctl/sssctl_cache.c:512 #, c-format msgid "Error: Unable to get object [%d]: %s\n" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:527 +#: src/tools/sssctl/sssctl_cache.c:528 #, c-format msgid "%s: Unable to read value [%d]: %s\n" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:555 +#: src/tools/sssctl/sssctl_cache.c:556 msgid "Specify name." msgstr "" -#: src/tools/sssctl/sssctl_cache.c:565 +#: src/tools/sssctl/sssctl_cache.c:566 #, c-format msgid "Unable to parse name %s.\n" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:591 src/tools/sssctl/sssctl_cache.c:638 +#: src/tools/sssctl/sssctl_cache.c:592 src/tools/sssctl/sssctl_cache.c:639 msgid "Search by SID" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:592 +#: src/tools/sssctl/sssctl_cache.c:593 msgid "Search by user ID" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:601 +#: src/tools/sssctl/sssctl_cache.c:602 msgid "Initgroups expiration time" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:639 +#: src/tools/sssctl/sssctl_cache.c:640 msgid "Search by group ID" msgstr "" @@ -2397,7 +2411,7 @@ msgid "Unable to create backup directory [%d]: %s" msgstr "" #: src/tools/sssctl/sssctl_data.c:95 -msgid "SSSD backup of local data already exist, override?" +msgid "SSSD backup of local data already exists, override?" msgstr "" #: src/tools/sssctl/sssctl_data.c:111 diff --git a/po/sssd.pot b/po/sssd.pot index 0e6ae4cd809..473bb8d57d5 100644 --- a/po/sssd.pot +++ b/po/sssd.pot @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2017-10-20 16:16+0200\n" +"POT-Creation-Date: 2018-03-09 12:31+0100\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME \n" "Language-Team: LANGUAGE \n" @@ -489,12 +489,12 @@ msgid "Whether to automatically update the client's DNS entry" msgstr "" #: src/config/SSSDConfig/__init__.py.in:184 -#: src/config/SSSDConfig/__init__.py.in:205 +#: src/config/SSSDConfig/__init__.py.in:206 msgid "The TTL to apply to the client's DNS entry after updating it" msgstr "" #: src/config/SSSDConfig/__init__.py.in:185 -#: src/config/SSSDConfig/__init__.py.in:206 +#: src/config/SSSDConfig/__init__.py.in:207 msgid "The interface whose IP should be used for dynamic DNS updates" msgstr "" @@ -538,1114 +538,1126 @@ msgstr "" msgid "How long can cached credentials be used for cached authentication" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:200 -msgid "IPA domain" +#: src/config/SSSDConfig/__init__.py.in:198 +msgid "Whether to automatically create private groups for users" msgstr "" #: src/config/SSSDConfig/__init__.py.in:201 -msgid "IPA server address" +msgid "IPA domain" msgstr "" #: src/config/SSSDConfig/__init__.py.in:202 -msgid "Address of backup IPA server" +msgid "IPA server address" msgstr "" #: src/config/SSSDConfig/__init__.py.in:203 -msgid "IPA client hostname" +msgid "Address of backup IPA server" msgstr "" #: src/config/SSSDConfig/__init__.py.in:204 +msgid "IPA client hostname" +msgstr "" + +#: src/config/SSSDConfig/__init__.py.in:205 msgid "Whether to automatically update the client's DNS entry in FreeIPA" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:207 +#: src/config/SSSDConfig/__init__.py.in:208 msgid "Search base for HBAC related objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:208 +#: src/config/SSSDConfig/__init__.py.in:209 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:209 +#: src/config/SSSDConfig/__init__.py.in:210 msgid "" "The amount of time in seconds between lookups of the SELinux maps against " "the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:210 +#: src/config/SSSDConfig/__init__.py.in:211 msgid "If set to false, host argument given by PAM will be ignored" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:211 +#: src/config/SSSDConfig/__init__.py.in:212 msgid "The automounter location this IPA client is using" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:212 +#: src/config/SSSDConfig/__init__.py.in:213 msgid "Search base for object containing info about IPA domain" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:213 +#: src/config/SSSDConfig/__init__.py.in:214 msgid "Search base for objects containing info about ID ranges" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:214 -#: src/config/SSSDConfig/__init__.py.in:232 +#: src/config/SSSDConfig/__init__.py.in:215 +#: src/config/SSSDConfig/__init__.py.in:233 msgid "Enable DNS sites - location based service discovery" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:215 +#: src/config/SSSDConfig/__init__.py.in:216 msgid "Search base for view containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:216 +#: src/config/SSSDConfig/__init__.py.in:217 msgid "Objectclass for view containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:217 +#: src/config/SSSDConfig/__init__.py.in:218 msgid "Attribute with the name of the view" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:218 +#: src/config/SSSDConfig/__init__.py.in:219 msgid "Objectclass for override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:219 +#: src/config/SSSDConfig/__init__.py.in:220 msgid "Attribute with the reference to the original object" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:220 +#: src/config/SSSDConfig/__init__.py.in:221 msgid "Objectclass for user override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:221 +#: src/config/SSSDConfig/__init__.py.in:222 msgid "Objectclass for group override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:222 +#: src/config/SSSDConfig/__init__.py.in:223 msgid "Search base for Desktop Profile related objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:223 +#: src/config/SSSDConfig/__init__.py.in:224 msgid "" "The amount of time in seconds between lookups of the Desktop Profile rules " "against the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:224 +#: src/config/SSSDConfig/__init__.py.in:225 msgid "" "The amount of time in minutes between lookups of Desktop Profiles rules " "against the IPA server when the last request did not find any rule" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:227 +#: src/config/SSSDConfig/__init__.py.in:228 msgid "Active Directory domain" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:228 +#: src/config/SSSDConfig/__init__.py.in:229 msgid "Enabled Active Directory domains" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:229 +#: src/config/SSSDConfig/__init__.py.in:230 msgid "Active Directory server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:230 +#: src/config/SSSDConfig/__init__.py.in:231 msgid "Active Directory backup server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:231 +#: src/config/SSSDConfig/__init__.py.in:232 msgid "Active Directory client hostname" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:233 -#: src/config/SSSDConfig/__init__.py.in:419 +#: src/config/SSSDConfig/__init__.py.in:234 +#: src/config/SSSDConfig/__init__.py.in:420 msgid "LDAP filter to determine access privileges" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:234 +#: src/config/SSSDConfig/__init__.py.in:235 msgid "Whether to use the Global Catalog for lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:235 +#: src/config/SSSDConfig/__init__.py.in:236 msgid "Operation mode for GPO-based access control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:236 +#: src/config/SSSDConfig/__init__.py.in:237 msgid "" "The amount of time between lookups of the GPO policy files against the AD " "server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:237 +#: src/config/SSSDConfig/__init__.py.in:238 msgid "" "PAM service names that map to the GPO (Deny)InteractiveLogonRight policy " "settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:238 +#: src/config/SSSDConfig/__init__.py.in:239 msgid "" "PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight " "policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:239 +#: src/config/SSSDConfig/__init__.py.in:240 msgid "" "PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:240 +#: src/config/SSSDConfig/__init__.py.in:241 msgid "" "PAM service names that map to the GPO (Deny)BatchLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:241 +#: src/config/SSSDConfig/__init__.py.in:242 msgid "" "PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:242 +#: src/config/SSSDConfig/__init__.py.in:243 msgid "PAM service names for which GPO-based access is always granted" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:243 +#: src/config/SSSDConfig/__init__.py.in:244 msgid "PAM service names for which GPO-based access is always denied" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:244 +#: src/config/SSSDConfig/__init__.py.in:245 msgid "" "Default logon right (or permit/deny) to use for unmapped PAM service names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:245 +#: src/config/SSSDConfig/__init__.py.in:246 msgid "a particular site to be used by the client" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:246 +#: src/config/SSSDConfig/__init__.py.in:247 msgid "" "Maximum age in days before the machine account password should be renewed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:247 +#: src/config/SSSDConfig/__init__.py.in:248 msgid "Option for tuning the machine account renewal task" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:250 #: src/config/SSSDConfig/__init__.py.in:251 +#: src/config/SSSDConfig/__init__.py.in:252 msgid "Kerberos server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:252 +#: src/config/SSSDConfig/__init__.py.in:253 msgid "Kerberos backup server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:253 +#: src/config/SSSDConfig/__init__.py.in:254 msgid "Kerberos realm" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:254 +#: src/config/SSSDConfig/__init__.py.in:255 msgid "Authentication timeout" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:255 +#: src/config/SSSDConfig/__init__.py.in:256 msgid "Whether to create kdcinfo files" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:256 +#: src/config/SSSDConfig/__init__.py.in:257 msgid "Where to drop krb5 config snippets" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:259 +#: src/config/SSSDConfig/__init__.py.in:260 msgid "Directory to store credential caches" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:260 +#: src/config/SSSDConfig/__init__.py.in:261 msgid "Location of the user's credential cache" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:261 +#: src/config/SSSDConfig/__init__.py.in:262 msgid "Location of the keytab to validate credentials" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:262 +#: src/config/SSSDConfig/__init__.py.in:263 msgid "Enable credential validation" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:263 +#: src/config/SSSDConfig/__init__.py.in:264 msgid "Store password if offline for later online authentication" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:264 +#: src/config/SSSDConfig/__init__.py.in:265 msgid "Renewable lifetime of the TGT" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:265 +#: src/config/SSSDConfig/__init__.py.in:266 msgid "Lifetime of the TGT" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:266 +#: src/config/SSSDConfig/__init__.py.in:267 msgid "Time between two checks for renewal" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:267 +#: src/config/SSSDConfig/__init__.py.in:268 msgid "Enables FAST" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:268 +#: src/config/SSSDConfig/__init__.py.in:269 msgid "Selects the principal to use for FAST" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:269 +#: src/config/SSSDConfig/__init__.py.in:270 msgid "Enables principal canonicalization" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:270 +#: src/config/SSSDConfig/__init__.py.in:271 msgid "Enables enterprise principals" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:271 -msgid "A mapping from user names to kerberos principal names" +#: src/config/SSSDConfig/__init__.py.in:272 +msgid "A mapping from user names to Kerberos principal names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:274 #: src/config/SSSDConfig/__init__.py.in:275 +#: src/config/SSSDConfig/__init__.py.in:276 msgid "Server where the change password service is running if not on the KDC" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:278 +#: src/config/SSSDConfig/__init__.py.in:279 msgid "ldap_uri, The URI of the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:279 +#: src/config/SSSDConfig/__init__.py.in:280 msgid "ldap_backup_uri, The URI of the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:280 +#: src/config/SSSDConfig/__init__.py.in:281 msgid "The default base DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:281 +#: src/config/SSSDConfig/__init__.py.in:282 msgid "The Schema Type in use on the LDAP server, rfc2307" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:282 +#: src/config/SSSDConfig/__init__.py.in:283 msgid "The default bind DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:283 +#: src/config/SSSDConfig/__init__.py.in:284 msgid "The type of the authentication token of the default bind DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:284 +#: src/config/SSSDConfig/__init__.py.in:285 msgid "The authentication token of the default bind DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:285 +#: src/config/SSSDConfig/__init__.py.in:286 msgid "Length of time to attempt connection" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:286 +#: src/config/SSSDConfig/__init__.py.in:287 msgid "Length of time to attempt synchronous LDAP operations" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:287 +#: src/config/SSSDConfig/__init__.py.in:288 msgid "Length of time between attempts to reconnect while offline" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:288 +#: src/config/SSSDConfig/__init__.py.in:289 msgid "Use only the upper case for realm names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:289 +#: src/config/SSSDConfig/__init__.py.in:290 msgid "File that contains CA certificates" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:290 +#: src/config/SSSDConfig/__init__.py.in:291 msgid "Path to CA certificate directory" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:291 +#: src/config/SSSDConfig/__init__.py.in:292 msgid "File that contains the client certificate" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:292 +#: src/config/SSSDConfig/__init__.py.in:293 msgid "File that contains the client key" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:293 +#: src/config/SSSDConfig/__init__.py.in:294 msgid "List of possible ciphers suites" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:294 +#: src/config/SSSDConfig/__init__.py.in:295 msgid "Require TLS certificate verification" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:295 +#: src/config/SSSDConfig/__init__.py.in:296 msgid "Specify the sasl mechanism to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:296 +#: src/config/SSSDConfig/__init__.py.in:297 msgid "Specify the sasl authorization id to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:297 +#: src/config/SSSDConfig/__init__.py.in:298 msgid "Specify the sasl authorization realm to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:298 +#: src/config/SSSDConfig/__init__.py.in:299 msgid "Specify the minimal SSF for LDAP sasl authorization" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:299 +#: src/config/SSSDConfig/__init__.py.in:300 msgid "Kerberos service keytab" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:300 +#: src/config/SSSDConfig/__init__.py.in:301 msgid "Use Kerberos auth for LDAP connection" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:301 +#: src/config/SSSDConfig/__init__.py.in:302 msgid "Follow LDAP referrals" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:302 +#: src/config/SSSDConfig/__init__.py.in:303 msgid "Lifetime of TGT for LDAP connection" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:303 +#: src/config/SSSDConfig/__init__.py.in:304 msgid "How to dereference aliases" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:304 +#: src/config/SSSDConfig/__init__.py.in:305 msgid "Service name for DNS service lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:305 +#: src/config/SSSDConfig/__init__.py.in:306 msgid "The number of records to retrieve in a single LDAP query" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:306 +#: src/config/SSSDConfig/__init__.py.in:307 msgid "The number of members that must be missing to trigger a full deref" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:307 +#: src/config/SSSDConfig/__init__.py.in:308 msgid "" "Whether the LDAP library should perform a reverse lookup to canonicalize the " "host name during a SASL bind" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:309 +#: src/config/SSSDConfig/__init__.py.in:310 msgid "entryUSN attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:310 +#: src/config/SSSDConfig/__init__.py.in:311 msgid "lastUSN attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:312 +#: src/config/SSSDConfig/__init__.py.in:313 msgid "How long to retain a connection to the LDAP server before disconnecting" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:314 +#: src/config/SSSDConfig/__init__.py.in:315 msgid "Disable the LDAP paging control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:315 +#: src/config/SSSDConfig/__init__.py.in:316 msgid "Disable Active Directory range retrieval" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:318 +#: src/config/SSSDConfig/__init__.py.in:319 msgid "Length of time to wait for a search request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:319 +#: src/config/SSSDConfig/__init__.py.in:320 msgid "Length of time to wait for a enumeration request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:320 +#: src/config/SSSDConfig/__init__.py.in:321 msgid "Length of time between enumeration updates" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:321 +#: src/config/SSSDConfig/__init__.py.in:322 msgid "Length of time between cache cleanups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:322 +#: src/config/SSSDConfig/__init__.py.in:323 msgid "Require TLS for ID lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:323 +#: src/config/SSSDConfig/__init__.py.in:324 msgid "Use ID-mapping of objectSID instead of pre-set IDs" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:324 +#: src/config/SSSDConfig/__init__.py.in:325 msgid "Base DN for user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:325 +#: src/config/SSSDConfig/__init__.py.in:326 msgid "Scope of user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:326 +#: src/config/SSSDConfig/__init__.py.in:327 msgid "Filter for user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:327 +#: src/config/SSSDConfig/__init__.py.in:328 msgid "Objectclass for users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:328 +#: src/config/SSSDConfig/__init__.py.in:329 msgid "Username attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:330 +#: src/config/SSSDConfig/__init__.py.in:331 msgid "UID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:331 +#: src/config/SSSDConfig/__init__.py.in:332 msgid "Primary GID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:332 +#: src/config/SSSDConfig/__init__.py.in:333 msgid "GECOS attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:333 +#: src/config/SSSDConfig/__init__.py.in:334 msgid "Home directory attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:334 +#: src/config/SSSDConfig/__init__.py.in:335 msgid "Shell attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:335 +#: src/config/SSSDConfig/__init__.py.in:336 msgid "UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:336 -#: src/config/SSSDConfig/__init__.py.in:378 +#: src/config/SSSDConfig/__init__.py.in:337 +#: src/config/SSSDConfig/__init__.py.in:379 msgid "objectSID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:337 +#: src/config/SSSDConfig/__init__.py.in:338 msgid "Active Directory primary group attribute for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:338 +#: src/config/SSSDConfig/__init__.py.in:339 msgid "User principal attribute (for Kerberos)" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:339 +#: src/config/SSSDConfig/__init__.py.in:340 msgid "Full Name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:341 msgid "memberOf attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:341 +#: src/config/SSSDConfig/__init__.py.in:342 msgid "Modification time attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:343 +#: src/config/SSSDConfig/__init__.py.in:344 msgid "shadowLastChange attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:344 +#: src/config/SSSDConfig/__init__.py.in:345 msgid "shadowMin attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:345 +#: src/config/SSSDConfig/__init__.py.in:346 msgid "shadowMax attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:346 +#: src/config/SSSDConfig/__init__.py.in:347 msgid "shadowWarning attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:347 +#: src/config/SSSDConfig/__init__.py.in:348 msgid "shadowInactive attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:348 +#: src/config/SSSDConfig/__init__.py.in:349 msgid "shadowExpire attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:349 +#: src/config/SSSDConfig/__init__.py.in:350 msgid "shadowFlag attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:350 +#: src/config/SSSDConfig/__init__.py.in:351 msgid "Attribute listing authorized PAM services" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:351 +#: src/config/SSSDConfig/__init__.py.in:352 msgid "Attribute listing authorized server hosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:352 +#: src/config/SSSDConfig/__init__.py.in:353 msgid "Attribute listing authorized server rhosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:353 +#: src/config/SSSDConfig/__init__.py.in:354 msgid "krbLastPwdChange attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:354 +#: src/config/SSSDConfig/__init__.py.in:355 msgid "krbPasswordExpiration attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:355 +#: src/config/SSSDConfig/__init__.py.in:356 msgid "Attribute indicating that server side password policies are active" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:356 +#: src/config/SSSDConfig/__init__.py.in:357 msgid "accountExpires attribute of AD" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:357 +#: src/config/SSSDConfig/__init__.py.in:358 msgid "userAccountControl attribute of AD" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:358 +#: src/config/SSSDConfig/__init__.py.in:359 msgid "nsAccountLock attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:359 +#: src/config/SSSDConfig/__init__.py.in:360 msgid "loginDisabled attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:360 +#: src/config/SSSDConfig/__init__.py.in:361 msgid "loginExpirationTime attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:361 +#: src/config/SSSDConfig/__init__.py.in:362 msgid "loginAllowedTimeMap attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:362 +#: src/config/SSSDConfig/__init__.py.in:363 msgid "SSH public key attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:363 +#: src/config/SSSDConfig/__init__.py.in:364 msgid "attribute listing allowed authentication types for a user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:364 +#: src/config/SSSDConfig/__init__.py.in:365 msgid "attribute containing the X509 certificate of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:365 +#: src/config/SSSDConfig/__init__.py.in:366 msgid "attribute containing the email address of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:367 +#: src/config/SSSDConfig/__init__.py.in:368 msgid "A list of extra attributes to download along with the user entry" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:369 +#: src/config/SSSDConfig/__init__.py.in:370 msgid "Base DN for group lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:372 +#: src/config/SSSDConfig/__init__.py.in:373 msgid "Objectclass for groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:373 +#: src/config/SSSDConfig/__init__.py.in:374 msgid "Group name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:374 +#: src/config/SSSDConfig/__init__.py.in:375 msgid "Group password" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:375 +#: src/config/SSSDConfig/__init__.py.in:376 msgid "GID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:376 +#: src/config/SSSDConfig/__init__.py.in:377 msgid "Group member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:377 +#: src/config/SSSDConfig/__init__.py.in:378 msgid "Group UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:379 +#: src/config/SSSDConfig/__init__.py.in:380 msgid "Modification time attribute for groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:380 +#: src/config/SSSDConfig/__init__.py.in:381 msgid "Type of the group and other flags" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:381 +#: src/config/SSSDConfig/__init__.py.in:382 msgid "The LDAP group external member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:383 -msgid "Maximum nesting level SSSd will follow" +#: src/config/SSSDConfig/__init__.py.in:384 +msgid "Maximum nesting level SSSD will follow" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:385 +#: src/config/SSSDConfig/__init__.py.in:386 msgid "Base DN for netgroup lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:386 +#: src/config/SSSDConfig/__init__.py.in:387 msgid "Objectclass for netgroups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:387 +#: src/config/SSSDConfig/__init__.py.in:388 msgid "Netgroup name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:388 +#: src/config/SSSDConfig/__init__.py.in:389 msgid "Netgroups members attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:389 +#: src/config/SSSDConfig/__init__.py.in:390 msgid "Netgroup triple attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:390 +#: src/config/SSSDConfig/__init__.py.in:391 msgid "Modification time attribute for netgroups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:392 +#: src/config/SSSDConfig/__init__.py.in:393 msgid "Base DN for service lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:393 +#: src/config/SSSDConfig/__init__.py.in:394 msgid "Objectclass for services" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:394 +#: src/config/SSSDConfig/__init__.py.in:395 msgid "Service name attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:395 +#: src/config/SSSDConfig/__init__.py.in:396 msgid "Service port attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:396 +#: src/config/SSSDConfig/__init__.py.in:397 msgid "Service protocol attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:399 +#: src/config/SSSDConfig/__init__.py.in:400 msgid "Lower bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:400 +#: src/config/SSSDConfig/__init__.py.in:401 msgid "Upper bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:401 +#: src/config/SSSDConfig/__init__.py.in:402 msgid "Number of IDs for each slice when ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:402 +#: src/config/SSSDConfig/__init__.py.in:403 msgid "Use autorid-compatible algorithm for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:403 +#: src/config/SSSDConfig/__init__.py.in:404 msgid "Name of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:404 +#: src/config/SSSDConfig/__init__.py.in:405 msgid "SID of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:405 +#: src/config/SSSDConfig/__init__.py.in:406 msgid "Number of secondary slices" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:407 +#: src/config/SSSDConfig/__init__.py.in:408 msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:408 +#: src/config/SSSDConfig/__init__.py.in:409 msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:409 +#: src/config/SSSDConfig/__init__.py.in:410 msgid "Whether to use Token-Groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:410 +#: src/config/SSSDConfig/__init__.py.in:411 msgid "Set lower boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:411 +#: src/config/SSSDConfig/__init__.py.in:412 msgid "Set upper boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:412 +#: src/config/SSSDConfig/__init__.py.in:413 msgid "DN for ppolicy queries" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:413 +#: src/config/SSSDConfig/__init__.py.in:414 msgid "How many maximum entries to fetch during a wildcard request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:416 +#: src/config/SSSDConfig/__init__.py.in:417 msgid "Policy to evaluate the password expiration" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:420 +#: src/config/SSSDConfig/__init__.py.in:421 msgid "Which attributes shall be used to evaluate if an account is expired" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:421 +#: src/config/SSSDConfig/__init__.py.in:422 msgid "Which rules should be used to evaluate access control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:424 +#: src/config/SSSDConfig/__init__.py.in:425 msgid "URI of an LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:425 +#: src/config/SSSDConfig/__init__.py.in:426 msgid "URI of a backup LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:426 +#: src/config/SSSDConfig/__init__.py.in:427 msgid "DNS service name for LDAP password change server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:427 +#: src/config/SSSDConfig/__init__.py.in:428 msgid "" "Whether to update the ldap_user_shadow_last_change attribute after a " "password change" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:430 +#: src/config/SSSDConfig/__init__.py.in:431 msgid "Base DN for sudo rules lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:431 +#: src/config/SSSDConfig/__init__.py.in:432 msgid "Automatic full refresh period" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:432 +#: src/config/SSSDConfig/__init__.py.in:433 msgid "Automatic smart refresh period" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:433 +#: src/config/SSSDConfig/__init__.py.in:434 msgid "Whether to filter rules by hostname, IP addresses and network" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:434 +#: src/config/SSSDConfig/__init__.py.in:435 msgid "" "Hostnames and/or fully qualified domain names of this machine to filter sudo " "rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:435 +#: src/config/SSSDConfig/__init__.py.in:436 msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:436 +#: src/config/SSSDConfig/__init__.py.in:437 msgid "Whether to include rules that contains netgroup in host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:437 +#: src/config/SSSDConfig/__init__.py.in:438 msgid "" "Whether to include rules that contains regular expression in host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:438 +#: src/config/SSSDConfig/__init__.py.in:439 msgid "Object class for sudo rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:439 +#: src/config/SSSDConfig/__init__.py.in:440 msgid "Sudo rule name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:440 +#: src/config/SSSDConfig/__init__.py.in:441 msgid "Sudo rule command attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:441 +#: src/config/SSSDConfig/__init__.py.in:442 msgid "Sudo rule host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:442 +#: src/config/SSSDConfig/__init__.py.in:443 msgid "Sudo rule user attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:443 +#: src/config/SSSDConfig/__init__.py.in:444 msgid "Sudo rule option attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:444 +#: src/config/SSSDConfig/__init__.py.in:445 msgid "Sudo rule runas attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:445 +#: src/config/SSSDConfig/__init__.py.in:446 msgid "Sudo rule runasuser attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:446 +#: src/config/SSSDConfig/__init__.py.in:447 msgid "Sudo rule runasgroup attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:447 +#: src/config/SSSDConfig/__init__.py.in:448 msgid "Sudo rule notbefore attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:448 +#: src/config/SSSDConfig/__init__.py.in:449 msgid "Sudo rule notafter attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:449 +#: src/config/SSSDConfig/__init__.py.in:450 msgid "Sudo rule order attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:452 +#: src/config/SSSDConfig/__init__.py.in:453 msgid "Object class for automounter maps" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:453 +#: src/config/SSSDConfig/__init__.py.in:454 msgid "Automounter map name attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:454 +#: src/config/SSSDConfig/__init__.py.in:455 msgid "Object class for automounter map entries" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:455 +#: src/config/SSSDConfig/__init__.py.in:456 msgid "Automounter map entry key attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:456 +#: src/config/SSSDConfig/__init__.py.in:457 msgid "Automounter map entry value attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:457 +#: src/config/SSSDConfig/__init__.py.in:458 msgid "Base DN for automounter map lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:460 +#: src/config/SSSDConfig/__init__.py.in:461 msgid "Comma separated list of allowed users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:461 +#: src/config/SSSDConfig/__init__.py.in:462 msgid "Comma separated list of prohibited users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:464 +#: src/config/SSSDConfig/__init__.py.in:465 msgid "Default shell, /bin/bash" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:465 +#: src/config/SSSDConfig/__init__.py.in:466 msgid "Base for home directories" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:468 +#: src/config/SSSDConfig/__init__.py.in:469 msgid "The number of preforked proxy children." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:471 +#: src/config/SSSDConfig/__init__.py.in:472 msgid "The name of the NSS library to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:472 +#: src/config/SSSDConfig/__init__.py.in:473 msgid "Whether to look up canonical group name from cache if possible" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:475 +#: src/config/SSSDConfig/__init__.py.in:476 msgid "PAM stack to use" msgstr "" -#: src/monitor/monitor.c:2469 +#: src/monitor/monitor.c:2449 msgid "Become a daemon (default)" msgstr "" -#: src/monitor/monitor.c:2471 +#: src/monitor/monitor.c:2451 msgid "Run interactive (not a daemon)" msgstr "" -#: src/monitor/monitor.c:2474 +#: src/monitor/monitor.c:2454 msgid "Disable netlink interface" msgstr "" -#: src/monitor/monitor.c:2476 src/tools/sssctl/sssctl_logs.c:311 +#: src/monitor/monitor.c:2456 src/tools/sssctl/sssctl_logs.c:311 msgid "Specify a non-default config file" msgstr "" -#: src/monitor/monitor.c:2478 +#: src/monitor/monitor.c:2458 msgid "Refresh the configuration database, then exit" msgstr "" -#: src/monitor/monitor.c:2481 +#: src/monitor/monitor.c:2461 msgid "Print version number and exit" msgstr "" -#: src/monitor/monitor.c:2645 +#: src/monitor/monitor.c:2627 msgid "SSSD is already running\n" msgstr "" -#: src/providers/krb5/krb5_child.c:3032 src/providers/ldap/ldap_child.c:616 +#: src/providers/krb5/krb5_child.c:3216 src/providers/ldap/ldap_child.c:617 msgid "Debug level" msgstr "" -#: src/providers/krb5/krb5_child.c:3034 src/providers/ldap/ldap_child.c:618 +#: src/providers/krb5/krb5_child.c:3218 src/providers/ldap/ldap_child.c:619 msgid "Add debug timestamps" msgstr "" -#: src/providers/krb5/krb5_child.c:3036 src/providers/ldap/ldap_child.c:620 +#: src/providers/krb5/krb5_child.c:3220 src/providers/ldap/ldap_child.c:621 msgid "Show timestamps with microseconds" msgstr "" -#: src/providers/krb5/krb5_child.c:3038 src/providers/ldap/ldap_child.c:622 +#: src/providers/krb5/krb5_child.c:3222 src/providers/ldap/ldap_child.c:623 msgid "An open file descriptor for the debug logs" msgstr "" -#: src/providers/krb5/krb5_child.c:3041 src/providers/ldap/ldap_child.c:624 +#: src/providers/krb5/krb5_child.c:3225 src/providers/ldap/ldap_child.c:625 msgid "Send the debug output to stderr directly." msgstr "" -#: src/providers/krb5/krb5_child.c:3043 +#: src/providers/krb5/krb5_child.c:3228 msgid "The user to create FAST ccache as" msgstr "" -#: src/providers/krb5/krb5_child.c:3045 +#: src/providers/krb5/krb5_child.c:3230 msgid "The group to create FAST ccache as" msgstr "" -#: src/providers/krb5/krb5_child.c:3047 +#: src/providers/krb5/krb5_child.c:3232 msgid "Kerberos realm to use" msgstr "" -#: src/providers/krb5/krb5_child.c:3049 +#: src/providers/krb5/krb5_child.c:3234 msgid "Requested lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:3051 +#: src/providers/krb5/krb5_child.c:3236 msgid "Requested renewable lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:3053 +#: src/providers/krb5/krb5_child.c:3238 msgid "FAST options ('never', 'try', 'demand')" msgstr "" -#: src/providers/krb5/krb5_child.c:3056 +#: src/providers/krb5/krb5_child.c:3241 msgid "Specifies the server principal to use for FAST" msgstr "" -#: src/providers/krb5/krb5_child.c:3058 +#: src/providers/krb5/krb5_child.c:3243 msgid "Requests canonicalization of the principal name" msgstr "" -#: src/providers/data_provider_be.c:553 +#: src/providers/krb5/krb5_child.c:3245 +msgid "Use custom version of krb5_get_init_creds_password" +msgstr "" + +#: src/providers/data_provider_be.c:555 msgid "Domain of the information provider (mandatory)" msgstr "" -#: src/sss_client/common.c:1061 +#: src/sss_client/common.c:1066 msgid "Privileged socket has wrong ownership or permissions." msgstr "" -#: src/sss_client/common.c:1064 +#: src/sss_client/common.c:1069 msgid "Public socket has wrong ownership or permissions." msgstr "" -#: src/sss_client/common.c:1067 +#: src/sss_client/common.c:1072 msgid "Unexpected format of the server credential message." msgstr "" -#: src/sss_client/common.c:1070 +#: src/sss_client/common.c:1075 msgid "SSSD is not run by root." msgstr "" -#: src/sss_client/common.c:1075 +#: src/sss_client/common.c:1080 msgid "An error occurred, but no description can be found." msgstr "" -#: src/sss_client/common.c:1081 +#: src/sss_client/common.c:1086 msgid "Unexpected error while looking for an error description" msgstr "" -#: src/sss_client/pam_sss.c:68 +#: src/sss_client/pam_sss.c:76 msgid "Permission denied. " msgstr "" -#: src/sss_client/pam_sss.c:69 src/sss_client/pam_sss.c:746 -#: src/sss_client/pam_sss.c:757 +#: src/sss_client/pam_sss.c:77 src/sss_client/pam_sss.c:782 +#: src/sss_client/pam_sss.c:793 msgid "Server message: " msgstr "" -#: src/sss_client/pam_sss.c:264 +#: src/sss_client/pam_sss.c:300 msgid "Passwords do not match" msgstr "" -#: src/sss_client/pam_sss.c:452 +#: src/sss_client/pam_sss.c:488 msgid "Password reset by root is not supported." msgstr "" -#: src/sss_client/pam_sss.c:493 +#: src/sss_client/pam_sss.c:529 msgid "Authenticated with cached credentials" msgstr "" -#: src/sss_client/pam_sss.c:494 +#: src/sss_client/pam_sss.c:530 msgid ", your cached password will expire at: " msgstr "" -#: src/sss_client/pam_sss.c:524 +#: src/sss_client/pam_sss.c:560 #, c-format msgid "Your password has expired. You have %1$d grace login(s) remaining." msgstr "" -#: src/sss_client/pam_sss.c:570 +#: src/sss_client/pam_sss.c:606 #, c-format msgid "Your password will expire in %1$d %2$s." msgstr "" -#: src/sss_client/pam_sss.c:619 +#: src/sss_client/pam_sss.c:655 msgid "Authentication is denied until: " msgstr "" -#: src/sss_client/pam_sss.c:640 +#: src/sss_client/pam_sss.c:676 msgid "System is offline, password change not possible" msgstr "" -#: src/sss_client/pam_sss.c:655 +#: src/sss_client/pam_sss.c:691 msgid "" "After changing the OTP password, you need to log out and back in order to " "acquire a ticket" msgstr "" -#: src/sss_client/pam_sss.c:743 src/sss_client/pam_sss.c:756 +#: src/sss_client/pam_sss.c:779 src/sss_client/pam_sss.c:792 msgid "Password change failed. " msgstr "" -#: src/sss_client/pam_sss.c:1670 +#: src/sss_client/pam_sss.c:1926 msgid "New Password: " msgstr "" -#: src/sss_client/pam_sss.c:1671 +#: src/sss_client/pam_sss.c:1927 msgid "Reenter new Password: " msgstr "" -#: src/sss_client/pam_sss.c:1783 src/sss_client/pam_sss.c:1786 +#: src/sss_client/pam_sss.c:2039 src/sss_client/pam_sss.c:2042 msgid "First Factor: " msgstr "" -#: src/sss_client/pam_sss.c:1784 +#: src/sss_client/pam_sss.c:2040 src/sss_client/pam_sss.c:2202 msgid "Second Factor (optional): " msgstr "" -#: src/sss_client/pam_sss.c:1787 +#: src/sss_client/pam_sss.c:2043 src/sss_client/pam_sss.c:2205 msgid "Second Factor: " msgstr "" -#: src/sss_client/pam_sss.c:1792 +#: src/sss_client/pam_sss.c:2058 msgid "Password: " msgstr "" -#: src/sss_client/pam_sss.c:1832 +#: src/sss_client/pam_sss.c:2201 src/sss_client/pam_sss.c:2204 +msgid "First Factor (Current Password): " +msgstr "" + +#: src/sss_client/pam_sss.c:2208 msgid "Current Password: " msgstr "" -#: src/sss_client/pam_sss.c:2098 +#: src/sss_client/pam_sss.c:2536 msgid "Password expired. Change your password now." msgstr "" @@ -2278,38 +2290,38 @@ msgstr "" msgid "Cached in InfoPipe" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:511 +#: src/tools/sssctl/sssctl_cache.c:512 #, c-format msgid "Error: Unable to get object [%d]: %s\n" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:527 +#: src/tools/sssctl/sssctl_cache.c:528 #, c-format msgid "%s: Unable to read value [%d]: %s\n" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:555 +#: src/tools/sssctl/sssctl_cache.c:556 msgid "Specify name." msgstr "" -#: src/tools/sssctl/sssctl_cache.c:565 +#: src/tools/sssctl/sssctl_cache.c:566 #, c-format msgid "Unable to parse name %s.\n" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:591 src/tools/sssctl/sssctl_cache.c:638 +#: src/tools/sssctl/sssctl_cache.c:592 src/tools/sssctl/sssctl_cache.c:639 msgid "Search by SID" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:592 +#: src/tools/sssctl/sssctl_cache.c:593 msgid "Search by user ID" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:601 +#: src/tools/sssctl/sssctl_cache.c:602 msgid "Initgroups expiration time" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:639 +#: src/tools/sssctl/sssctl_cache.c:640 msgid "Search by group ID" msgstr "" @@ -2347,7 +2359,7 @@ msgid "Unable to create backup directory [%d]: %s" msgstr "" #: src/tools/sssctl/sssctl_data.c:95 -msgid "SSSD backup of local data already exist, override?" +msgid "SSSD backup of local data already exists, override?" msgstr "" #: src/tools/sssctl/sssctl_data.c:111 diff --git a/po/sv.po b/po/sv.po index 24e4a514e93..04ba951a12a 100644 --- a/po/sv.po +++ b/po/sv.po @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2017-10-20 16:16+0200\n" +"POT-Creation-Date: 2018-03-09 12:31+0100\n" "PO-Revision-Date: 2014-12-14 11:48-0500\n" "Last-Translator: Copied by Zanata \n" "Language-Team: Swedish (http://www.transifex.com/projects/p/sssd/language/" @@ -508,12 +508,12 @@ msgid "Whether to automatically update the client's DNS entry" msgstr "Huruvida klienternas DNS-poster uppdateras automatiskt" #: src/config/SSSDConfig/__init__.py.in:184 -#: src/config/SSSDConfig/__init__.py.in:205 +#: src/config/SSSDConfig/__init__.py.in:206 msgid "The TTL to apply to the client's DNS entry after updating it" msgstr "TTL:en att använda för klientens DNS-post efter att ha uppdaterat den" #: src/config/SSSDConfig/__init__.py.in:185 -#: src/config/SSSDConfig/__init__.py.in:206 +#: src/config/SSSDConfig/__init__.py.in:207 msgid "The interface whose IP should be used for dynamic DNS updates" msgstr "Gränssnittet var IP skall användas för dynamiska DNS-uppdateringar" @@ -559,97 +559,102 @@ msgstr "" msgid "How long can cached credentials be used for cached authentication" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:200 +#: src/config/SSSDConfig/__init__.py.in:198 +#, fuzzy +msgid "Whether to automatically create private groups for users" +msgstr "Huruvida klienternas DNS-poster uppdateras automatiskt" + +#: src/config/SSSDConfig/__init__.py.in:201 msgid "IPA domain" msgstr "IPA-domän" -#: src/config/SSSDConfig/__init__.py.in:201 +#: src/config/SSSDConfig/__init__.py.in:202 msgid "IPA server address" msgstr "IPA-serveradress" -#: src/config/SSSDConfig/__init__.py.in:202 +#: src/config/SSSDConfig/__init__.py.in:203 msgid "Address of backup IPA server" msgstr "Adress till reserv-IPA-server" -#: src/config/SSSDConfig/__init__.py.in:203 +#: src/config/SSSDConfig/__init__.py.in:204 msgid "IPA client hostname" msgstr "IPA-klienvärdnamn" -#: src/config/SSSDConfig/__init__.py.in:204 +#: src/config/SSSDConfig/__init__.py.in:205 msgid "Whether to automatically update the client's DNS entry in FreeIPA" msgstr "Om klientens DNS-post i FreeIPA automatiskt skall uppdateras" -#: src/config/SSSDConfig/__init__.py.in:207 +#: src/config/SSSDConfig/__init__.py.in:208 msgid "Search base for HBAC related objects" msgstr "Sökbas för HBAC-relaterade objekt" -#: src/config/SSSDConfig/__init__.py.in:208 +#: src/config/SSSDConfig/__init__.py.in:209 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server" msgstr "Tidsåtgången mellan uppslagningar av HBAC-reglerna mot IPA-servern" -#: src/config/SSSDConfig/__init__.py.in:209 +#: src/config/SSSDConfig/__init__.py.in:210 msgid "" "The amount of time in seconds between lookups of the SELinux maps against " "the IPA server" msgstr "" "Tiden i sekunder mellan uppslagningar av SELinux-mappningar mot IPA-servern" -#: src/config/SSSDConfig/__init__.py.in:210 +#: src/config/SSSDConfig/__init__.py.in:211 msgid "If set to false, host argument given by PAM will be ignored" msgstr "Om satt till falskt kommer värdargument givna av PAM ignoreras" -#: src/config/SSSDConfig/__init__.py.in:211 +#: src/config/SSSDConfig/__init__.py.in:212 msgid "The automounter location this IPA client is using" msgstr "Platsen för automatmonteraren denna IPA-klient använder" -#: src/config/SSSDConfig/__init__.py.in:212 +#: src/config/SSSDConfig/__init__.py.in:213 msgid "Search base for object containing info about IPA domain" msgstr "Sökbas för objekt som innehåller information om IPA-domänen" -#: src/config/SSSDConfig/__init__.py.in:213 +#: src/config/SSSDConfig/__init__.py.in:214 msgid "Search base for objects containing info about ID ranges" msgstr "Sökbas för objekt som innehåller information om ID-intervall" -#: src/config/SSSDConfig/__init__.py.in:214 -#: src/config/SSSDConfig/__init__.py.in:232 +#: src/config/SSSDConfig/__init__.py.in:215 +#: src/config/SSSDConfig/__init__.py.in:233 msgid "Enable DNS sites - location based service discovery" msgstr "Aktivera DNS-sajter - platsbaserad detektering av tjänster" -#: src/config/SSSDConfig/__init__.py.in:215 +#: src/config/SSSDConfig/__init__.py.in:216 msgid "Search base for view containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:216 +#: src/config/SSSDConfig/__init__.py.in:217 msgid "Objectclass for view containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:217 +#: src/config/SSSDConfig/__init__.py.in:218 msgid "Attribute with the name of the view" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:218 +#: src/config/SSSDConfig/__init__.py.in:219 msgid "Objectclass for override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:219 +#: src/config/SSSDConfig/__init__.py.in:220 msgid "Attribute with the reference to the original object" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:220 +#: src/config/SSSDConfig/__init__.py.in:221 msgid "Objectclass for user override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:221 +#: src/config/SSSDConfig/__init__.py.in:222 msgid "Objectclass for group override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:222 +#: src/config/SSSDConfig/__init__.py.in:223 #, fuzzy msgid "Search base for Desktop Profile related objects" msgstr "Sökbas för HBAC-relaterade objekt" -#: src/config/SSSDConfig/__init__.py.in:223 +#: src/config/SSSDConfig/__init__.py.in:224 #, fuzzy msgid "" "The amount of time in seconds between lookups of the Desktop Profile rules " @@ -657,305 +662,305 @@ msgid "" msgstr "" "Tiden i sekunder mellan uppslagningar av SELinux-mappningar mot IPA-servern" -#: src/config/SSSDConfig/__init__.py.in:224 +#: src/config/SSSDConfig/__init__.py.in:225 #, fuzzy msgid "" "The amount of time in minutes between lookups of Desktop Profiles rules " "against the IPA server when the last request did not find any rule" msgstr "Tidsåtgången mellan uppslagningar av HBAC-reglerna mot IPA-servern" -#: src/config/SSSDConfig/__init__.py.in:227 +#: src/config/SSSDConfig/__init__.py.in:228 msgid "Active Directory domain" msgstr "Active Directory-domän" -#: src/config/SSSDConfig/__init__.py.in:228 +#: src/config/SSSDConfig/__init__.py.in:229 msgid "Enabled Active Directory domains" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:229 +#: src/config/SSSDConfig/__init__.py.in:230 msgid "Active Directory server address" msgstr "Adress till Active Directory-server" -#: src/config/SSSDConfig/__init__.py.in:230 +#: src/config/SSSDConfig/__init__.py.in:231 msgid "Active Directory backup server address" msgstr "Adress till Active Directory-reservserver" -#: src/config/SSSDConfig/__init__.py.in:231 +#: src/config/SSSDConfig/__init__.py.in:232 msgid "Active Directory client hostname" msgstr "Active Directory-klienvärdnamn" -#: src/config/SSSDConfig/__init__.py.in:233 -#: src/config/SSSDConfig/__init__.py.in:419 +#: src/config/SSSDConfig/__init__.py.in:234 +#: src/config/SSSDConfig/__init__.py.in:420 msgid "LDAP filter to determine access privileges" msgstr "LDAP-filter för att bestämma åtkomstprivilegier" -#: src/config/SSSDConfig/__init__.py.in:234 +#: src/config/SSSDConfig/__init__.py.in:235 msgid "Whether to use the Global Catalog for lookups" msgstr "Huruvida den globala katalogen skall användas för uppslagningar" -#: src/config/SSSDConfig/__init__.py.in:235 +#: src/config/SSSDConfig/__init__.py.in:236 msgid "Operation mode for GPO-based access control" msgstr "Arbetsläge för GPO-baserad åtkomstkontrol" -#: src/config/SSSDConfig/__init__.py.in:236 +#: src/config/SSSDConfig/__init__.py.in:237 msgid "" "The amount of time between lookups of the GPO policy files against the AD " "server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:237 +#: src/config/SSSDConfig/__init__.py.in:238 msgid "" "PAM service names that map to the GPO (Deny)InteractiveLogonRight policy " "settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:238 +#: src/config/SSSDConfig/__init__.py.in:239 msgid "" "PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight " "policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:239 +#: src/config/SSSDConfig/__init__.py.in:240 msgid "" "PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:240 +#: src/config/SSSDConfig/__init__.py.in:241 msgid "" "PAM service names that map to the GPO (Deny)BatchLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:241 +#: src/config/SSSDConfig/__init__.py.in:242 msgid "" "PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:242 +#: src/config/SSSDConfig/__init__.py.in:243 msgid "PAM service names for which GPO-based access is always granted" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:243 +#: src/config/SSSDConfig/__init__.py.in:244 msgid "PAM service names for which GPO-based access is always denied" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:244 +#: src/config/SSSDConfig/__init__.py.in:245 msgid "" "Default logon right (or permit/deny) to use for unmapped PAM service names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:245 +#: src/config/SSSDConfig/__init__.py.in:246 msgid "a particular site to be used by the client" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:246 +#: src/config/SSSDConfig/__init__.py.in:247 msgid "" "Maximum age in days before the machine account password should be renewed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:247 +#: src/config/SSSDConfig/__init__.py.in:248 msgid "Option for tuning the machine account renewal task" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:250 #: src/config/SSSDConfig/__init__.py.in:251 +#: src/config/SSSDConfig/__init__.py.in:252 msgid "Kerberos server address" msgstr "Adress till server för Kerberos" -#: src/config/SSSDConfig/__init__.py.in:252 +#: src/config/SSSDConfig/__init__.py.in:253 msgid "Kerberos backup server address" msgstr "Adress till reservserver för Kerberos" -#: src/config/SSSDConfig/__init__.py.in:253 +#: src/config/SSSDConfig/__init__.py.in:254 msgid "Kerberos realm" msgstr "Kerberosrike" -#: src/config/SSSDConfig/__init__.py.in:254 +#: src/config/SSSDConfig/__init__.py.in:255 msgid "Authentication timeout" msgstr "Autentiseringstidsgräns" -#: src/config/SSSDConfig/__init__.py.in:255 +#: src/config/SSSDConfig/__init__.py.in:256 msgid "Whether to create kdcinfo files" msgstr "Huruvida kdcinfo-filer skall skapas" -#: src/config/SSSDConfig/__init__.py.in:256 +#: src/config/SSSDConfig/__init__.py.in:257 msgid "Where to drop krb5 config snippets" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:259 +#: src/config/SSSDConfig/__init__.py.in:260 msgid "Directory to store credential caches" msgstr "Katalog att lagra kreditiv-cachar i" -#: src/config/SSSDConfig/__init__.py.in:260 +#: src/config/SSSDConfig/__init__.py.in:261 msgid "Location of the user's credential cache" msgstr "Plats för användarens kreditiv-cache" -#: src/config/SSSDConfig/__init__.py.in:261 +#: src/config/SSSDConfig/__init__.py.in:262 msgid "Location of the keytab to validate credentials" msgstr "Plats för nyckeltabellen för att validera kreditiv" -#: src/config/SSSDConfig/__init__.py.in:262 +#: src/config/SSSDConfig/__init__.py.in:263 msgid "Enable credential validation" msgstr "Aktivera validering av kreditiv" -#: src/config/SSSDConfig/__init__.py.in:263 +#: src/config/SSSDConfig/__init__.py.in:264 msgid "Store password if offline for later online authentication" msgstr "Lagra lösenord när ej ansluten för ansluten autentisering senare" -#: src/config/SSSDConfig/__init__.py.in:264 +#: src/config/SSSDConfig/__init__.py.in:265 msgid "Renewable lifetime of the TGT" msgstr "Förnybar livstid för TGT:n" -#: src/config/SSSDConfig/__init__.py.in:265 +#: src/config/SSSDConfig/__init__.py.in:266 msgid "Lifetime of the TGT" msgstr "Livstid för TGT:n" -#: src/config/SSSDConfig/__init__.py.in:266 +#: src/config/SSSDConfig/__init__.py.in:267 msgid "Time between two checks for renewal" msgstr "Tid mellan två kontroller av förnyelse" -#: src/config/SSSDConfig/__init__.py.in:267 +#: src/config/SSSDConfig/__init__.py.in:268 msgid "Enables FAST" msgstr "Aktiverar FAST" -#: src/config/SSSDConfig/__init__.py.in:268 +#: src/config/SSSDConfig/__init__.py.in:269 msgid "Selects the principal to use for FAST" msgstr "Väljer huvudman att använda för FAST" -#: src/config/SSSDConfig/__init__.py.in:269 +#: src/config/SSSDConfig/__init__.py.in:270 msgid "Enables principal canonicalization" msgstr "Aktivera kanonsisk form av huvudman" -#: src/config/SSSDConfig/__init__.py.in:270 +#: src/config/SSSDConfig/__init__.py.in:271 msgid "Enables enterprise principals" msgstr "Aktiverar företagshuvudmän" -#: src/config/SSSDConfig/__init__.py.in:271 -msgid "A mapping from user names to kerberos principal names" +#: src/config/SSSDConfig/__init__.py.in:272 +msgid "A mapping from user names to Kerberos principal names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:274 #: src/config/SSSDConfig/__init__.py.in:275 +#: src/config/SSSDConfig/__init__.py.in:276 msgid "Server where the change password service is running if not on the KDC" msgstr "Server där ändringstjänsten för lösenord kör om inte på KDC:n" -#: src/config/SSSDConfig/__init__.py.in:278 +#: src/config/SSSDConfig/__init__.py.in:279 msgid "ldap_uri, The URI of the LDAP server" msgstr "ldap_uri, URI:n för LDAP-servern" -#: src/config/SSSDConfig/__init__.py.in:279 +#: src/config/SSSDConfig/__init__.py.in:280 msgid "ldap_backup_uri, The URI of the LDAP server" msgstr "ldap_backup_uri, URI:n för LDAP-servern" -#: src/config/SSSDConfig/__init__.py.in:280 +#: src/config/SSSDConfig/__init__.py.in:281 msgid "The default base DN" msgstr "Standard bas-DN" -#: src/config/SSSDConfig/__init__.py.in:281 +#: src/config/SSSDConfig/__init__.py.in:282 msgid "The Schema Type in use on the LDAP server, rfc2307" msgstr "Schematypen som används i LDAP-servern, rfc2307" -#: src/config/SSSDConfig/__init__.py.in:282 +#: src/config/SSSDConfig/__init__.py.in:283 msgid "The default bind DN" msgstr "Standard bindnings-DN" -#: src/config/SSSDConfig/__init__.py.in:283 +#: src/config/SSSDConfig/__init__.py.in:284 msgid "The type of the authentication token of the default bind DN" msgstr "Typen på autenticerings-token för standard bindnings-DN" -#: src/config/SSSDConfig/__init__.py.in:284 +#: src/config/SSSDConfig/__init__.py.in:285 msgid "The authentication token of the default bind DN" msgstr "Autenticerings-token för standard bindnings-DN" -#: src/config/SSSDConfig/__init__.py.in:285 +#: src/config/SSSDConfig/__init__.py.in:286 msgid "Length of time to attempt connection" msgstr "Tidslängd att försöka ansluta" -#: src/config/SSSDConfig/__init__.py.in:286 +#: src/config/SSSDConfig/__init__.py.in:287 msgid "Length of time to attempt synchronous LDAP operations" msgstr "Tidslängd att försök synkrona LDAP-operationer" -#: src/config/SSSDConfig/__init__.py.in:287 +#: src/config/SSSDConfig/__init__.py.in:288 msgid "Length of time between attempts to reconnect while offline" msgstr "Tidslängd mellan försök att återansluta vid frånkoppling" -#: src/config/SSSDConfig/__init__.py.in:288 +#: src/config/SSSDConfig/__init__.py.in:289 msgid "Use only the upper case for realm names" msgstr "Använd endast versaler för namn på riken" -#: src/config/SSSDConfig/__init__.py.in:289 +#: src/config/SSSDConfig/__init__.py.in:290 msgid "File that contains CA certificates" msgstr "Fil som innehåller CA-certifikat" -#: src/config/SSSDConfig/__init__.py.in:290 +#: src/config/SSSDConfig/__init__.py.in:291 msgid "Path to CA certificate directory" msgstr "Sökväg till katalogen med CA-certifikat" -#: src/config/SSSDConfig/__init__.py.in:291 +#: src/config/SSSDConfig/__init__.py.in:292 msgid "File that contains the client certificate" msgstr "Fil som innehåller klientcertifikatet" -#: src/config/SSSDConfig/__init__.py.in:292 +#: src/config/SSSDConfig/__init__.py.in:293 msgid "File that contains the client key" msgstr "Fil som innehåller klientnyckeln" -#: src/config/SSSDConfig/__init__.py.in:293 +#: src/config/SSSDConfig/__init__.py.in:294 msgid "List of possible ciphers suites" msgstr "Lista över möjliga chiffersviter" -#: src/config/SSSDConfig/__init__.py.in:294 +#: src/config/SSSDConfig/__init__.py.in:295 msgid "Require TLS certificate verification" msgstr "Kräv TLS-certifikatverifiering" -#: src/config/SSSDConfig/__init__.py.in:295 +#: src/config/SSSDConfig/__init__.py.in:296 msgid "Specify the sasl mechanism to use" msgstr "Ange sasl-mekanismen att använda" -#: src/config/SSSDConfig/__init__.py.in:296 +#: src/config/SSSDConfig/__init__.py.in:297 msgid "Specify the sasl authorization id to use" msgstr "Ange sasl-auktorisering-id att använda" -#: src/config/SSSDConfig/__init__.py.in:297 +#: src/config/SSSDConfig/__init__.py.in:298 msgid "Specify the sasl authorization realm to use" msgstr "Ange sasl-auktoriseringsrike att använda" -#: src/config/SSSDConfig/__init__.py.in:298 +#: src/config/SSSDConfig/__init__.py.in:299 msgid "Specify the minimal SSF for LDAP sasl authorization" msgstr "Ange minsta SSF för LDAP-sasl-auktorisering" -#: src/config/SSSDConfig/__init__.py.in:299 +#: src/config/SSSDConfig/__init__.py.in:300 msgid "Kerberos service keytab" msgstr "Kerberostjänstens nyckeltabell" -#: src/config/SSSDConfig/__init__.py.in:300 +#: src/config/SSSDConfig/__init__.py.in:301 msgid "Use Kerberos auth for LDAP connection" msgstr "Avnänd Kerberosautenticering för LDAP-anslutning" -#: src/config/SSSDConfig/__init__.py.in:301 +#: src/config/SSSDConfig/__init__.py.in:302 msgid "Follow LDAP referrals" msgstr "Följer LDAP-hänvisningar" -#: src/config/SSSDConfig/__init__.py.in:302 +#: src/config/SSSDConfig/__init__.py.in:303 msgid "Lifetime of TGT for LDAP connection" msgstr "Livslängd på TGT för LDAP-anslutning" -#: src/config/SSSDConfig/__init__.py.in:303 +#: src/config/SSSDConfig/__init__.py.in:304 msgid "How to dereference aliases" msgstr "Hur alias skall derefereras" -#: src/config/SSSDConfig/__init__.py.in:304 +#: src/config/SSSDConfig/__init__.py.in:305 msgid "Service name for DNS service lookups" msgstr "Tjänstenamn för uppslagning av DNS-tjänster" -#: src/config/SSSDConfig/__init__.py.in:305 +#: src/config/SSSDConfig/__init__.py.in:306 msgid "The number of records to retrieve in a single LDAP query" msgstr "Antalet poster som skall hämtas i en enda LDAP-fråga" -#: src/config/SSSDConfig/__init__.py.in:306 +#: src/config/SSSDConfig/__init__.py.in:307 msgid "The number of members that must be missing to trigger a full deref" msgstr "" "Antalet medlemmar som måste saknas för att orsaka en fullständig dereferering" -#: src/config/SSSDConfig/__init__.py.in:307 +#: src/config/SSSDConfig/__init__.py.in:308 msgid "" "Whether the LDAP library should perform a reverse lookup to canonicalize the " "host name during a SASL bind" @@ -963,386 +968,387 @@ msgstr "" "Huruvida LDAP-biblioteket skall utföra en omvänd uppslagning för att ta fram " "värdnamnets kanoniska form under en SASL-bindning" -#: src/config/SSSDConfig/__init__.py.in:309 +#: src/config/SSSDConfig/__init__.py.in:310 msgid "entryUSN attribute" msgstr "entryUSN-attribut" -#: src/config/SSSDConfig/__init__.py.in:310 +#: src/config/SSSDConfig/__init__.py.in:311 msgid "lastUSN attribute" msgstr "lastUSN-attribut" -#: src/config/SSSDConfig/__init__.py.in:312 +#: src/config/SSSDConfig/__init__.py.in:313 msgid "How long to retain a connection to the LDAP server before disconnecting" msgstr "" "Hur länge en anslutning till LDAP-servern skall behållas före den kopplas ner" -#: src/config/SSSDConfig/__init__.py.in:314 +#: src/config/SSSDConfig/__init__.py.in:315 msgid "Disable the LDAP paging control" msgstr "Avaktivera flödesstyrningen (paging) av LDAP" -#: src/config/SSSDConfig/__init__.py.in:315 +#: src/config/SSSDConfig/__init__.py.in:316 msgid "Disable Active Directory range retrieval" msgstr "Avaktivera Active Directorys intervallhämtande" -#: src/config/SSSDConfig/__init__.py.in:318 +#: src/config/SSSDConfig/__init__.py.in:319 msgid "Length of time to wait for a search request" msgstr "Tidslängd att vänta på en sökbegäran" -#: src/config/SSSDConfig/__init__.py.in:319 +#: src/config/SSSDConfig/__init__.py.in:320 msgid "Length of time to wait for a enumeration request" msgstr "Tidslängd att vänta på en uppräkningsbegäran" -#: src/config/SSSDConfig/__init__.py.in:320 +#: src/config/SSSDConfig/__init__.py.in:321 msgid "Length of time between enumeration updates" msgstr "Tidslängd mellan uppräkningsuppdateringar" -#: src/config/SSSDConfig/__init__.py.in:321 +#: src/config/SSSDConfig/__init__.py.in:322 msgid "Length of time between cache cleanups" msgstr "Tidslängd mellan cache-tömningar" -#: src/config/SSSDConfig/__init__.py.in:322 +#: src/config/SSSDConfig/__init__.py.in:323 msgid "Require TLS for ID lookups" msgstr "Kräv TLS för ID-uppslagningar" -#: src/config/SSSDConfig/__init__.py.in:323 +#: src/config/SSSDConfig/__init__.py.in:324 msgid "Use ID-mapping of objectSID instead of pre-set IDs" msgstr "Använd ID-översättning av objectSID istället för pre-set ID:n" -#: src/config/SSSDConfig/__init__.py.in:324 +#: src/config/SSSDConfig/__init__.py.in:325 msgid "Base DN for user lookups" msgstr "Bas-DN för användaruppslagningar" -#: src/config/SSSDConfig/__init__.py.in:325 +#: src/config/SSSDConfig/__init__.py.in:326 msgid "Scope of user lookups" msgstr "Omfång av användaruppslagningar" -#: src/config/SSSDConfig/__init__.py.in:326 +#: src/config/SSSDConfig/__init__.py.in:327 msgid "Filter for user lookups" msgstr "Filter för användaruppslagningar" -#: src/config/SSSDConfig/__init__.py.in:327 +#: src/config/SSSDConfig/__init__.py.in:328 msgid "Objectclass for users" msgstr "Objektklass för användare" -#: src/config/SSSDConfig/__init__.py.in:328 +#: src/config/SSSDConfig/__init__.py.in:329 msgid "Username attribute" msgstr "Användarnamnsattribut" -#: src/config/SSSDConfig/__init__.py.in:330 +#: src/config/SSSDConfig/__init__.py.in:331 msgid "UID attribute" msgstr "UID-attribut" -#: src/config/SSSDConfig/__init__.py.in:331 +#: src/config/SSSDConfig/__init__.py.in:332 msgid "Primary GID attribute" msgstr "Primärt GID-attribut" -#: src/config/SSSDConfig/__init__.py.in:332 +#: src/config/SSSDConfig/__init__.py.in:333 msgid "GECOS attribute" msgstr "GECOS-attribut" -#: src/config/SSSDConfig/__init__.py.in:333 +#: src/config/SSSDConfig/__init__.py.in:334 msgid "Home directory attribute" msgstr "Hemkatalogattribut" -#: src/config/SSSDConfig/__init__.py.in:334 +#: src/config/SSSDConfig/__init__.py.in:335 msgid "Shell attribute" msgstr "Skalattribut" -#: src/config/SSSDConfig/__init__.py.in:335 +#: src/config/SSSDConfig/__init__.py.in:336 msgid "UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:336 -#: src/config/SSSDConfig/__init__.py.in:378 +#: src/config/SSSDConfig/__init__.py.in:337 +#: src/config/SSSDConfig/__init__.py.in:379 msgid "objectSID attribute" msgstr "objectSID-attribut" -#: src/config/SSSDConfig/__init__.py.in:337 +#: src/config/SSSDConfig/__init__.py.in:338 msgid "Active Directory primary group attribute for ID-mapping" msgstr "Primärt gruppattribut i Active Directory för ID-mappning" -#: src/config/SSSDConfig/__init__.py.in:338 +#: src/config/SSSDConfig/__init__.py.in:339 msgid "User principal attribute (for Kerberos)" msgstr "Användarens huvudmansattribut (för Kerberos)" -#: src/config/SSSDConfig/__init__.py.in:339 +#: src/config/SSSDConfig/__init__.py.in:340 msgid "Full Name" msgstr "Fullständigt namn" -#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:341 msgid "memberOf attribute" msgstr "medlemAv-attribut" -#: src/config/SSSDConfig/__init__.py.in:341 +#: src/config/SSSDConfig/__init__.py.in:342 msgid "Modification time attribute" msgstr "Modifieringstidsattribut" -#: src/config/SSSDConfig/__init__.py.in:343 +#: src/config/SSSDConfig/__init__.py.in:344 msgid "shadowLastChange attribute" msgstr "attributet shadowLastChange" -#: src/config/SSSDConfig/__init__.py.in:344 +#: src/config/SSSDConfig/__init__.py.in:345 msgid "shadowMin attribute" msgstr "shadowMin-attribut" -#: src/config/SSSDConfig/__init__.py.in:345 +#: src/config/SSSDConfig/__init__.py.in:346 msgid "shadowMax attribute" msgstr "shadowMax-attribut" -#: src/config/SSSDConfig/__init__.py.in:346 +#: src/config/SSSDConfig/__init__.py.in:347 msgid "shadowWarning attribute" msgstr "shadowWarning-attribut" -#: src/config/SSSDConfig/__init__.py.in:347 +#: src/config/SSSDConfig/__init__.py.in:348 msgid "shadowInactive attribute" msgstr "shadowInactive-attribut" -#: src/config/SSSDConfig/__init__.py.in:348 +#: src/config/SSSDConfig/__init__.py.in:349 msgid "shadowExpire attribute" msgstr "shadowExpire-attribut" -#: src/config/SSSDConfig/__init__.py.in:349 +#: src/config/SSSDConfig/__init__.py.in:350 msgid "shadowFlag attribute" msgstr "shadowFlag-attribut" -#: src/config/SSSDConfig/__init__.py.in:350 +#: src/config/SSSDConfig/__init__.py.in:351 msgid "Attribute listing authorized PAM services" msgstr "Attribut för listning av auktoriserade PAM-tjänster" -#: src/config/SSSDConfig/__init__.py.in:351 +#: src/config/SSSDConfig/__init__.py.in:352 msgid "Attribute listing authorized server hosts" msgstr "Attribut för listning av auktoriserade servervärdar" -#: src/config/SSSDConfig/__init__.py.in:352 +#: src/config/SSSDConfig/__init__.py.in:353 #, fuzzy msgid "Attribute listing authorized server rhosts" msgstr "Attribut för listning av auktoriserade servervärdar" -#: src/config/SSSDConfig/__init__.py.in:353 +#: src/config/SSSDConfig/__init__.py.in:354 msgid "krbLastPwdChange attribute" msgstr "attributet krbLastPwdChange" -#: src/config/SSSDConfig/__init__.py.in:354 +#: src/config/SSSDConfig/__init__.py.in:355 msgid "krbPasswordExpiration attribute" msgstr "krbPasswordExpiration-attribut" -#: src/config/SSSDConfig/__init__.py.in:355 +#: src/config/SSSDConfig/__init__.py.in:356 msgid "Attribute indicating that server side password policies are active" msgstr "Attribut som indikerar att serversidans lösenordspolicyer är aktiva" -#: src/config/SSSDConfig/__init__.py.in:356 +#: src/config/SSSDConfig/__init__.py.in:357 msgid "accountExpires attribute of AD" msgstr "AD:s attribut accountExpires" -#: src/config/SSSDConfig/__init__.py.in:357 +#: src/config/SSSDConfig/__init__.py.in:358 msgid "userAccountControl attribute of AD" msgstr "AD:s attribut userAccountControl" -#: src/config/SSSDConfig/__init__.py.in:358 +#: src/config/SSSDConfig/__init__.py.in:359 msgid "nsAccountLock attribute" msgstr "attributet nsAccountLock" -#: src/config/SSSDConfig/__init__.py.in:359 +#: src/config/SSSDConfig/__init__.py.in:360 msgid "loginDisabled attribute of NDS" msgstr "NDS attribut loginDisabled" -#: src/config/SSSDConfig/__init__.py.in:360 +#: src/config/SSSDConfig/__init__.py.in:361 msgid "loginExpirationTime attribute of NDS" msgstr "NDS attribut loginExpirationTime" -#: src/config/SSSDConfig/__init__.py.in:361 +#: src/config/SSSDConfig/__init__.py.in:362 msgid "loginAllowedTimeMap attribute of NDS" msgstr "NDS attribut loginAllowedTimeMap" -#: src/config/SSSDConfig/__init__.py.in:362 +#: src/config/SSSDConfig/__init__.py.in:363 msgid "SSH public key attribute" msgstr "Attribut för publik SSH-nyckel" -#: src/config/SSSDConfig/__init__.py.in:363 +#: src/config/SSSDConfig/__init__.py.in:364 msgid "attribute listing allowed authentication types for a user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:364 +#: src/config/SSSDConfig/__init__.py.in:365 msgid "attribute containing the X509 certificate of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:365 +#: src/config/SSSDConfig/__init__.py.in:366 msgid "attribute containing the email address of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:367 +#: src/config/SSSDConfig/__init__.py.in:368 msgid "A list of extra attributes to download along with the user entry" msgstr "En lista över extra attribut att hämta tillsammans med användarposten" -#: src/config/SSSDConfig/__init__.py.in:369 +#: src/config/SSSDConfig/__init__.py.in:370 msgid "Base DN for group lookups" msgstr "Bas-DN för gruppuppslagningar" -#: src/config/SSSDConfig/__init__.py.in:372 +#: src/config/SSSDConfig/__init__.py.in:373 msgid "Objectclass for groups" msgstr "Objektklass för grupper" -#: src/config/SSSDConfig/__init__.py.in:373 +#: src/config/SSSDConfig/__init__.py.in:374 msgid "Group name" msgstr "Gruppnamn" -#: src/config/SSSDConfig/__init__.py.in:374 +#: src/config/SSSDConfig/__init__.py.in:375 msgid "Group password" msgstr "Grupplösenord" -#: src/config/SSSDConfig/__init__.py.in:375 +#: src/config/SSSDConfig/__init__.py.in:376 msgid "GID attribute" msgstr "GID-attribut" -#: src/config/SSSDConfig/__init__.py.in:376 +#: src/config/SSSDConfig/__init__.py.in:377 msgid "Group member attribute" msgstr "Gruppmedlemsattribut" -#: src/config/SSSDConfig/__init__.py.in:377 +#: src/config/SSSDConfig/__init__.py.in:378 msgid "Group UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:379 +#: src/config/SSSDConfig/__init__.py.in:380 msgid "Modification time attribute for groups" msgstr "Modifieringstidsattribut för grupper" -#: src/config/SSSDConfig/__init__.py.in:380 +#: src/config/SSSDConfig/__init__.py.in:381 msgid "Type of the group and other flags" msgstr "Typen av grupp och andra flaggor" -#: src/config/SSSDConfig/__init__.py.in:381 +#: src/config/SSSDConfig/__init__.py.in:382 msgid "The LDAP group external member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:383 -msgid "Maximum nesting level SSSd will follow" +#: src/config/SSSDConfig/__init__.py.in:384 +#, fuzzy +msgid "Maximum nesting level SSSD will follow" msgstr "Maximal nästningsnivå SSSd kommer följa" -#: src/config/SSSDConfig/__init__.py.in:385 +#: src/config/SSSDConfig/__init__.py.in:386 msgid "Base DN for netgroup lookups" msgstr "Bas-DN för nätgruppuppslagningar" -#: src/config/SSSDConfig/__init__.py.in:386 +#: src/config/SSSDConfig/__init__.py.in:387 msgid "Objectclass for netgroups" msgstr "Objektklass för nätgrupper" -#: src/config/SSSDConfig/__init__.py.in:387 +#: src/config/SSSDConfig/__init__.py.in:388 msgid "Netgroup name" msgstr "Nätgruppnamn" -#: src/config/SSSDConfig/__init__.py.in:388 +#: src/config/SSSDConfig/__init__.py.in:389 msgid "Netgroups members attribute" msgstr "Attribut på nätgruppmedlemmar" -#: src/config/SSSDConfig/__init__.py.in:389 +#: src/config/SSSDConfig/__init__.py.in:390 msgid "Netgroup triple attribute" msgstr "Attribut på nätgruppstripplar" -#: src/config/SSSDConfig/__init__.py.in:390 +#: src/config/SSSDConfig/__init__.py.in:391 msgid "Modification time attribute for netgroups" msgstr "Modifieringstidsattribut för nätgrupper" -#: src/config/SSSDConfig/__init__.py.in:392 +#: src/config/SSSDConfig/__init__.py.in:393 msgid "Base DN for service lookups" msgstr "Bas-DN för tjänsteuppslagningar" -#: src/config/SSSDConfig/__init__.py.in:393 +#: src/config/SSSDConfig/__init__.py.in:394 msgid "Objectclass for services" msgstr "Objektklass för tjänster" -#: src/config/SSSDConfig/__init__.py.in:394 +#: src/config/SSSDConfig/__init__.py.in:395 msgid "Service name attribute" msgstr "Tjänstenamnsattribut" -#: src/config/SSSDConfig/__init__.py.in:395 +#: src/config/SSSDConfig/__init__.py.in:396 msgid "Service port attribute" msgstr "Tjänsteportsattribut" -#: src/config/SSSDConfig/__init__.py.in:396 +#: src/config/SSSDConfig/__init__.py.in:397 msgid "Service protocol attribute" msgstr "Tjänsteprotokollsattribut" -#: src/config/SSSDConfig/__init__.py.in:399 +#: src/config/SSSDConfig/__init__.py.in:400 msgid "Lower bound for ID-mapping" msgstr "Undre gräns för ID-mappning" -#: src/config/SSSDConfig/__init__.py.in:400 +#: src/config/SSSDConfig/__init__.py.in:401 msgid "Upper bound for ID-mapping" msgstr "Övre gräns för ID-mappning" -#: src/config/SSSDConfig/__init__.py.in:401 +#: src/config/SSSDConfig/__init__.py.in:402 msgid "Number of IDs for each slice when ID-mapping" msgstr "Antal ID:n till varje skiva vid ID-mappning" -#: src/config/SSSDConfig/__init__.py.in:402 +#: src/config/SSSDConfig/__init__.py.in:403 msgid "Use autorid-compatible algorithm for ID-mapping" msgstr "Använd en autorid-kompatibel algoritm för ID-mappning" -#: src/config/SSSDConfig/__init__.py.in:403 +#: src/config/SSSDConfig/__init__.py.in:404 msgid "Name of the default domain for ID-mapping" msgstr "Standarddomänens namn för ID-mappning" -#: src/config/SSSDConfig/__init__.py.in:404 +#: src/config/SSSDConfig/__init__.py.in:405 msgid "SID of the default domain for ID-mapping" msgstr "Standarddomänens SID för ID-mappning" -#: src/config/SSSDConfig/__init__.py.in:405 +#: src/config/SSSDConfig/__init__.py.in:406 msgid "Number of secondary slices" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:407 +#: src/config/SSSDConfig/__init__.py.in:408 msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups" msgstr "Använd LDAP_MATCHING_RULE_IN_CHAIN för gruppuppslagningar" -#: src/config/SSSDConfig/__init__.py.in:408 +#: src/config/SSSDConfig/__init__.py.in:409 msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups" msgstr "Använd LDAP_MATCHING_RULE_IN_CHAIN för init-gruppuppslagningar" -#: src/config/SSSDConfig/__init__.py.in:409 +#: src/config/SSSDConfig/__init__.py.in:410 msgid "Whether to use Token-Groups" msgstr "Huruvida Token-Groups skall användas" -#: src/config/SSSDConfig/__init__.py.in:410 +#: src/config/SSSDConfig/__init__.py.in:411 msgid "Set lower boundary for allowed IDs from the LDAP server" msgstr "Sätt undre gräns för tillåtna ID:n från LDAP-servern" -#: src/config/SSSDConfig/__init__.py.in:411 +#: src/config/SSSDConfig/__init__.py.in:412 msgid "Set upper boundary for allowed IDs from the LDAP server" msgstr "Sätt övre gräns för tillåtna ID:n från LDAP-servern" -#: src/config/SSSDConfig/__init__.py.in:412 +#: src/config/SSSDConfig/__init__.py.in:413 msgid "DN for ppolicy queries" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:413 +#: src/config/SSSDConfig/__init__.py.in:414 msgid "How many maximum entries to fetch during a wildcard request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:416 +#: src/config/SSSDConfig/__init__.py.in:417 msgid "Policy to evaluate the password expiration" msgstr "Policy för att utvärdera utgång av lösenord" -#: src/config/SSSDConfig/__init__.py.in:420 +#: src/config/SSSDConfig/__init__.py.in:421 msgid "Which attributes shall be used to evaluate if an account is expired" msgstr "Vilka attribut skall användas för att avgöra om ett konto gått ut" -#: src/config/SSSDConfig/__init__.py.in:421 +#: src/config/SSSDConfig/__init__.py.in:422 msgid "Which rules should be used to evaluate access control" msgstr "Vilka regler skall användas för att avgöra åtkomstkontroll" -#: src/config/SSSDConfig/__init__.py.in:424 +#: src/config/SSSDConfig/__init__.py.in:425 msgid "URI of an LDAP server where password changes are allowed" msgstr "URI till en LDAP-server där lösenordsändringar är tillåtna" -#: src/config/SSSDConfig/__init__.py.in:425 +#: src/config/SSSDConfig/__init__.py.in:426 msgid "URI of a backup LDAP server where password changes are allowed" msgstr "URI till en reserv-LDAP-server där lösenordsändringar är tillåtna" -#: src/config/SSSDConfig/__init__.py.in:426 +#: src/config/SSSDConfig/__init__.py.in:427 msgid "DNS service name for LDAP password change server" msgstr "DNS-tjänstenamn för LDAP-lösenordsändringsservern" -#: src/config/SSSDConfig/__init__.py.in:427 +#: src/config/SSSDConfig/__init__.py.in:428 msgid "" "Whether to update the ldap_user_shadow_last_change attribute after a " "password change" @@ -1350,24 +1356,24 @@ msgstr "" "Huruvida attributet ldap_user_shadow_last_change skall uppdateras efter en " "ändring av lösenord" -#: src/config/SSSDConfig/__init__.py.in:430 +#: src/config/SSSDConfig/__init__.py.in:431 msgid "Base DN for sudo rules lookups" msgstr "Bas-DN för regeluppslagningar" -#: src/config/SSSDConfig/__init__.py.in:431 +#: src/config/SSSDConfig/__init__.py.in:432 msgid "Automatic full refresh period" msgstr "Intervall mellan automatisk fullständig omläsning" -#: src/config/SSSDConfig/__init__.py.in:432 +#: src/config/SSSDConfig/__init__.py.in:433 msgid "Automatic smart refresh period" msgstr "Intervall mellan automatisk smart omläsning" -#: src/config/SSSDConfig/__init__.py.in:433 +#: src/config/SSSDConfig/__init__.py.in:434 msgid "Whether to filter rules by hostname, IP addresses and network" msgstr "" "Huruvida regler skall filtreras efter värdnamn, IP-adresser och nätverk" -#: src/config/SSSDConfig/__init__.py.in:434 +#: src/config/SSSDConfig/__init__.py.in:435 msgid "" "Hostnames and/or fully qualified domain names of this machine to filter sudo " "rules" @@ -1375,280 +1381,284 @@ msgstr "" "Värdnamn och/eller fullständigt kvalificerade domännamn på denna maskin för " "att filtrera sudo-regler" -#: src/config/SSSDConfig/__init__.py.in:435 +#: src/config/SSSDConfig/__init__.py.in:436 msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" msgstr "" "IPv4- eller IPv6-adresser eller -nätverk för denna maskin för att filtrera " "sudo-regler" -#: src/config/SSSDConfig/__init__.py.in:436 +#: src/config/SSSDConfig/__init__.py.in:437 msgid "Whether to include rules that contains netgroup in host attribute" msgstr "" "Huruvida regler som innehåller nätgrupper i värdattribut skall inkluderas" -#: src/config/SSSDConfig/__init__.py.in:437 +#: src/config/SSSDConfig/__init__.py.in:438 msgid "" "Whether to include rules that contains regular expression in host attribute" msgstr "" "Huruvida regler som innehåller reguljära uttryck i värdattribut skall " "inkluderas" -#: src/config/SSSDConfig/__init__.py.in:438 +#: src/config/SSSDConfig/__init__.py.in:439 msgid "Object class for sudo rules" msgstr "Objektklass för sudo-regler" -#: src/config/SSSDConfig/__init__.py.in:439 +#: src/config/SSSDConfig/__init__.py.in:440 msgid "Sudo rule name" msgstr "Sudo-regelnamn" -#: src/config/SSSDConfig/__init__.py.in:440 +#: src/config/SSSDConfig/__init__.py.in:441 msgid "Sudo rule command attribute" msgstr "Attribut för sudo-regelkommandon" -#: src/config/SSSDConfig/__init__.py.in:441 +#: src/config/SSSDConfig/__init__.py.in:442 msgid "Sudo rule host attribute" msgstr "Attribut för sudo-regelvärd" -#: src/config/SSSDConfig/__init__.py.in:442 +#: src/config/SSSDConfig/__init__.py.in:443 msgid "Sudo rule user attribute" msgstr "Attribut för sudo-regelanvändare" -#: src/config/SSSDConfig/__init__.py.in:443 +#: src/config/SSSDConfig/__init__.py.in:444 msgid "Sudo rule option attribute" msgstr "Attribut för sudo-regelflaggor" -#: src/config/SSSDConfig/__init__.py.in:444 +#: src/config/SSSDConfig/__init__.py.in:445 msgid "Sudo rule runas attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:445 +#: src/config/SSSDConfig/__init__.py.in:446 msgid "Sudo rule runasuser attribute" msgstr "Attribut för sudo-runasuser" -#: src/config/SSSDConfig/__init__.py.in:446 +#: src/config/SSSDConfig/__init__.py.in:447 msgid "Sudo rule runasgroup attribute" msgstr "Attribut på runasgroup i sudo-regel" -#: src/config/SSSDConfig/__init__.py.in:447 +#: src/config/SSSDConfig/__init__.py.in:448 msgid "Sudo rule notbefore attribute" msgstr "Attribut för sudo-notbefore-regler" -#: src/config/SSSDConfig/__init__.py.in:448 +#: src/config/SSSDConfig/__init__.py.in:449 msgid "Sudo rule notafter attribute" msgstr "Attribut för sudo-notafter-regler" -#: src/config/SSSDConfig/__init__.py.in:449 +#: src/config/SSSDConfig/__init__.py.in:450 msgid "Sudo rule order attribute" msgstr "Attribut för sudo-order-regler" -#: src/config/SSSDConfig/__init__.py.in:452 +#: src/config/SSSDConfig/__init__.py.in:453 msgid "Object class for automounter maps" msgstr "Objektklass för automatmonteraravbildningar" -#: src/config/SSSDConfig/__init__.py.in:453 +#: src/config/SSSDConfig/__init__.py.in:454 msgid "Automounter map name attribute" msgstr "Attribut för automatmonteraravbildningsnamn" -#: src/config/SSSDConfig/__init__.py.in:454 +#: src/config/SSSDConfig/__init__.py.in:455 msgid "Object class for automounter map entries" msgstr "Objektklass för poster i automatmonteraravbildningar" -#: src/config/SSSDConfig/__init__.py.in:455 +#: src/config/SSSDConfig/__init__.py.in:456 msgid "Automounter map entry key attribute" msgstr "Attribut för postnycklar i automatmonteraravbildningar" -#: src/config/SSSDConfig/__init__.py.in:456 +#: src/config/SSSDConfig/__init__.py.in:457 msgid "Automounter map entry value attribute" msgstr "Attribut på postvärde i avbildning för automatmonteraren" -#: src/config/SSSDConfig/__init__.py.in:457 +#: src/config/SSSDConfig/__init__.py.in:458 msgid "Base DN for automounter map lookups" msgstr "Bas-DN för uppslagningar i automatmonteraravbildningar" -#: src/config/SSSDConfig/__init__.py.in:460 +#: src/config/SSSDConfig/__init__.py.in:461 msgid "Comma separated list of allowed users" msgstr "Kommaseparerad lista över tillåtna användare" -#: src/config/SSSDConfig/__init__.py.in:461 +#: src/config/SSSDConfig/__init__.py.in:462 msgid "Comma separated list of prohibited users" msgstr "Kommaseparerad lista över förbjudna användare" -#: src/config/SSSDConfig/__init__.py.in:464 +#: src/config/SSSDConfig/__init__.py.in:465 msgid "Default shell, /bin/bash" msgstr "Standardskal, /bin/bash" -#: src/config/SSSDConfig/__init__.py.in:465 +#: src/config/SSSDConfig/__init__.py.in:466 msgid "Base for home directories" msgstr "Bas för hemkataloger" -#: src/config/SSSDConfig/__init__.py.in:468 +#: src/config/SSSDConfig/__init__.py.in:469 msgid "The number of preforked proxy children." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:471 +#: src/config/SSSDConfig/__init__.py.in:472 msgid "The name of the NSS library to use" msgstr "Namnet på NSS-biblioteket att använda" -#: src/config/SSSDConfig/__init__.py.in:472 +#: src/config/SSSDConfig/__init__.py.in:473 msgid "Whether to look up canonical group name from cache if possible" msgstr "Huruvida kanoniska gruppnamn skall slås upp från cachen om möjligt" -#: src/config/SSSDConfig/__init__.py.in:475 +#: src/config/SSSDConfig/__init__.py.in:476 msgid "PAM stack to use" msgstr "PAM-stack att använda" -#: src/monitor/monitor.c:2469 +#: src/monitor/monitor.c:2449 msgid "Become a daemon (default)" msgstr "Bli en demon (standard)" -#: src/monitor/monitor.c:2471 +#: src/monitor/monitor.c:2451 msgid "Run interactive (not a daemon)" msgstr "Kör interaktivt (inte en demon)" -#: src/monitor/monitor.c:2474 +#: src/monitor/monitor.c:2454 msgid "Disable netlink interface" msgstr "" -#: src/monitor/monitor.c:2476 src/tools/sssctl/sssctl_logs.c:311 +#: src/monitor/monitor.c:2456 src/tools/sssctl/sssctl_logs.c:311 msgid "Specify a non-default config file" msgstr "Ange en konfigurationsfil annan än standard" -#: src/monitor/monitor.c:2478 +#: src/monitor/monitor.c:2458 msgid "Refresh the configuration database, then exit" msgstr "" -#: src/monitor/monitor.c:2481 +#: src/monitor/monitor.c:2461 msgid "Print version number and exit" msgstr "Skriv ut versionsnumret och avsluta" -#: src/monitor/monitor.c:2645 +#: src/monitor/monitor.c:2627 msgid "SSSD is already running\n" msgstr "" -#: src/providers/krb5/krb5_child.c:3032 src/providers/ldap/ldap_child.c:616 +#: src/providers/krb5/krb5_child.c:3216 src/providers/ldap/ldap_child.c:617 msgid "Debug level" msgstr "Felsökningsnivå" -#: src/providers/krb5/krb5_child.c:3034 src/providers/ldap/ldap_child.c:618 +#: src/providers/krb5/krb5_child.c:3218 src/providers/ldap/ldap_child.c:619 msgid "Add debug timestamps" msgstr "Lägg till felsökningstidstämplar" -#: src/providers/krb5/krb5_child.c:3036 src/providers/ldap/ldap_child.c:620 +#: src/providers/krb5/krb5_child.c:3220 src/providers/ldap/ldap_child.c:621 msgid "Show timestamps with microseconds" msgstr "Visa tidsstämplar med mikrosekunder" -#: src/providers/krb5/krb5_child.c:3038 src/providers/ldap/ldap_child.c:622 +#: src/providers/krb5/krb5_child.c:3222 src/providers/ldap/ldap_child.c:623 msgid "An open file descriptor for the debug logs" msgstr "Ett öppet filhandtag för felsökningsloggarna" -#: src/providers/krb5/krb5_child.c:3041 src/providers/ldap/ldap_child.c:624 +#: src/providers/krb5/krb5_child.c:3225 src/providers/ldap/ldap_child.c:625 msgid "Send the debug output to stderr directly." msgstr "" -#: src/providers/krb5/krb5_child.c:3043 +#: src/providers/krb5/krb5_child.c:3228 msgid "The user to create FAST ccache as" msgstr "" -#: src/providers/krb5/krb5_child.c:3045 +#: src/providers/krb5/krb5_child.c:3230 msgid "The group to create FAST ccache as" msgstr "" -#: src/providers/krb5/krb5_child.c:3047 +#: src/providers/krb5/krb5_child.c:3232 msgid "Kerberos realm to use" msgstr "" -#: src/providers/krb5/krb5_child.c:3049 +#: src/providers/krb5/krb5_child.c:3234 msgid "Requested lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:3051 +#: src/providers/krb5/krb5_child.c:3236 msgid "Requested renewable lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:3053 +#: src/providers/krb5/krb5_child.c:3238 msgid "FAST options ('never', 'try', 'demand')" msgstr "" -#: src/providers/krb5/krb5_child.c:3056 +#: src/providers/krb5/krb5_child.c:3241 msgid "Specifies the server principal to use for FAST" msgstr "" -#: src/providers/krb5/krb5_child.c:3058 +#: src/providers/krb5/krb5_child.c:3243 msgid "Requests canonicalization of the principal name" msgstr "" -#: src/providers/data_provider_be.c:553 +#: src/providers/krb5/krb5_child.c:3245 +msgid "Use custom version of krb5_get_init_creds_password" +msgstr "" + +#: src/providers/data_provider_be.c:555 msgid "Domain of the information provider (mandatory)" msgstr "Domän för informationsleverantören (obligatoriskt)" -#: src/sss_client/common.c:1061 +#: src/sss_client/common.c:1066 msgid "Privileged socket has wrong ownership or permissions." msgstr "Priviligierat uttag (socket) har fel ägarskap eller rättigheter." -#: src/sss_client/common.c:1064 +#: src/sss_client/common.c:1069 msgid "Public socket has wrong ownership or permissions." msgstr "Publikt uttag (socket) har fel ägarskap eller rättigheter." -#: src/sss_client/common.c:1067 +#: src/sss_client/common.c:1072 msgid "Unexpected format of the server credential message." msgstr "Oväntat format på serverns kreditivmeddelande." -#: src/sss_client/common.c:1070 +#: src/sss_client/common.c:1075 msgid "SSSD is not run by root." msgstr "SSSD körs inte av root." -#: src/sss_client/common.c:1075 +#: src/sss_client/common.c:1080 msgid "An error occurred, but no description can be found." msgstr "Ett fel uppstod, men ingen beskrivning kan hittas." -#: src/sss_client/common.c:1081 +#: src/sss_client/common.c:1086 msgid "Unexpected error while looking for an error description" msgstr "Oväntat fel vid sökning efter ett felmeddelande" -#: src/sss_client/pam_sss.c:68 +#: src/sss_client/pam_sss.c:76 msgid "Permission denied. " msgstr "" -#: src/sss_client/pam_sss.c:69 src/sss_client/pam_sss.c:746 -#: src/sss_client/pam_sss.c:757 +#: src/sss_client/pam_sss.c:77 src/sss_client/pam_sss.c:782 +#: src/sss_client/pam_sss.c:793 msgid "Server message: " msgstr "Servermeddelande: " -#: src/sss_client/pam_sss.c:264 +#: src/sss_client/pam_sss.c:300 msgid "Passwords do not match" msgstr "Lösenorden stämmer inte överens" -#: src/sss_client/pam_sss.c:452 +#: src/sss_client/pam_sss.c:488 msgid "Password reset by root is not supported." msgstr "Återställning av lösenord av root stöds inte." -#: src/sss_client/pam_sss.c:493 +#: src/sss_client/pam_sss.c:529 msgid "Authenticated with cached credentials" msgstr "Autentiserad med cachade kreditiv" -#: src/sss_client/pam_sss.c:494 +#: src/sss_client/pam_sss.c:530 msgid ", your cached password will expire at: " msgstr ", ditt cache-lösenord kommer gå ut: " -#: src/sss_client/pam_sss.c:524 +#: src/sss_client/pam_sss.c:560 #, c-format msgid "Your password has expired. You have %1$d grace login(s) remaining." msgstr "Ditt lösenord har gått ut. Du har en frist på %1$d inloggningar kvar." -#: src/sss_client/pam_sss.c:570 +#: src/sss_client/pam_sss.c:606 #, c-format msgid "Your password will expire in %1$d %2$s." msgstr "Ditt lösenordet kommer gå ut om %1$d %2$s." -#: src/sss_client/pam_sss.c:619 +#: src/sss_client/pam_sss.c:655 msgid "Authentication is denied until: " msgstr "Autentisering nekas till: " -#: src/sss_client/pam_sss.c:640 +#: src/sss_client/pam_sss.c:676 msgid "System is offline, password change not possible" msgstr "Systemet är frånkopplat, ändring av lösenord är inte möjligt" -#: src/sss_client/pam_sss.c:655 +#: src/sss_client/pam_sss.c:691 msgid "" "After changing the OTP password, you need to log out and back in order to " "acquire a ticket" @@ -1656,39 +1666,44 @@ msgstr "" "Efter att ha ändrat OTP-lösenordet behöver du logga ut och tillbaka in för " "att få en biljett" -#: src/sss_client/pam_sss.c:743 src/sss_client/pam_sss.c:756 +#: src/sss_client/pam_sss.c:779 src/sss_client/pam_sss.c:792 msgid "Password change failed. " msgstr "Lösenordsändringen misslyckades. " -#: src/sss_client/pam_sss.c:1670 +#: src/sss_client/pam_sss.c:1926 msgid "New Password: " msgstr "Nytt lösenord: " -#: src/sss_client/pam_sss.c:1671 +#: src/sss_client/pam_sss.c:1927 msgid "Reenter new Password: " msgstr "Skriv det nya lösenordet igen: " -#: src/sss_client/pam_sss.c:1783 src/sss_client/pam_sss.c:1786 +#: src/sss_client/pam_sss.c:2039 src/sss_client/pam_sss.c:2042 msgid "First Factor: " msgstr "" -#: src/sss_client/pam_sss.c:1784 +#: src/sss_client/pam_sss.c:2040 src/sss_client/pam_sss.c:2202 msgid "Second Factor (optional): " msgstr "" -#: src/sss_client/pam_sss.c:1787 +#: src/sss_client/pam_sss.c:2043 src/sss_client/pam_sss.c:2205 msgid "Second Factor: " msgstr "" -#: src/sss_client/pam_sss.c:1792 +#: src/sss_client/pam_sss.c:2058 msgid "Password: " msgstr "Lösenord: " -#: src/sss_client/pam_sss.c:1832 +#: src/sss_client/pam_sss.c:2201 src/sss_client/pam_sss.c:2204 +#, fuzzy +msgid "First Factor (Current Password): " +msgstr "Nuvarande lösenord: " + +#: src/sss_client/pam_sss.c:2208 msgid "Current Password: " msgstr "Nuvarande lösenord: " -#: src/sss_client/pam_sss.c:2098 +#: src/sss_client/pam_sss.c:2536 msgid "Password expired. Change your password now." msgstr "Lösenordet har gått ut. Ändra ditt lösenord nu." @@ -2353,38 +2368,38 @@ msgstr "" msgid "Cached in InfoPipe" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:511 +#: src/tools/sssctl/sssctl_cache.c:512 #, c-format msgid "Error: Unable to get object [%d]: %s\n" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:527 +#: src/tools/sssctl/sssctl_cache.c:528 #, c-format msgid "%s: Unable to read value [%d]: %s\n" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:555 +#: src/tools/sssctl/sssctl_cache.c:556 msgid "Specify name." msgstr "" -#: src/tools/sssctl/sssctl_cache.c:565 +#: src/tools/sssctl/sssctl_cache.c:566 #, c-format msgid "Unable to parse name %s.\n" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:591 src/tools/sssctl/sssctl_cache.c:638 +#: src/tools/sssctl/sssctl_cache.c:592 src/tools/sssctl/sssctl_cache.c:639 msgid "Search by SID" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:592 +#: src/tools/sssctl/sssctl_cache.c:593 msgid "Search by user ID" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:601 +#: src/tools/sssctl/sssctl_cache.c:602 msgid "Initgroups expiration time" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:639 +#: src/tools/sssctl/sssctl_cache.c:640 msgid "Search by group ID" msgstr "" @@ -2422,7 +2437,7 @@ msgid "Unable to create backup directory [%d]: %s" msgstr "" #: src/tools/sssctl/sssctl_data.c:95 -msgid "SSSD backup of local data already exist, override?" +msgid "SSSD backup of local data already exists, override?" msgstr "" #: src/tools/sssctl/sssctl_data.c:111 diff --git a/po/tg.po b/po/tg.po index 47708b2515b..829203ed894 100644 --- a/po/tg.po +++ b/po/tg.po @@ -7,7 +7,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2017-10-20 16:16+0200\n" +"POT-Creation-Date: 2018-03-09 12:31+0100\n" "PO-Revision-Date: 2014-12-14 11:48-0500\n" "Last-Translator: Copied by Zanata \n" "Language-Team: Tajik (http://www.transifex.com/projects/p/sssd/language/" @@ -491,12 +491,12 @@ msgid "Whether to automatically update the client's DNS entry" msgstr "" #: src/config/SSSDConfig/__init__.py.in:184 -#: src/config/SSSDConfig/__init__.py.in:205 +#: src/config/SSSDConfig/__init__.py.in:206 msgid "The TTL to apply to the client's DNS entry after updating it" msgstr "" #: src/config/SSSDConfig/__init__.py.in:185 -#: src/config/SSSDConfig/__init__.py.in:206 +#: src/config/SSSDConfig/__init__.py.in:207 msgid "The interface whose IP should be used for dynamic DNS updates" msgstr "" @@ -540,1114 +540,1126 @@ msgstr "" msgid "How long can cached credentials be used for cached authentication" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:200 -msgid "IPA domain" +#: src/config/SSSDConfig/__init__.py.in:198 +msgid "Whether to automatically create private groups for users" msgstr "" #: src/config/SSSDConfig/__init__.py.in:201 -msgid "IPA server address" +msgid "IPA domain" msgstr "" #: src/config/SSSDConfig/__init__.py.in:202 -msgid "Address of backup IPA server" +msgid "IPA server address" msgstr "" #: src/config/SSSDConfig/__init__.py.in:203 -msgid "IPA client hostname" +msgid "Address of backup IPA server" msgstr "" #: src/config/SSSDConfig/__init__.py.in:204 +msgid "IPA client hostname" +msgstr "" + +#: src/config/SSSDConfig/__init__.py.in:205 msgid "Whether to automatically update the client's DNS entry in FreeIPA" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:207 +#: src/config/SSSDConfig/__init__.py.in:208 msgid "Search base for HBAC related objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:208 +#: src/config/SSSDConfig/__init__.py.in:209 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:209 +#: src/config/SSSDConfig/__init__.py.in:210 msgid "" "The amount of time in seconds between lookups of the SELinux maps against " "the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:210 +#: src/config/SSSDConfig/__init__.py.in:211 msgid "If set to false, host argument given by PAM will be ignored" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:211 +#: src/config/SSSDConfig/__init__.py.in:212 msgid "The automounter location this IPA client is using" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:212 +#: src/config/SSSDConfig/__init__.py.in:213 msgid "Search base for object containing info about IPA domain" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:213 +#: src/config/SSSDConfig/__init__.py.in:214 msgid "Search base for objects containing info about ID ranges" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:214 -#: src/config/SSSDConfig/__init__.py.in:232 +#: src/config/SSSDConfig/__init__.py.in:215 +#: src/config/SSSDConfig/__init__.py.in:233 msgid "Enable DNS sites - location based service discovery" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:215 +#: src/config/SSSDConfig/__init__.py.in:216 msgid "Search base for view containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:216 +#: src/config/SSSDConfig/__init__.py.in:217 msgid "Objectclass for view containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:217 +#: src/config/SSSDConfig/__init__.py.in:218 msgid "Attribute with the name of the view" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:218 +#: src/config/SSSDConfig/__init__.py.in:219 msgid "Objectclass for override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:219 +#: src/config/SSSDConfig/__init__.py.in:220 msgid "Attribute with the reference to the original object" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:220 +#: src/config/SSSDConfig/__init__.py.in:221 msgid "Objectclass for user override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:221 +#: src/config/SSSDConfig/__init__.py.in:222 msgid "Objectclass for group override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:222 +#: src/config/SSSDConfig/__init__.py.in:223 msgid "Search base for Desktop Profile related objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:223 +#: src/config/SSSDConfig/__init__.py.in:224 msgid "" "The amount of time in seconds between lookups of the Desktop Profile rules " "against the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:224 +#: src/config/SSSDConfig/__init__.py.in:225 msgid "" "The amount of time in minutes between lookups of Desktop Profiles rules " "against the IPA server when the last request did not find any rule" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:227 +#: src/config/SSSDConfig/__init__.py.in:228 msgid "Active Directory domain" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:228 +#: src/config/SSSDConfig/__init__.py.in:229 msgid "Enabled Active Directory domains" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:229 +#: src/config/SSSDConfig/__init__.py.in:230 msgid "Active Directory server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:230 +#: src/config/SSSDConfig/__init__.py.in:231 msgid "Active Directory backup server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:231 +#: src/config/SSSDConfig/__init__.py.in:232 msgid "Active Directory client hostname" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:233 -#: src/config/SSSDConfig/__init__.py.in:419 +#: src/config/SSSDConfig/__init__.py.in:234 +#: src/config/SSSDConfig/__init__.py.in:420 msgid "LDAP filter to determine access privileges" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:234 +#: src/config/SSSDConfig/__init__.py.in:235 msgid "Whether to use the Global Catalog for lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:235 +#: src/config/SSSDConfig/__init__.py.in:236 msgid "Operation mode for GPO-based access control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:236 +#: src/config/SSSDConfig/__init__.py.in:237 msgid "" "The amount of time between lookups of the GPO policy files against the AD " "server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:237 +#: src/config/SSSDConfig/__init__.py.in:238 msgid "" "PAM service names that map to the GPO (Deny)InteractiveLogonRight policy " "settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:238 +#: src/config/SSSDConfig/__init__.py.in:239 msgid "" "PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight " "policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:239 +#: src/config/SSSDConfig/__init__.py.in:240 msgid "" "PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:240 +#: src/config/SSSDConfig/__init__.py.in:241 msgid "" "PAM service names that map to the GPO (Deny)BatchLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:241 +#: src/config/SSSDConfig/__init__.py.in:242 msgid "" "PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:242 +#: src/config/SSSDConfig/__init__.py.in:243 msgid "PAM service names for which GPO-based access is always granted" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:243 +#: src/config/SSSDConfig/__init__.py.in:244 msgid "PAM service names for which GPO-based access is always denied" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:244 +#: src/config/SSSDConfig/__init__.py.in:245 msgid "" "Default logon right (or permit/deny) to use for unmapped PAM service names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:245 +#: src/config/SSSDConfig/__init__.py.in:246 msgid "a particular site to be used by the client" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:246 +#: src/config/SSSDConfig/__init__.py.in:247 msgid "" "Maximum age in days before the machine account password should be renewed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:247 +#: src/config/SSSDConfig/__init__.py.in:248 msgid "Option for tuning the machine account renewal task" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:250 #: src/config/SSSDConfig/__init__.py.in:251 +#: src/config/SSSDConfig/__init__.py.in:252 msgid "Kerberos server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:252 +#: src/config/SSSDConfig/__init__.py.in:253 msgid "Kerberos backup server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:253 +#: src/config/SSSDConfig/__init__.py.in:254 msgid "Kerberos realm" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:254 +#: src/config/SSSDConfig/__init__.py.in:255 msgid "Authentication timeout" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:255 +#: src/config/SSSDConfig/__init__.py.in:256 msgid "Whether to create kdcinfo files" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:256 +#: src/config/SSSDConfig/__init__.py.in:257 msgid "Where to drop krb5 config snippets" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:259 +#: src/config/SSSDConfig/__init__.py.in:260 msgid "Directory to store credential caches" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:260 +#: src/config/SSSDConfig/__init__.py.in:261 msgid "Location of the user's credential cache" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:261 +#: src/config/SSSDConfig/__init__.py.in:262 msgid "Location of the keytab to validate credentials" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:262 +#: src/config/SSSDConfig/__init__.py.in:263 msgid "Enable credential validation" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:263 +#: src/config/SSSDConfig/__init__.py.in:264 msgid "Store password if offline for later online authentication" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:264 +#: src/config/SSSDConfig/__init__.py.in:265 msgid "Renewable lifetime of the TGT" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:265 +#: src/config/SSSDConfig/__init__.py.in:266 msgid "Lifetime of the TGT" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:266 +#: src/config/SSSDConfig/__init__.py.in:267 msgid "Time between two checks for renewal" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:267 +#: src/config/SSSDConfig/__init__.py.in:268 msgid "Enables FAST" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:268 +#: src/config/SSSDConfig/__init__.py.in:269 msgid "Selects the principal to use for FAST" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:269 +#: src/config/SSSDConfig/__init__.py.in:270 msgid "Enables principal canonicalization" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:270 +#: src/config/SSSDConfig/__init__.py.in:271 msgid "Enables enterprise principals" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:271 -msgid "A mapping from user names to kerberos principal names" +#: src/config/SSSDConfig/__init__.py.in:272 +msgid "A mapping from user names to Kerberos principal names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:274 #: src/config/SSSDConfig/__init__.py.in:275 +#: src/config/SSSDConfig/__init__.py.in:276 msgid "Server where the change password service is running if not on the KDC" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:278 +#: src/config/SSSDConfig/__init__.py.in:279 msgid "ldap_uri, The URI of the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:279 +#: src/config/SSSDConfig/__init__.py.in:280 msgid "ldap_backup_uri, The URI of the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:280 +#: src/config/SSSDConfig/__init__.py.in:281 msgid "The default base DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:281 +#: src/config/SSSDConfig/__init__.py.in:282 msgid "The Schema Type in use on the LDAP server, rfc2307" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:282 +#: src/config/SSSDConfig/__init__.py.in:283 msgid "The default bind DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:283 +#: src/config/SSSDConfig/__init__.py.in:284 msgid "The type of the authentication token of the default bind DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:284 +#: src/config/SSSDConfig/__init__.py.in:285 msgid "The authentication token of the default bind DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:285 +#: src/config/SSSDConfig/__init__.py.in:286 msgid "Length of time to attempt connection" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:286 +#: src/config/SSSDConfig/__init__.py.in:287 msgid "Length of time to attempt synchronous LDAP operations" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:287 +#: src/config/SSSDConfig/__init__.py.in:288 msgid "Length of time between attempts to reconnect while offline" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:288 +#: src/config/SSSDConfig/__init__.py.in:289 msgid "Use only the upper case for realm names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:289 +#: src/config/SSSDConfig/__init__.py.in:290 msgid "File that contains CA certificates" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:290 +#: src/config/SSSDConfig/__init__.py.in:291 msgid "Path to CA certificate directory" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:291 +#: src/config/SSSDConfig/__init__.py.in:292 msgid "File that contains the client certificate" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:292 +#: src/config/SSSDConfig/__init__.py.in:293 msgid "File that contains the client key" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:293 +#: src/config/SSSDConfig/__init__.py.in:294 msgid "List of possible ciphers suites" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:294 +#: src/config/SSSDConfig/__init__.py.in:295 msgid "Require TLS certificate verification" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:295 +#: src/config/SSSDConfig/__init__.py.in:296 msgid "Specify the sasl mechanism to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:296 +#: src/config/SSSDConfig/__init__.py.in:297 msgid "Specify the sasl authorization id to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:297 +#: src/config/SSSDConfig/__init__.py.in:298 msgid "Specify the sasl authorization realm to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:298 +#: src/config/SSSDConfig/__init__.py.in:299 msgid "Specify the minimal SSF for LDAP sasl authorization" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:299 +#: src/config/SSSDConfig/__init__.py.in:300 msgid "Kerberos service keytab" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:300 +#: src/config/SSSDConfig/__init__.py.in:301 msgid "Use Kerberos auth for LDAP connection" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:301 +#: src/config/SSSDConfig/__init__.py.in:302 msgid "Follow LDAP referrals" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:302 +#: src/config/SSSDConfig/__init__.py.in:303 msgid "Lifetime of TGT for LDAP connection" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:303 +#: src/config/SSSDConfig/__init__.py.in:304 msgid "How to dereference aliases" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:304 +#: src/config/SSSDConfig/__init__.py.in:305 msgid "Service name for DNS service lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:305 +#: src/config/SSSDConfig/__init__.py.in:306 msgid "The number of records to retrieve in a single LDAP query" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:306 +#: src/config/SSSDConfig/__init__.py.in:307 msgid "The number of members that must be missing to trigger a full deref" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:307 +#: src/config/SSSDConfig/__init__.py.in:308 msgid "" "Whether the LDAP library should perform a reverse lookup to canonicalize the " "host name during a SASL bind" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:309 +#: src/config/SSSDConfig/__init__.py.in:310 msgid "entryUSN attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:310 +#: src/config/SSSDConfig/__init__.py.in:311 msgid "lastUSN attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:312 +#: src/config/SSSDConfig/__init__.py.in:313 msgid "How long to retain a connection to the LDAP server before disconnecting" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:314 +#: src/config/SSSDConfig/__init__.py.in:315 msgid "Disable the LDAP paging control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:315 +#: src/config/SSSDConfig/__init__.py.in:316 msgid "Disable Active Directory range retrieval" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:318 +#: src/config/SSSDConfig/__init__.py.in:319 msgid "Length of time to wait for a search request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:319 +#: src/config/SSSDConfig/__init__.py.in:320 msgid "Length of time to wait for a enumeration request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:320 +#: src/config/SSSDConfig/__init__.py.in:321 msgid "Length of time between enumeration updates" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:321 +#: src/config/SSSDConfig/__init__.py.in:322 msgid "Length of time between cache cleanups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:322 +#: src/config/SSSDConfig/__init__.py.in:323 msgid "Require TLS for ID lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:323 +#: src/config/SSSDConfig/__init__.py.in:324 msgid "Use ID-mapping of objectSID instead of pre-set IDs" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:324 +#: src/config/SSSDConfig/__init__.py.in:325 msgid "Base DN for user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:325 +#: src/config/SSSDConfig/__init__.py.in:326 msgid "Scope of user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:326 +#: src/config/SSSDConfig/__init__.py.in:327 msgid "Filter for user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:327 +#: src/config/SSSDConfig/__init__.py.in:328 msgid "Objectclass for users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:328 +#: src/config/SSSDConfig/__init__.py.in:329 msgid "Username attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:330 +#: src/config/SSSDConfig/__init__.py.in:331 msgid "UID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:331 +#: src/config/SSSDConfig/__init__.py.in:332 msgid "Primary GID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:332 +#: src/config/SSSDConfig/__init__.py.in:333 msgid "GECOS attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:333 +#: src/config/SSSDConfig/__init__.py.in:334 msgid "Home directory attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:334 +#: src/config/SSSDConfig/__init__.py.in:335 msgid "Shell attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:335 +#: src/config/SSSDConfig/__init__.py.in:336 msgid "UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:336 -#: src/config/SSSDConfig/__init__.py.in:378 +#: src/config/SSSDConfig/__init__.py.in:337 +#: src/config/SSSDConfig/__init__.py.in:379 msgid "objectSID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:337 +#: src/config/SSSDConfig/__init__.py.in:338 msgid "Active Directory primary group attribute for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:338 +#: src/config/SSSDConfig/__init__.py.in:339 msgid "User principal attribute (for Kerberos)" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:339 +#: src/config/SSSDConfig/__init__.py.in:340 msgid "Full Name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:341 msgid "memberOf attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:341 +#: src/config/SSSDConfig/__init__.py.in:342 msgid "Modification time attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:343 +#: src/config/SSSDConfig/__init__.py.in:344 msgid "shadowLastChange attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:344 +#: src/config/SSSDConfig/__init__.py.in:345 msgid "shadowMin attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:345 +#: src/config/SSSDConfig/__init__.py.in:346 msgid "shadowMax attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:346 +#: src/config/SSSDConfig/__init__.py.in:347 msgid "shadowWarning attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:347 +#: src/config/SSSDConfig/__init__.py.in:348 msgid "shadowInactive attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:348 +#: src/config/SSSDConfig/__init__.py.in:349 msgid "shadowExpire attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:349 +#: src/config/SSSDConfig/__init__.py.in:350 msgid "shadowFlag attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:350 +#: src/config/SSSDConfig/__init__.py.in:351 msgid "Attribute listing authorized PAM services" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:351 +#: src/config/SSSDConfig/__init__.py.in:352 msgid "Attribute listing authorized server hosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:352 +#: src/config/SSSDConfig/__init__.py.in:353 msgid "Attribute listing authorized server rhosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:353 +#: src/config/SSSDConfig/__init__.py.in:354 msgid "krbLastPwdChange attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:354 +#: src/config/SSSDConfig/__init__.py.in:355 msgid "krbPasswordExpiration attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:355 +#: src/config/SSSDConfig/__init__.py.in:356 msgid "Attribute indicating that server side password policies are active" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:356 +#: src/config/SSSDConfig/__init__.py.in:357 msgid "accountExpires attribute of AD" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:357 +#: src/config/SSSDConfig/__init__.py.in:358 msgid "userAccountControl attribute of AD" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:358 +#: src/config/SSSDConfig/__init__.py.in:359 msgid "nsAccountLock attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:359 +#: src/config/SSSDConfig/__init__.py.in:360 msgid "loginDisabled attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:360 +#: src/config/SSSDConfig/__init__.py.in:361 msgid "loginExpirationTime attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:361 +#: src/config/SSSDConfig/__init__.py.in:362 msgid "loginAllowedTimeMap attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:362 +#: src/config/SSSDConfig/__init__.py.in:363 msgid "SSH public key attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:363 +#: src/config/SSSDConfig/__init__.py.in:364 msgid "attribute listing allowed authentication types for a user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:364 +#: src/config/SSSDConfig/__init__.py.in:365 msgid "attribute containing the X509 certificate of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:365 +#: src/config/SSSDConfig/__init__.py.in:366 msgid "attribute containing the email address of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:367 +#: src/config/SSSDConfig/__init__.py.in:368 msgid "A list of extra attributes to download along with the user entry" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:369 +#: src/config/SSSDConfig/__init__.py.in:370 msgid "Base DN for group lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:372 +#: src/config/SSSDConfig/__init__.py.in:373 msgid "Objectclass for groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:373 +#: src/config/SSSDConfig/__init__.py.in:374 msgid "Group name" msgstr "Номи гурӯҳ" -#: src/config/SSSDConfig/__init__.py.in:374 +#: src/config/SSSDConfig/__init__.py.in:375 msgid "Group password" msgstr "Пароли гурӯҳ" -#: src/config/SSSDConfig/__init__.py.in:375 +#: src/config/SSSDConfig/__init__.py.in:376 msgid "GID attribute" msgstr "Аттрибути GID" -#: src/config/SSSDConfig/__init__.py.in:376 +#: src/config/SSSDConfig/__init__.py.in:377 msgid "Group member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:377 +#: src/config/SSSDConfig/__init__.py.in:378 msgid "Group UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:379 +#: src/config/SSSDConfig/__init__.py.in:380 msgid "Modification time attribute for groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:380 +#: src/config/SSSDConfig/__init__.py.in:381 msgid "Type of the group and other flags" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:381 +#: src/config/SSSDConfig/__init__.py.in:382 msgid "The LDAP group external member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:383 -msgid "Maximum nesting level SSSd will follow" +#: src/config/SSSDConfig/__init__.py.in:384 +msgid "Maximum nesting level SSSD will follow" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:385 +#: src/config/SSSDConfig/__init__.py.in:386 msgid "Base DN for netgroup lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:386 +#: src/config/SSSDConfig/__init__.py.in:387 msgid "Objectclass for netgroups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:387 +#: src/config/SSSDConfig/__init__.py.in:388 msgid "Netgroup name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:388 +#: src/config/SSSDConfig/__init__.py.in:389 msgid "Netgroups members attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:389 +#: src/config/SSSDConfig/__init__.py.in:390 msgid "Netgroup triple attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:390 +#: src/config/SSSDConfig/__init__.py.in:391 msgid "Modification time attribute for netgroups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:392 +#: src/config/SSSDConfig/__init__.py.in:393 msgid "Base DN for service lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:393 +#: src/config/SSSDConfig/__init__.py.in:394 msgid "Objectclass for services" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:394 +#: src/config/SSSDConfig/__init__.py.in:395 msgid "Service name attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:395 +#: src/config/SSSDConfig/__init__.py.in:396 msgid "Service port attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:396 +#: src/config/SSSDConfig/__init__.py.in:397 msgid "Service protocol attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:399 +#: src/config/SSSDConfig/__init__.py.in:400 msgid "Lower bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:400 +#: src/config/SSSDConfig/__init__.py.in:401 msgid "Upper bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:401 +#: src/config/SSSDConfig/__init__.py.in:402 msgid "Number of IDs for each slice when ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:402 +#: src/config/SSSDConfig/__init__.py.in:403 msgid "Use autorid-compatible algorithm for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:403 +#: src/config/SSSDConfig/__init__.py.in:404 msgid "Name of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:404 +#: src/config/SSSDConfig/__init__.py.in:405 msgid "SID of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:405 +#: src/config/SSSDConfig/__init__.py.in:406 msgid "Number of secondary slices" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:407 +#: src/config/SSSDConfig/__init__.py.in:408 msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:408 +#: src/config/SSSDConfig/__init__.py.in:409 msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:409 +#: src/config/SSSDConfig/__init__.py.in:410 msgid "Whether to use Token-Groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:410 +#: src/config/SSSDConfig/__init__.py.in:411 msgid "Set lower boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:411 +#: src/config/SSSDConfig/__init__.py.in:412 msgid "Set upper boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:412 +#: src/config/SSSDConfig/__init__.py.in:413 msgid "DN for ppolicy queries" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:413 +#: src/config/SSSDConfig/__init__.py.in:414 msgid "How many maximum entries to fetch during a wildcard request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:416 +#: src/config/SSSDConfig/__init__.py.in:417 msgid "Policy to evaluate the password expiration" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:420 +#: src/config/SSSDConfig/__init__.py.in:421 msgid "Which attributes shall be used to evaluate if an account is expired" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:421 +#: src/config/SSSDConfig/__init__.py.in:422 msgid "Which rules should be used to evaluate access control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:424 +#: src/config/SSSDConfig/__init__.py.in:425 msgid "URI of an LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:425 +#: src/config/SSSDConfig/__init__.py.in:426 msgid "URI of a backup LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:426 +#: src/config/SSSDConfig/__init__.py.in:427 msgid "DNS service name for LDAP password change server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:427 +#: src/config/SSSDConfig/__init__.py.in:428 msgid "" "Whether to update the ldap_user_shadow_last_change attribute after a " "password change" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:430 +#: src/config/SSSDConfig/__init__.py.in:431 msgid "Base DN for sudo rules lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:431 +#: src/config/SSSDConfig/__init__.py.in:432 msgid "Automatic full refresh period" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:432 +#: src/config/SSSDConfig/__init__.py.in:433 msgid "Automatic smart refresh period" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:433 +#: src/config/SSSDConfig/__init__.py.in:434 msgid "Whether to filter rules by hostname, IP addresses and network" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:434 +#: src/config/SSSDConfig/__init__.py.in:435 msgid "" "Hostnames and/or fully qualified domain names of this machine to filter sudo " "rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:435 +#: src/config/SSSDConfig/__init__.py.in:436 msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:436 +#: src/config/SSSDConfig/__init__.py.in:437 msgid "Whether to include rules that contains netgroup in host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:437 +#: src/config/SSSDConfig/__init__.py.in:438 msgid "" "Whether to include rules that contains regular expression in host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:438 +#: src/config/SSSDConfig/__init__.py.in:439 msgid "Object class for sudo rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:439 +#: src/config/SSSDConfig/__init__.py.in:440 msgid "Sudo rule name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:440 +#: src/config/SSSDConfig/__init__.py.in:441 msgid "Sudo rule command attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:441 +#: src/config/SSSDConfig/__init__.py.in:442 msgid "Sudo rule host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:442 +#: src/config/SSSDConfig/__init__.py.in:443 msgid "Sudo rule user attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:443 +#: src/config/SSSDConfig/__init__.py.in:444 msgid "Sudo rule option attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:444 +#: src/config/SSSDConfig/__init__.py.in:445 msgid "Sudo rule runas attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:445 +#: src/config/SSSDConfig/__init__.py.in:446 msgid "Sudo rule runasuser attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:446 +#: src/config/SSSDConfig/__init__.py.in:447 msgid "Sudo rule runasgroup attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:447 +#: src/config/SSSDConfig/__init__.py.in:448 msgid "Sudo rule notbefore attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:448 +#: src/config/SSSDConfig/__init__.py.in:449 msgid "Sudo rule notafter attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:449 +#: src/config/SSSDConfig/__init__.py.in:450 msgid "Sudo rule order attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:452 +#: src/config/SSSDConfig/__init__.py.in:453 msgid "Object class for automounter maps" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:453 +#: src/config/SSSDConfig/__init__.py.in:454 msgid "Automounter map name attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:454 +#: src/config/SSSDConfig/__init__.py.in:455 msgid "Object class for automounter map entries" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:455 +#: src/config/SSSDConfig/__init__.py.in:456 msgid "Automounter map entry key attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:456 +#: src/config/SSSDConfig/__init__.py.in:457 msgid "Automounter map entry value attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:457 +#: src/config/SSSDConfig/__init__.py.in:458 msgid "Base DN for automounter map lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:460 +#: src/config/SSSDConfig/__init__.py.in:461 msgid "Comma separated list of allowed users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:461 +#: src/config/SSSDConfig/__init__.py.in:462 msgid "Comma separated list of prohibited users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:464 +#: src/config/SSSDConfig/__init__.py.in:465 msgid "Default shell, /bin/bash" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:465 +#: src/config/SSSDConfig/__init__.py.in:466 msgid "Base for home directories" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:468 +#: src/config/SSSDConfig/__init__.py.in:469 msgid "The number of preforked proxy children." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:471 +#: src/config/SSSDConfig/__init__.py.in:472 msgid "The name of the NSS library to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:472 +#: src/config/SSSDConfig/__init__.py.in:473 msgid "Whether to look up canonical group name from cache if possible" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:475 +#: src/config/SSSDConfig/__init__.py.in:476 msgid "PAM stack to use" msgstr "" -#: src/monitor/monitor.c:2469 +#: src/monitor/monitor.c:2449 msgid "Become a daemon (default)" msgstr "" -#: src/monitor/monitor.c:2471 +#: src/monitor/monitor.c:2451 msgid "Run interactive (not a daemon)" msgstr "" -#: src/monitor/monitor.c:2474 +#: src/monitor/monitor.c:2454 msgid "Disable netlink interface" msgstr "" -#: src/monitor/monitor.c:2476 src/tools/sssctl/sssctl_logs.c:311 +#: src/monitor/monitor.c:2456 src/tools/sssctl/sssctl_logs.c:311 msgid "Specify a non-default config file" msgstr "" -#: src/monitor/monitor.c:2478 +#: src/monitor/monitor.c:2458 msgid "Refresh the configuration database, then exit" msgstr "" -#: src/monitor/monitor.c:2481 +#: src/monitor/monitor.c:2461 msgid "Print version number and exit" msgstr "" -#: src/monitor/monitor.c:2645 +#: src/monitor/monitor.c:2627 msgid "SSSD is already running\n" msgstr "" -#: src/providers/krb5/krb5_child.c:3032 src/providers/ldap/ldap_child.c:616 +#: src/providers/krb5/krb5_child.c:3216 src/providers/ldap/ldap_child.c:617 msgid "Debug level" msgstr "" -#: src/providers/krb5/krb5_child.c:3034 src/providers/ldap/ldap_child.c:618 +#: src/providers/krb5/krb5_child.c:3218 src/providers/ldap/ldap_child.c:619 msgid "Add debug timestamps" msgstr "" -#: src/providers/krb5/krb5_child.c:3036 src/providers/ldap/ldap_child.c:620 +#: src/providers/krb5/krb5_child.c:3220 src/providers/ldap/ldap_child.c:621 msgid "Show timestamps with microseconds" msgstr "" -#: src/providers/krb5/krb5_child.c:3038 src/providers/ldap/ldap_child.c:622 +#: src/providers/krb5/krb5_child.c:3222 src/providers/ldap/ldap_child.c:623 msgid "An open file descriptor for the debug logs" msgstr "" -#: src/providers/krb5/krb5_child.c:3041 src/providers/ldap/ldap_child.c:624 +#: src/providers/krb5/krb5_child.c:3225 src/providers/ldap/ldap_child.c:625 msgid "Send the debug output to stderr directly." msgstr "" -#: src/providers/krb5/krb5_child.c:3043 +#: src/providers/krb5/krb5_child.c:3228 msgid "The user to create FAST ccache as" msgstr "" -#: src/providers/krb5/krb5_child.c:3045 +#: src/providers/krb5/krb5_child.c:3230 msgid "The group to create FAST ccache as" msgstr "" -#: src/providers/krb5/krb5_child.c:3047 +#: src/providers/krb5/krb5_child.c:3232 msgid "Kerberos realm to use" msgstr "" -#: src/providers/krb5/krb5_child.c:3049 +#: src/providers/krb5/krb5_child.c:3234 msgid "Requested lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:3051 +#: src/providers/krb5/krb5_child.c:3236 msgid "Requested renewable lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:3053 +#: src/providers/krb5/krb5_child.c:3238 msgid "FAST options ('never', 'try', 'demand')" msgstr "" -#: src/providers/krb5/krb5_child.c:3056 +#: src/providers/krb5/krb5_child.c:3241 msgid "Specifies the server principal to use for FAST" msgstr "" -#: src/providers/krb5/krb5_child.c:3058 +#: src/providers/krb5/krb5_child.c:3243 msgid "Requests canonicalization of the principal name" msgstr "" -#: src/providers/data_provider_be.c:553 +#: src/providers/krb5/krb5_child.c:3245 +msgid "Use custom version of krb5_get_init_creds_password" +msgstr "" + +#: src/providers/data_provider_be.c:555 msgid "Domain of the information provider (mandatory)" msgstr "" -#: src/sss_client/common.c:1061 +#: src/sss_client/common.c:1066 msgid "Privileged socket has wrong ownership or permissions." msgstr "" -#: src/sss_client/common.c:1064 +#: src/sss_client/common.c:1069 msgid "Public socket has wrong ownership or permissions." msgstr "" -#: src/sss_client/common.c:1067 +#: src/sss_client/common.c:1072 msgid "Unexpected format of the server credential message." msgstr "" -#: src/sss_client/common.c:1070 +#: src/sss_client/common.c:1075 msgid "SSSD is not run by root." msgstr "" -#: src/sss_client/common.c:1075 +#: src/sss_client/common.c:1080 msgid "An error occurred, but no description can be found." msgstr "" -#: src/sss_client/common.c:1081 +#: src/sss_client/common.c:1086 msgid "Unexpected error while looking for an error description" msgstr "" -#: src/sss_client/pam_sss.c:68 +#: src/sss_client/pam_sss.c:76 msgid "Permission denied. " msgstr "" -#: src/sss_client/pam_sss.c:69 src/sss_client/pam_sss.c:746 -#: src/sss_client/pam_sss.c:757 +#: src/sss_client/pam_sss.c:77 src/sss_client/pam_sss.c:782 +#: src/sss_client/pam_sss.c:793 msgid "Server message: " msgstr "" -#: src/sss_client/pam_sss.c:264 +#: src/sss_client/pam_sss.c:300 msgid "Passwords do not match" msgstr "Паролҳо номувофиқанд" -#: src/sss_client/pam_sss.c:452 +#: src/sss_client/pam_sss.c:488 msgid "Password reset by root is not supported." msgstr "" -#: src/sss_client/pam_sss.c:493 +#: src/sss_client/pam_sss.c:529 msgid "Authenticated with cached credentials" msgstr "" -#: src/sss_client/pam_sss.c:494 +#: src/sss_client/pam_sss.c:530 msgid ", your cached password will expire at: " msgstr "" -#: src/sss_client/pam_sss.c:524 +#: src/sss_client/pam_sss.c:560 #, c-format msgid "Your password has expired. You have %1$d grace login(s) remaining." msgstr "" -#: src/sss_client/pam_sss.c:570 +#: src/sss_client/pam_sss.c:606 #, c-format msgid "Your password will expire in %1$d %2$s." msgstr "" -#: src/sss_client/pam_sss.c:619 +#: src/sss_client/pam_sss.c:655 msgid "Authentication is denied until: " msgstr "" -#: src/sss_client/pam_sss.c:640 +#: src/sss_client/pam_sss.c:676 msgid "System is offline, password change not possible" msgstr "" -#: src/sss_client/pam_sss.c:655 +#: src/sss_client/pam_sss.c:691 msgid "" "After changing the OTP password, you need to log out and back in order to " "acquire a ticket" msgstr "" -#: src/sss_client/pam_sss.c:743 src/sss_client/pam_sss.c:756 +#: src/sss_client/pam_sss.c:779 src/sss_client/pam_sss.c:792 msgid "Password change failed. " msgstr "" -#: src/sss_client/pam_sss.c:1670 +#: src/sss_client/pam_sss.c:1926 msgid "New Password: " msgstr "Пароли нав:" -#: src/sss_client/pam_sss.c:1671 +#: src/sss_client/pam_sss.c:1927 msgid "Reenter new Password: " msgstr "" -#: src/sss_client/pam_sss.c:1783 src/sss_client/pam_sss.c:1786 +#: src/sss_client/pam_sss.c:2039 src/sss_client/pam_sss.c:2042 msgid "First Factor: " msgstr "" -#: src/sss_client/pam_sss.c:1784 +#: src/sss_client/pam_sss.c:2040 src/sss_client/pam_sss.c:2202 msgid "Second Factor (optional): " msgstr "" -#: src/sss_client/pam_sss.c:1787 +#: src/sss_client/pam_sss.c:2043 src/sss_client/pam_sss.c:2205 msgid "Second Factor: " msgstr "" -#: src/sss_client/pam_sss.c:1792 +#: src/sss_client/pam_sss.c:2058 msgid "Password: " msgstr "Парол:" -#: src/sss_client/pam_sss.c:1832 +#: src/sss_client/pam_sss.c:2201 src/sss_client/pam_sss.c:2204 +msgid "First Factor (Current Password): " +msgstr "" + +#: src/sss_client/pam_sss.c:2208 msgid "Current Password: " msgstr "" -#: src/sss_client/pam_sss.c:2098 +#: src/sss_client/pam_sss.c:2536 msgid "Password expired. Change your password now." msgstr "" @@ -2280,38 +2292,38 @@ msgstr "" msgid "Cached in InfoPipe" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:511 +#: src/tools/sssctl/sssctl_cache.c:512 #, c-format msgid "Error: Unable to get object [%d]: %s\n" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:527 +#: src/tools/sssctl/sssctl_cache.c:528 #, c-format msgid "%s: Unable to read value [%d]: %s\n" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:555 +#: src/tools/sssctl/sssctl_cache.c:556 msgid "Specify name." msgstr "" -#: src/tools/sssctl/sssctl_cache.c:565 +#: src/tools/sssctl/sssctl_cache.c:566 #, c-format msgid "Unable to parse name %s.\n" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:591 src/tools/sssctl/sssctl_cache.c:638 +#: src/tools/sssctl/sssctl_cache.c:592 src/tools/sssctl/sssctl_cache.c:639 msgid "Search by SID" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:592 +#: src/tools/sssctl/sssctl_cache.c:593 msgid "Search by user ID" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:601 +#: src/tools/sssctl/sssctl_cache.c:602 msgid "Initgroups expiration time" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:639 +#: src/tools/sssctl/sssctl_cache.c:640 msgid "Search by group ID" msgstr "" @@ -2349,7 +2361,7 @@ msgid "Unable to create backup directory [%d]: %s" msgstr "" #: src/tools/sssctl/sssctl_data.c:95 -msgid "SSSD backup of local data already exist, override?" +msgid "SSSD backup of local data already exists, override?" msgstr "" #: src/tools/sssctl/sssctl_data.c:111 diff --git a/po/tr.po b/po/tr.po index 32d634898d5..86ebe5bde33 100644 --- a/po/tr.po +++ b/po/tr.po @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2017-10-20 16:16+0200\n" +"POT-Creation-Date: 2018-03-09 12:31+0100\n" "PO-Revision-Date: 2014-12-14 11:49-0500\n" "Last-Translator: Copied by Zanata \n" "Language-Team: Turkish (http://www.transifex.com/projects/p/sssd/language/" @@ -492,12 +492,12 @@ msgid "Whether to automatically update the client's DNS entry" msgstr "" #: src/config/SSSDConfig/__init__.py.in:184 -#: src/config/SSSDConfig/__init__.py.in:205 +#: src/config/SSSDConfig/__init__.py.in:206 msgid "The TTL to apply to the client's DNS entry after updating it" msgstr "" #: src/config/SSSDConfig/__init__.py.in:185 -#: src/config/SSSDConfig/__init__.py.in:206 +#: src/config/SSSDConfig/__init__.py.in:207 msgid "The interface whose IP should be used for dynamic DNS updates" msgstr "" @@ -541,1114 +541,1126 @@ msgstr "" msgid "How long can cached credentials be used for cached authentication" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:200 +#: src/config/SSSDConfig/__init__.py.in:198 +msgid "Whether to automatically create private groups for users" +msgstr "" + +#: src/config/SSSDConfig/__init__.py.in:201 msgid "IPA domain" msgstr "IPA alanı" -#: src/config/SSSDConfig/__init__.py.in:201 +#: src/config/SSSDConfig/__init__.py.in:202 msgid "IPA server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:202 +#: src/config/SSSDConfig/__init__.py.in:203 msgid "Address of backup IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:203 +#: src/config/SSSDConfig/__init__.py.in:204 msgid "IPA client hostname" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:204 +#: src/config/SSSDConfig/__init__.py.in:205 msgid "Whether to automatically update the client's DNS entry in FreeIPA" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:207 +#: src/config/SSSDConfig/__init__.py.in:208 msgid "Search base for HBAC related objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:208 +#: src/config/SSSDConfig/__init__.py.in:209 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:209 +#: src/config/SSSDConfig/__init__.py.in:210 msgid "" "The amount of time in seconds between lookups of the SELinux maps against " "the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:210 +#: src/config/SSSDConfig/__init__.py.in:211 msgid "If set to false, host argument given by PAM will be ignored" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:211 +#: src/config/SSSDConfig/__init__.py.in:212 msgid "The automounter location this IPA client is using" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:212 +#: src/config/SSSDConfig/__init__.py.in:213 msgid "Search base for object containing info about IPA domain" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:213 +#: src/config/SSSDConfig/__init__.py.in:214 msgid "Search base for objects containing info about ID ranges" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:214 -#: src/config/SSSDConfig/__init__.py.in:232 +#: src/config/SSSDConfig/__init__.py.in:215 +#: src/config/SSSDConfig/__init__.py.in:233 msgid "Enable DNS sites - location based service discovery" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:215 +#: src/config/SSSDConfig/__init__.py.in:216 msgid "Search base for view containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:216 +#: src/config/SSSDConfig/__init__.py.in:217 msgid "Objectclass for view containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:217 +#: src/config/SSSDConfig/__init__.py.in:218 msgid "Attribute with the name of the view" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:218 +#: src/config/SSSDConfig/__init__.py.in:219 msgid "Objectclass for override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:219 +#: src/config/SSSDConfig/__init__.py.in:220 msgid "Attribute with the reference to the original object" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:220 +#: src/config/SSSDConfig/__init__.py.in:221 msgid "Objectclass for user override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:221 +#: src/config/SSSDConfig/__init__.py.in:222 msgid "Objectclass for group override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:222 +#: src/config/SSSDConfig/__init__.py.in:223 msgid "Search base for Desktop Profile related objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:223 +#: src/config/SSSDConfig/__init__.py.in:224 msgid "" "The amount of time in seconds between lookups of the Desktop Profile rules " "against the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:224 +#: src/config/SSSDConfig/__init__.py.in:225 msgid "" "The amount of time in minutes between lookups of Desktop Profiles rules " "against the IPA server when the last request did not find any rule" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:227 +#: src/config/SSSDConfig/__init__.py.in:228 msgid "Active Directory domain" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:228 +#: src/config/SSSDConfig/__init__.py.in:229 msgid "Enabled Active Directory domains" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:229 +#: src/config/SSSDConfig/__init__.py.in:230 msgid "Active Directory server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:230 +#: src/config/SSSDConfig/__init__.py.in:231 msgid "Active Directory backup server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:231 +#: src/config/SSSDConfig/__init__.py.in:232 msgid "Active Directory client hostname" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:233 -#: src/config/SSSDConfig/__init__.py.in:419 +#: src/config/SSSDConfig/__init__.py.in:234 +#: src/config/SSSDConfig/__init__.py.in:420 msgid "LDAP filter to determine access privileges" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:234 +#: src/config/SSSDConfig/__init__.py.in:235 msgid "Whether to use the Global Catalog for lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:235 +#: src/config/SSSDConfig/__init__.py.in:236 msgid "Operation mode for GPO-based access control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:236 +#: src/config/SSSDConfig/__init__.py.in:237 msgid "" "The amount of time between lookups of the GPO policy files against the AD " "server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:237 +#: src/config/SSSDConfig/__init__.py.in:238 msgid "" "PAM service names that map to the GPO (Deny)InteractiveLogonRight policy " "settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:238 +#: src/config/SSSDConfig/__init__.py.in:239 msgid "" "PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight " "policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:239 +#: src/config/SSSDConfig/__init__.py.in:240 msgid "" "PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:240 +#: src/config/SSSDConfig/__init__.py.in:241 msgid "" "PAM service names that map to the GPO (Deny)BatchLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:241 +#: src/config/SSSDConfig/__init__.py.in:242 msgid "" "PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:242 +#: src/config/SSSDConfig/__init__.py.in:243 msgid "PAM service names for which GPO-based access is always granted" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:243 +#: src/config/SSSDConfig/__init__.py.in:244 msgid "PAM service names for which GPO-based access is always denied" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:244 +#: src/config/SSSDConfig/__init__.py.in:245 msgid "" "Default logon right (or permit/deny) to use for unmapped PAM service names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:245 +#: src/config/SSSDConfig/__init__.py.in:246 msgid "a particular site to be used by the client" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:246 +#: src/config/SSSDConfig/__init__.py.in:247 msgid "" "Maximum age in days before the machine account password should be renewed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:247 +#: src/config/SSSDConfig/__init__.py.in:248 msgid "Option for tuning the machine account renewal task" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:250 #: src/config/SSSDConfig/__init__.py.in:251 +#: src/config/SSSDConfig/__init__.py.in:252 msgid "Kerberos server address" msgstr "Kerberos sunucu adresi" -#: src/config/SSSDConfig/__init__.py.in:252 +#: src/config/SSSDConfig/__init__.py.in:253 msgid "Kerberos backup server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:253 +#: src/config/SSSDConfig/__init__.py.in:254 msgid "Kerberos realm" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:254 +#: src/config/SSSDConfig/__init__.py.in:255 msgid "Authentication timeout" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:255 +#: src/config/SSSDConfig/__init__.py.in:256 msgid "Whether to create kdcinfo files" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:256 +#: src/config/SSSDConfig/__init__.py.in:257 msgid "Where to drop krb5 config snippets" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:259 +#: src/config/SSSDConfig/__init__.py.in:260 msgid "Directory to store credential caches" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:260 +#: src/config/SSSDConfig/__init__.py.in:261 msgid "Location of the user's credential cache" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:261 +#: src/config/SSSDConfig/__init__.py.in:262 msgid "Location of the keytab to validate credentials" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:262 +#: src/config/SSSDConfig/__init__.py.in:263 msgid "Enable credential validation" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:263 +#: src/config/SSSDConfig/__init__.py.in:264 msgid "Store password if offline for later online authentication" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:264 +#: src/config/SSSDConfig/__init__.py.in:265 msgid "Renewable lifetime of the TGT" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:265 +#: src/config/SSSDConfig/__init__.py.in:266 msgid "Lifetime of the TGT" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:266 +#: src/config/SSSDConfig/__init__.py.in:267 msgid "Time between two checks for renewal" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:267 +#: src/config/SSSDConfig/__init__.py.in:268 msgid "Enables FAST" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:268 +#: src/config/SSSDConfig/__init__.py.in:269 msgid "Selects the principal to use for FAST" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:269 +#: src/config/SSSDConfig/__init__.py.in:270 msgid "Enables principal canonicalization" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:270 +#: src/config/SSSDConfig/__init__.py.in:271 msgid "Enables enterprise principals" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:271 -msgid "A mapping from user names to kerberos principal names" +#: src/config/SSSDConfig/__init__.py.in:272 +msgid "A mapping from user names to Kerberos principal names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:274 #: src/config/SSSDConfig/__init__.py.in:275 +#: src/config/SSSDConfig/__init__.py.in:276 msgid "Server where the change password service is running if not on the KDC" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:278 +#: src/config/SSSDConfig/__init__.py.in:279 msgid "ldap_uri, The URI of the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:279 +#: src/config/SSSDConfig/__init__.py.in:280 msgid "ldap_backup_uri, The URI of the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:280 +#: src/config/SSSDConfig/__init__.py.in:281 msgid "The default base DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:281 +#: src/config/SSSDConfig/__init__.py.in:282 msgid "The Schema Type in use on the LDAP server, rfc2307" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:282 +#: src/config/SSSDConfig/__init__.py.in:283 msgid "The default bind DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:283 +#: src/config/SSSDConfig/__init__.py.in:284 msgid "The type of the authentication token of the default bind DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:284 +#: src/config/SSSDConfig/__init__.py.in:285 msgid "The authentication token of the default bind DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:285 +#: src/config/SSSDConfig/__init__.py.in:286 msgid "Length of time to attempt connection" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:286 +#: src/config/SSSDConfig/__init__.py.in:287 msgid "Length of time to attempt synchronous LDAP operations" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:287 +#: src/config/SSSDConfig/__init__.py.in:288 msgid "Length of time between attempts to reconnect while offline" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:288 +#: src/config/SSSDConfig/__init__.py.in:289 msgid "Use only the upper case for realm names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:289 +#: src/config/SSSDConfig/__init__.py.in:290 msgid "File that contains CA certificates" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:290 +#: src/config/SSSDConfig/__init__.py.in:291 msgid "Path to CA certificate directory" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:291 +#: src/config/SSSDConfig/__init__.py.in:292 msgid "File that contains the client certificate" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:292 +#: src/config/SSSDConfig/__init__.py.in:293 msgid "File that contains the client key" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:293 +#: src/config/SSSDConfig/__init__.py.in:294 msgid "List of possible ciphers suites" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:294 +#: src/config/SSSDConfig/__init__.py.in:295 msgid "Require TLS certificate verification" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:295 +#: src/config/SSSDConfig/__init__.py.in:296 msgid "Specify the sasl mechanism to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:296 +#: src/config/SSSDConfig/__init__.py.in:297 msgid "Specify the sasl authorization id to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:297 +#: src/config/SSSDConfig/__init__.py.in:298 msgid "Specify the sasl authorization realm to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:298 +#: src/config/SSSDConfig/__init__.py.in:299 msgid "Specify the minimal SSF for LDAP sasl authorization" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:299 +#: src/config/SSSDConfig/__init__.py.in:300 msgid "Kerberos service keytab" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:300 +#: src/config/SSSDConfig/__init__.py.in:301 msgid "Use Kerberos auth for LDAP connection" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:301 +#: src/config/SSSDConfig/__init__.py.in:302 msgid "Follow LDAP referrals" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:302 +#: src/config/SSSDConfig/__init__.py.in:303 msgid "Lifetime of TGT for LDAP connection" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:303 +#: src/config/SSSDConfig/__init__.py.in:304 msgid "How to dereference aliases" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:304 +#: src/config/SSSDConfig/__init__.py.in:305 msgid "Service name for DNS service lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:305 +#: src/config/SSSDConfig/__init__.py.in:306 msgid "The number of records to retrieve in a single LDAP query" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:306 +#: src/config/SSSDConfig/__init__.py.in:307 msgid "The number of members that must be missing to trigger a full deref" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:307 +#: src/config/SSSDConfig/__init__.py.in:308 msgid "" "Whether the LDAP library should perform a reverse lookup to canonicalize the " "host name during a SASL bind" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:309 +#: src/config/SSSDConfig/__init__.py.in:310 msgid "entryUSN attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:310 +#: src/config/SSSDConfig/__init__.py.in:311 msgid "lastUSN attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:312 +#: src/config/SSSDConfig/__init__.py.in:313 msgid "How long to retain a connection to the LDAP server before disconnecting" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:314 +#: src/config/SSSDConfig/__init__.py.in:315 msgid "Disable the LDAP paging control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:315 +#: src/config/SSSDConfig/__init__.py.in:316 msgid "Disable Active Directory range retrieval" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:318 +#: src/config/SSSDConfig/__init__.py.in:319 msgid "Length of time to wait for a search request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:319 +#: src/config/SSSDConfig/__init__.py.in:320 msgid "Length of time to wait for a enumeration request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:320 +#: src/config/SSSDConfig/__init__.py.in:321 msgid "Length of time between enumeration updates" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:321 +#: src/config/SSSDConfig/__init__.py.in:322 msgid "Length of time between cache cleanups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:322 +#: src/config/SSSDConfig/__init__.py.in:323 msgid "Require TLS for ID lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:323 +#: src/config/SSSDConfig/__init__.py.in:324 msgid "Use ID-mapping of objectSID instead of pre-set IDs" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:324 +#: src/config/SSSDConfig/__init__.py.in:325 msgid "Base DN for user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:325 +#: src/config/SSSDConfig/__init__.py.in:326 msgid "Scope of user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:326 +#: src/config/SSSDConfig/__init__.py.in:327 msgid "Filter for user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:327 +#: src/config/SSSDConfig/__init__.py.in:328 msgid "Objectclass for users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:328 +#: src/config/SSSDConfig/__init__.py.in:329 msgid "Username attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:330 +#: src/config/SSSDConfig/__init__.py.in:331 msgid "UID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:331 +#: src/config/SSSDConfig/__init__.py.in:332 msgid "Primary GID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:332 +#: src/config/SSSDConfig/__init__.py.in:333 msgid "GECOS attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:333 +#: src/config/SSSDConfig/__init__.py.in:334 msgid "Home directory attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:334 +#: src/config/SSSDConfig/__init__.py.in:335 msgid "Shell attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:335 +#: src/config/SSSDConfig/__init__.py.in:336 msgid "UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:336 -#: src/config/SSSDConfig/__init__.py.in:378 +#: src/config/SSSDConfig/__init__.py.in:337 +#: src/config/SSSDConfig/__init__.py.in:379 msgid "objectSID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:337 +#: src/config/SSSDConfig/__init__.py.in:338 msgid "Active Directory primary group attribute for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:338 +#: src/config/SSSDConfig/__init__.py.in:339 msgid "User principal attribute (for Kerberos)" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:339 +#: src/config/SSSDConfig/__init__.py.in:340 msgid "Full Name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:341 msgid "memberOf attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:341 +#: src/config/SSSDConfig/__init__.py.in:342 msgid "Modification time attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:343 +#: src/config/SSSDConfig/__init__.py.in:344 msgid "shadowLastChange attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:344 +#: src/config/SSSDConfig/__init__.py.in:345 msgid "shadowMin attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:345 +#: src/config/SSSDConfig/__init__.py.in:346 msgid "shadowMax attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:346 +#: src/config/SSSDConfig/__init__.py.in:347 msgid "shadowWarning attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:347 +#: src/config/SSSDConfig/__init__.py.in:348 msgid "shadowInactive attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:348 +#: src/config/SSSDConfig/__init__.py.in:349 msgid "shadowExpire attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:349 +#: src/config/SSSDConfig/__init__.py.in:350 msgid "shadowFlag attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:350 +#: src/config/SSSDConfig/__init__.py.in:351 msgid "Attribute listing authorized PAM services" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:351 +#: src/config/SSSDConfig/__init__.py.in:352 msgid "Attribute listing authorized server hosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:352 +#: src/config/SSSDConfig/__init__.py.in:353 msgid "Attribute listing authorized server rhosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:353 +#: src/config/SSSDConfig/__init__.py.in:354 msgid "krbLastPwdChange attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:354 +#: src/config/SSSDConfig/__init__.py.in:355 msgid "krbPasswordExpiration attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:355 +#: src/config/SSSDConfig/__init__.py.in:356 msgid "Attribute indicating that server side password policies are active" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:356 +#: src/config/SSSDConfig/__init__.py.in:357 msgid "accountExpires attribute of AD" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:357 +#: src/config/SSSDConfig/__init__.py.in:358 msgid "userAccountControl attribute of AD" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:358 +#: src/config/SSSDConfig/__init__.py.in:359 msgid "nsAccountLock attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:359 +#: src/config/SSSDConfig/__init__.py.in:360 msgid "loginDisabled attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:360 +#: src/config/SSSDConfig/__init__.py.in:361 msgid "loginExpirationTime attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:361 +#: src/config/SSSDConfig/__init__.py.in:362 msgid "loginAllowedTimeMap attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:362 +#: src/config/SSSDConfig/__init__.py.in:363 msgid "SSH public key attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:363 +#: src/config/SSSDConfig/__init__.py.in:364 msgid "attribute listing allowed authentication types for a user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:364 +#: src/config/SSSDConfig/__init__.py.in:365 msgid "attribute containing the X509 certificate of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:365 +#: src/config/SSSDConfig/__init__.py.in:366 msgid "attribute containing the email address of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:367 +#: src/config/SSSDConfig/__init__.py.in:368 msgid "A list of extra attributes to download along with the user entry" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:369 +#: src/config/SSSDConfig/__init__.py.in:370 msgid "Base DN for group lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:372 +#: src/config/SSSDConfig/__init__.py.in:373 msgid "Objectclass for groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:373 +#: src/config/SSSDConfig/__init__.py.in:374 msgid "Group name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:374 +#: src/config/SSSDConfig/__init__.py.in:375 msgid "Group password" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:375 +#: src/config/SSSDConfig/__init__.py.in:376 msgid "GID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:376 +#: src/config/SSSDConfig/__init__.py.in:377 msgid "Group member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:377 +#: src/config/SSSDConfig/__init__.py.in:378 msgid "Group UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:379 +#: src/config/SSSDConfig/__init__.py.in:380 msgid "Modification time attribute for groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:380 +#: src/config/SSSDConfig/__init__.py.in:381 msgid "Type of the group and other flags" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:381 +#: src/config/SSSDConfig/__init__.py.in:382 msgid "The LDAP group external member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:383 -msgid "Maximum nesting level SSSd will follow" +#: src/config/SSSDConfig/__init__.py.in:384 +msgid "Maximum nesting level SSSD will follow" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:385 +#: src/config/SSSDConfig/__init__.py.in:386 msgid "Base DN for netgroup lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:386 +#: src/config/SSSDConfig/__init__.py.in:387 msgid "Objectclass for netgroups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:387 +#: src/config/SSSDConfig/__init__.py.in:388 msgid "Netgroup name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:388 +#: src/config/SSSDConfig/__init__.py.in:389 msgid "Netgroups members attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:389 +#: src/config/SSSDConfig/__init__.py.in:390 msgid "Netgroup triple attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:390 +#: src/config/SSSDConfig/__init__.py.in:391 msgid "Modification time attribute for netgroups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:392 +#: src/config/SSSDConfig/__init__.py.in:393 msgid "Base DN for service lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:393 +#: src/config/SSSDConfig/__init__.py.in:394 msgid "Objectclass for services" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:394 +#: src/config/SSSDConfig/__init__.py.in:395 msgid "Service name attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:395 +#: src/config/SSSDConfig/__init__.py.in:396 msgid "Service port attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:396 +#: src/config/SSSDConfig/__init__.py.in:397 msgid "Service protocol attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:399 +#: src/config/SSSDConfig/__init__.py.in:400 msgid "Lower bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:400 +#: src/config/SSSDConfig/__init__.py.in:401 msgid "Upper bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:401 +#: src/config/SSSDConfig/__init__.py.in:402 msgid "Number of IDs for each slice when ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:402 +#: src/config/SSSDConfig/__init__.py.in:403 msgid "Use autorid-compatible algorithm for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:403 +#: src/config/SSSDConfig/__init__.py.in:404 msgid "Name of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:404 +#: src/config/SSSDConfig/__init__.py.in:405 msgid "SID of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:405 +#: src/config/SSSDConfig/__init__.py.in:406 msgid "Number of secondary slices" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:407 +#: src/config/SSSDConfig/__init__.py.in:408 msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:408 +#: src/config/SSSDConfig/__init__.py.in:409 msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:409 +#: src/config/SSSDConfig/__init__.py.in:410 msgid "Whether to use Token-Groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:410 +#: src/config/SSSDConfig/__init__.py.in:411 msgid "Set lower boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:411 +#: src/config/SSSDConfig/__init__.py.in:412 msgid "Set upper boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:412 +#: src/config/SSSDConfig/__init__.py.in:413 msgid "DN for ppolicy queries" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:413 +#: src/config/SSSDConfig/__init__.py.in:414 msgid "How many maximum entries to fetch during a wildcard request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:416 +#: src/config/SSSDConfig/__init__.py.in:417 msgid "Policy to evaluate the password expiration" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:420 +#: src/config/SSSDConfig/__init__.py.in:421 msgid "Which attributes shall be used to evaluate if an account is expired" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:421 +#: src/config/SSSDConfig/__init__.py.in:422 msgid "Which rules should be used to evaluate access control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:424 +#: src/config/SSSDConfig/__init__.py.in:425 msgid "URI of an LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:425 +#: src/config/SSSDConfig/__init__.py.in:426 msgid "URI of a backup LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:426 +#: src/config/SSSDConfig/__init__.py.in:427 msgid "DNS service name for LDAP password change server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:427 +#: src/config/SSSDConfig/__init__.py.in:428 msgid "" "Whether to update the ldap_user_shadow_last_change attribute after a " "password change" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:430 +#: src/config/SSSDConfig/__init__.py.in:431 msgid "Base DN for sudo rules lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:431 +#: src/config/SSSDConfig/__init__.py.in:432 msgid "Automatic full refresh period" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:432 +#: src/config/SSSDConfig/__init__.py.in:433 msgid "Automatic smart refresh period" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:433 +#: src/config/SSSDConfig/__init__.py.in:434 msgid "Whether to filter rules by hostname, IP addresses and network" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:434 +#: src/config/SSSDConfig/__init__.py.in:435 msgid "" "Hostnames and/or fully qualified domain names of this machine to filter sudo " "rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:435 +#: src/config/SSSDConfig/__init__.py.in:436 msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:436 +#: src/config/SSSDConfig/__init__.py.in:437 msgid "Whether to include rules that contains netgroup in host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:437 +#: src/config/SSSDConfig/__init__.py.in:438 msgid "" "Whether to include rules that contains regular expression in host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:438 +#: src/config/SSSDConfig/__init__.py.in:439 msgid "Object class for sudo rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:439 +#: src/config/SSSDConfig/__init__.py.in:440 msgid "Sudo rule name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:440 +#: src/config/SSSDConfig/__init__.py.in:441 msgid "Sudo rule command attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:441 +#: src/config/SSSDConfig/__init__.py.in:442 msgid "Sudo rule host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:442 +#: src/config/SSSDConfig/__init__.py.in:443 msgid "Sudo rule user attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:443 +#: src/config/SSSDConfig/__init__.py.in:444 msgid "Sudo rule option attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:444 +#: src/config/SSSDConfig/__init__.py.in:445 msgid "Sudo rule runas attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:445 +#: src/config/SSSDConfig/__init__.py.in:446 msgid "Sudo rule runasuser attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:446 +#: src/config/SSSDConfig/__init__.py.in:447 msgid "Sudo rule runasgroup attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:447 +#: src/config/SSSDConfig/__init__.py.in:448 msgid "Sudo rule notbefore attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:448 +#: src/config/SSSDConfig/__init__.py.in:449 msgid "Sudo rule notafter attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:449 +#: src/config/SSSDConfig/__init__.py.in:450 msgid "Sudo rule order attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:452 +#: src/config/SSSDConfig/__init__.py.in:453 msgid "Object class for automounter maps" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:453 +#: src/config/SSSDConfig/__init__.py.in:454 msgid "Automounter map name attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:454 +#: src/config/SSSDConfig/__init__.py.in:455 msgid "Object class for automounter map entries" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:455 +#: src/config/SSSDConfig/__init__.py.in:456 msgid "Automounter map entry key attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:456 +#: src/config/SSSDConfig/__init__.py.in:457 msgid "Automounter map entry value attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:457 +#: src/config/SSSDConfig/__init__.py.in:458 msgid "Base DN for automounter map lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:460 +#: src/config/SSSDConfig/__init__.py.in:461 msgid "Comma separated list of allowed users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:461 +#: src/config/SSSDConfig/__init__.py.in:462 msgid "Comma separated list of prohibited users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:464 +#: src/config/SSSDConfig/__init__.py.in:465 msgid "Default shell, /bin/bash" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:465 +#: src/config/SSSDConfig/__init__.py.in:466 msgid "Base for home directories" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:468 +#: src/config/SSSDConfig/__init__.py.in:469 msgid "The number of preforked proxy children." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:471 +#: src/config/SSSDConfig/__init__.py.in:472 msgid "The name of the NSS library to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:472 +#: src/config/SSSDConfig/__init__.py.in:473 msgid "Whether to look up canonical group name from cache if possible" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:475 +#: src/config/SSSDConfig/__init__.py.in:476 msgid "PAM stack to use" msgstr "" -#: src/monitor/monitor.c:2469 +#: src/monitor/monitor.c:2449 msgid "Become a daemon (default)" msgstr "" -#: src/monitor/monitor.c:2471 +#: src/monitor/monitor.c:2451 msgid "Run interactive (not a daemon)" msgstr "" -#: src/monitor/monitor.c:2474 +#: src/monitor/monitor.c:2454 msgid "Disable netlink interface" msgstr "" -#: src/monitor/monitor.c:2476 src/tools/sssctl/sssctl_logs.c:311 +#: src/monitor/monitor.c:2456 src/tools/sssctl/sssctl_logs.c:311 msgid "Specify a non-default config file" msgstr "" -#: src/monitor/monitor.c:2478 +#: src/monitor/monitor.c:2458 msgid "Refresh the configuration database, then exit" msgstr "" -#: src/monitor/monitor.c:2481 +#: src/monitor/monitor.c:2461 msgid "Print version number and exit" msgstr "" -#: src/monitor/monitor.c:2645 +#: src/monitor/monitor.c:2627 msgid "SSSD is already running\n" msgstr "" -#: src/providers/krb5/krb5_child.c:3032 src/providers/ldap/ldap_child.c:616 +#: src/providers/krb5/krb5_child.c:3216 src/providers/ldap/ldap_child.c:617 msgid "Debug level" msgstr "" -#: src/providers/krb5/krb5_child.c:3034 src/providers/ldap/ldap_child.c:618 +#: src/providers/krb5/krb5_child.c:3218 src/providers/ldap/ldap_child.c:619 msgid "Add debug timestamps" msgstr "" -#: src/providers/krb5/krb5_child.c:3036 src/providers/ldap/ldap_child.c:620 +#: src/providers/krb5/krb5_child.c:3220 src/providers/ldap/ldap_child.c:621 msgid "Show timestamps with microseconds" msgstr "" -#: src/providers/krb5/krb5_child.c:3038 src/providers/ldap/ldap_child.c:622 +#: src/providers/krb5/krb5_child.c:3222 src/providers/ldap/ldap_child.c:623 msgid "An open file descriptor for the debug logs" msgstr "" -#: src/providers/krb5/krb5_child.c:3041 src/providers/ldap/ldap_child.c:624 +#: src/providers/krb5/krb5_child.c:3225 src/providers/ldap/ldap_child.c:625 msgid "Send the debug output to stderr directly." msgstr "" -#: src/providers/krb5/krb5_child.c:3043 +#: src/providers/krb5/krb5_child.c:3228 msgid "The user to create FAST ccache as" msgstr "" -#: src/providers/krb5/krb5_child.c:3045 +#: src/providers/krb5/krb5_child.c:3230 msgid "The group to create FAST ccache as" msgstr "" -#: src/providers/krb5/krb5_child.c:3047 +#: src/providers/krb5/krb5_child.c:3232 msgid "Kerberos realm to use" msgstr "" -#: src/providers/krb5/krb5_child.c:3049 +#: src/providers/krb5/krb5_child.c:3234 msgid "Requested lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:3051 +#: src/providers/krb5/krb5_child.c:3236 msgid "Requested renewable lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:3053 +#: src/providers/krb5/krb5_child.c:3238 msgid "FAST options ('never', 'try', 'demand')" msgstr "" -#: src/providers/krb5/krb5_child.c:3056 +#: src/providers/krb5/krb5_child.c:3241 msgid "Specifies the server principal to use for FAST" msgstr "" -#: src/providers/krb5/krb5_child.c:3058 +#: src/providers/krb5/krb5_child.c:3243 msgid "Requests canonicalization of the principal name" msgstr "" -#: src/providers/data_provider_be.c:553 +#: src/providers/krb5/krb5_child.c:3245 +msgid "Use custom version of krb5_get_init_creds_password" +msgstr "" + +#: src/providers/data_provider_be.c:555 msgid "Domain of the information provider (mandatory)" msgstr "" -#: src/sss_client/common.c:1061 +#: src/sss_client/common.c:1066 msgid "Privileged socket has wrong ownership or permissions." msgstr "" -#: src/sss_client/common.c:1064 +#: src/sss_client/common.c:1069 msgid "Public socket has wrong ownership or permissions." msgstr "" -#: src/sss_client/common.c:1067 +#: src/sss_client/common.c:1072 msgid "Unexpected format of the server credential message." msgstr "" -#: src/sss_client/common.c:1070 +#: src/sss_client/common.c:1075 msgid "SSSD is not run by root." msgstr "" -#: src/sss_client/common.c:1075 +#: src/sss_client/common.c:1080 msgid "An error occurred, but no description can be found." msgstr "" -#: src/sss_client/common.c:1081 +#: src/sss_client/common.c:1086 msgid "Unexpected error while looking for an error description" msgstr "" -#: src/sss_client/pam_sss.c:68 +#: src/sss_client/pam_sss.c:76 msgid "Permission denied. " msgstr "" -#: src/sss_client/pam_sss.c:69 src/sss_client/pam_sss.c:746 -#: src/sss_client/pam_sss.c:757 +#: src/sss_client/pam_sss.c:77 src/sss_client/pam_sss.c:782 +#: src/sss_client/pam_sss.c:793 msgid "Server message: " msgstr "" -#: src/sss_client/pam_sss.c:264 +#: src/sss_client/pam_sss.c:300 msgid "Passwords do not match" msgstr "" -#: src/sss_client/pam_sss.c:452 +#: src/sss_client/pam_sss.c:488 msgid "Password reset by root is not supported." msgstr "" -#: src/sss_client/pam_sss.c:493 +#: src/sss_client/pam_sss.c:529 msgid "Authenticated with cached credentials" msgstr "" -#: src/sss_client/pam_sss.c:494 +#: src/sss_client/pam_sss.c:530 msgid ", your cached password will expire at: " msgstr "" -#: src/sss_client/pam_sss.c:524 +#: src/sss_client/pam_sss.c:560 #, c-format msgid "Your password has expired. You have %1$d grace login(s) remaining." msgstr "" -#: src/sss_client/pam_sss.c:570 +#: src/sss_client/pam_sss.c:606 #, c-format msgid "Your password will expire in %1$d %2$s." msgstr "" -#: src/sss_client/pam_sss.c:619 +#: src/sss_client/pam_sss.c:655 msgid "Authentication is denied until: " msgstr "" -#: src/sss_client/pam_sss.c:640 +#: src/sss_client/pam_sss.c:676 msgid "System is offline, password change not possible" msgstr "" -#: src/sss_client/pam_sss.c:655 +#: src/sss_client/pam_sss.c:691 msgid "" "After changing the OTP password, you need to log out and back in order to " "acquire a ticket" msgstr "" -#: src/sss_client/pam_sss.c:743 src/sss_client/pam_sss.c:756 +#: src/sss_client/pam_sss.c:779 src/sss_client/pam_sss.c:792 msgid "Password change failed. " msgstr "" -#: src/sss_client/pam_sss.c:1670 +#: src/sss_client/pam_sss.c:1926 msgid "New Password: " msgstr "" -#: src/sss_client/pam_sss.c:1671 +#: src/sss_client/pam_sss.c:1927 msgid "Reenter new Password: " msgstr "" -#: src/sss_client/pam_sss.c:1783 src/sss_client/pam_sss.c:1786 +#: src/sss_client/pam_sss.c:2039 src/sss_client/pam_sss.c:2042 msgid "First Factor: " msgstr "" -#: src/sss_client/pam_sss.c:1784 +#: src/sss_client/pam_sss.c:2040 src/sss_client/pam_sss.c:2202 msgid "Second Factor (optional): " msgstr "" -#: src/sss_client/pam_sss.c:1787 +#: src/sss_client/pam_sss.c:2043 src/sss_client/pam_sss.c:2205 msgid "Second Factor: " msgstr "" -#: src/sss_client/pam_sss.c:1792 +#: src/sss_client/pam_sss.c:2058 msgid "Password: " msgstr "" -#: src/sss_client/pam_sss.c:1832 +#: src/sss_client/pam_sss.c:2201 src/sss_client/pam_sss.c:2204 +msgid "First Factor (Current Password): " +msgstr "" + +#: src/sss_client/pam_sss.c:2208 msgid "Current Password: " msgstr "" -#: src/sss_client/pam_sss.c:2098 +#: src/sss_client/pam_sss.c:2536 msgid "Password expired. Change your password now." msgstr "" @@ -2281,38 +2293,38 @@ msgstr "" msgid "Cached in InfoPipe" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:511 +#: src/tools/sssctl/sssctl_cache.c:512 #, c-format msgid "Error: Unable to get object [%d]: %s\n" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:527 +#: src/tools/sssctl/sssctl_cache.c:528 #, c-format msgid "%s: Unable to read value [%d]: %s\n" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:555 +#: src/tools/sssctl/sssctl_cache.c:556 msgid "Specify name." msgstr "" -#: src/tools/sssctl/sssctl_cache.c:565 +#: src/tools/sssctl/sssctl_cache.c:566 #, c-format msgid "Unable to parse name %s.\n" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:591 src/tools/sssctl/sssctl_cache.c:638 +#: src/tools/sssctl/sssctl_cache.c:592 src/tools/sssctl/sssctl_cache.c:639 msgid "Search by SID" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:592 +#: src/tools/sssctl/sssctl_cache.c:593 msgid "Search by user ID" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:601 +#: src/tools/sssctl/sssctl_cache.c:602 msgid "Initgroups expiration time" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:639 +#: src/tools/sssctl/sssctl_cache.c:640 msgid "Search by group ID" msgstr "" @@ -2350,7 +2362,7 @@ msgid "Unable to create backup directory [%d]: %s" msgstr "" #: src/tools/sssctl/sssctl_data.c:95 -msgid "SSSD backup of local data already exist, override?" +msgid "SSSD backup of local data already exists, override?" msgstr "" #: src/tools/sssctl/sssctl_data.c:111 diff --git a/po/uk.po b/po/uk.po index af080c36f61..b1c9a9d7ed8 100644 --- a/po/uk.po +++ b/po/uk.po @@ -12,7 +12,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2017-10-20 16:16+0200\n" +"POT-Creation-Date: 2018-03-09 12:31+0100\n" "PO-Revision-Date: 2017-07-26 12:16-0400\n" "Last-Translator: Copied by Zanata \n" "Language-Team: Ukrainian (http://www.transifex.com/projects/p/sssd/language/" @@ -563,13 +563,13 @@ msgid "Whether to automatically update the client's DNS entry" msgstr "Визначає, чи слід автоматично оновлювати запис DNS клієнта" #: src/config/SSSDConfig/__init__.py.in:184 -#: src/config/SSSDConfig/__init__.py.in:205 +#: src/config/SSSDConfig/__init__.py.in:206 msgid "The TTL to apply to the client's DNS entry after updating it" msgstr "" "TTL, який слід застосовувати до запису DNS клієнта після його оновлення" #: src/config/SSSDConfig/__init__.py.in:185 -#: src/config/SSSDConfig/__init__.py.in:206 +#: src/config/SSSDConfig/__init__.py.in:207 msgid "The interface whose IP should be used for dynamic DNS updates" msgstr "" "Інтерфейс, чию адресу IP має бути використано для динамічних оновлень DNS" @@ -621,108 +621,113 @@ msgstr "" "Строк, протягом якого кешовані реєстраційні дані може бути використано для " "розпізнавання за кешем" -#: src/config/SSSDConfig/__init__.py.in:200 +#: src/config/SSSDConfig/__init__.py.in:198 +#, fuzzy +msgid "Whether to automatically create private groups for users" +msgstr "Визначає, чи слід автоматично оновлювати запис DNS клієнта" + +#: src/config/SSSDConfig/__init__.py.in:201 msgid "IPA domain" msgstr "Домен IPA" -#: src/config/SSSDConfig/__init__.py.in:201 +#: src/config/SSSDConfig/__init__.py.in:202 msgid "IPA server address" msgstr "Адреса сервера IPA" -#: src/config/SSSDConfig/__init__.py.in:202 +#: src/config/SSSDConfig/__init__.py.in:203 msgid "Address of backup IPA server" msgstr "Адреса резервного сервера IPA" -#: src/config/SSSDConfig/__init__.py.in:203 +#: src/config/SSSDConfig/__init__.py.in:204 msgid "IPA client hostname" msgstr "Назва вузла клієнта IPA" -#: src/config/SSSDConfig/__init__.py.in:204 +#: src/config/SSSDConfig/__init__.py.in:205 msgid "Whether to automatically update the client's DNS entry in FreeIPA" msgstr "" "Визначає, чи слід автоматично оновлювати запис DNS клієнтського вузла у " "FreeIPA" -#: src/config/SSSDConfig/__init__.py.in:207 +#: src/config/SSSDConfig/__init__.py.in:208 msgid "Search base for HBAC related objects" msgstr "Шукати у базі об’єкти, пов’язані з HBAC" -#: src/config/SSSDConfig/__init__.py.in:208 +#: src/config/SSSDConfig/__init__.py.in:209 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server" msgstr "" "Інтервал часу між послідовними сеансами пошуку правил HBAC на сервері IPA" -#: src/config/SSSDConfig/__init__.py.in:209 +#: src/config/SSSDConfig/__init__.py.in:210 msgid "" "The amount of time in seconds between lookups of the SELinux maps against " "the IPA server" msgstr "Час, у секундах, між пошуками у картах SELinux на сервері IPA" -#: src/config/SSSDConfig/__init__.py.in:210 +#: src/config/SSSDConfig/__init__.py.in:211 msgid "If set to false, host argument given by PAM will be ignored" msgstr "" "Якщо встановлено значення «false», аргумент вузла, наданий PAM, буде " "проігноровано" -#: src/config/SSSDConfig/__init__.py.in:211 +#: src/config/SSSDConfig/__init__.py.in:212 msgid "The automounter location this IPA client is using" msgstr "Адреса автоматичного монтування, яку використовує цей клієнт IPA" -#: src/config/SSSDConfig/__init__.py.in:212 +#: src/config/SSSDConfig/__init__.py.in:213 msgid "Search base for object containing info about IPA domain" msgstr "Шукати у базі об’єкт, що містить дані щодо домену IPA" -#: src/config/SSSDConfig/__init__.py.in:213 +#: src/config/SSSDConfig/__init__.py.in:214 msgid "Search base for objects containing info about ID ranges" msgstr "Шукати у базі об’єкти, що містять дані щодо діапазонів ідентифікаторів" -#: src/config/SSSDConfig/__init__.py.in:214 -#: src/config/SSSDConfig/__init__.py.in:232 +#: src/config/SSSDConfig/__init__.py.in:215 +#: src/config/SSSDConfig/__init__.py.in:233 msgid "Enable DNS sites - location based service discovery" msgstr "Увімкнути сайти DNS — визначення служб на основі адрес" -#: src/config/SSSDConfig/__init__.py.in:215 +#: src/config/SSSDConfig/__init__.py.in:216 msgid "Search base for view containers" msgstr "Шукати у базі контейнери перегляду" -#: src/config/SSSDConfig/__init__.py.in:216 +#: src/config/SSSDConfig/__init__.py.in:217 msgid "Objectclass for view containers" msgstr "Клас об’єктів для контейнерів перегляду" -#: src/config/SSSDConfig/__init__.py.in:217 +#: src/config/SSSDConfig/__init__.py.in:218 msgid "Attribute with the name of the view" msgstr "Атрибут із назвою перегляду" -#: src/config/SSSDConfig/__init__.py.in:218 +#: src/config/SSSDConfig/__init__.py.in:219 msgid "Objectclass for override objects" msgstr "Клас об’єктів для об’єктів перевизначення" -#: src/config/SSSDConfig/__init__.py.in:219 +#: src/config/SSSDConfig/__init__.py.in:220 msgid "Attribute with the reference to the original object" msgstr "Атрибут із посиланням на початковий об’єкт" -#: src/config/SSSDConfig/__init__.py.in:220 +#: src/config/SSSDConfig/__init__.py.in:221 msgid "Objectclass for user override objects" msgstr "Клас об’єктів для об’єктів перевизначення користувачів" -#: src/config/SSSDConfig/__init__.py.in:221 +#: src/config/SSSDConfig/__init__.py.in:222 msgid "Objectclass for group override objects" msgstr "Клас об’єктів для об’єктів перевизначення груп" -#: src/config/SSSDConfig/__init__.py.in:222 +#: src/config/SSSDConfig/__init__.py.in:223 #, fuzzy msgid "Search base for Desktop Profile related objects" msgstr "Шукати у базі об’єкти, пов’язані з HBAC" -#: src/config/SSSDConfig/__init__.py.in:223 +#: src/config/SSSDConfig/__init__.py.in:224 #, fuzzy msgid "" "The amount of time in seconds between lookups of the Desktop Profile rules " "against the IPA server" msgstr "Час, у секундах, між пошуками у картах SELinux на сервері IPA" -#: src/config/SSSDConfig/__init__.py.in:224 +#: src/config/SSSDConfig/__init__.py.in:225 #, fuzzy msgid "" "The amount of time in minutes between lookups of Desktop Profiles rules " @@ -730,47 +735,47 @@ msgid "" msgstr "" "Інтервал часу між послідовними сеансами пошуку правил HBAC на сервері IPA" -#: src/config/SSSDConfig/__init__.py.in:227 +#: src/config/SSSDConfig/__init__.py.in:228 msgid "Active Directory domain" msgstr "Домен Active Directory" -#: src/config/SSSDConfig/__init__.py.in:228 +#: src/config/SSSDConfig/__init__.py.in:229 msgid "Enabled Active Directory domains" msgstr "Увімкнені домени Active Directory" -#: src/config/SSSDConfig/__init__.py.in:229 +#: src/config/SSSDConfig/__init__.py.in:230 msgid "Active Directory server address" msgstr "Адреса сервера Active Directory" -#: src/config/SSSDConfig/__init__.py.in:230 +#: src/config/SSSDConfig/__init__.py.in:231 msgid "Active Directory backup server address" msgstr "Адреса резервного сервера Active Directory" -#: src/config/SSSDConfig/__init__.py.in:231 +#: src/config/SSSDConfig/__init__.py.in:232 msgid "Active Directory client hostname" msgstr "Назва клієнтського вузла Active Directory" -#: src/config/SSSDConfig/__init__.py.in:233 -#: src/config/SSSDConfig/__init__.py.in:419 +#: src/config/SSSDConfig/__init__.py.in:234 +#: src/config/SSSDConfig/__init__.py.in:420 msgid "LDAP filter to determine access privileges" msgstr "Фільтр LDAP для визначення прав доступу" -#: src/config/SSSDConfig/__init__.py.in:234 +#: src/config/SSSDConfig/__init__.py.in:235 msgid "Whether to use the Global Catalog for lookups" msgstr "Чи слід використовувати загальний каталог для пошуку" -#: src/config/SSSDConfig/__init__.py.in:235 +#: src/config/SSSDConfig/__init__.py.in:236 msgid "Operation mode for GPO-based access control" msgstr "Режим роботи для керування доступом на основі GPO" -#: src/config/SSSDConfig/__init__.py.in:236 +#: src/config/SSSDConfig/__init__.py.in:237 msgid "" "The amount of time between lookups of the GPO policy files against the AD " "server" msgstr "" "Інтервал часу між послідовними сеансами пошуку правил GPO на сервері AD" -#: src/config/SSSDConfig/__init__.py.in:237 +#: src/config/SSSDConfig/__init__.py.in:238 msgid "" "PAM service names that map to the GPO (Deny)InteractiveLogonRight policy " "settings" @@ -778,7 +783,7 @@ msgstr "" "Назви служб PAM, які виконують прив’язування до параметрів правил GPO " "(Deny)InteractiveLogonRight" -#: src/config/SSSDConfig/__init__.py.in:238 +#: src/config/SSSDConfig/__init__.py.in:239 msgid "" "PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight " "policy settings" @@ -786,266 +791,267 @@ msgstr "" "Назви служб PAM, які виконують прив’язування до параметрів правил GPO " "(Deny)RemoteInteractiveLogonRight" -#: src/config/SSSDConfig/__init__.py.in:239 +#: src/config/SSSDConfig/__init__.py.in:240 msgid "" "PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings" msgstr "" "Назви служб PAM, які виконують прив’язування до параметрів правил GPO " "(Deny)NetworkLogonRight" -#: src/config/SSSDConfig/__init__.py.in:240 +#: src/config/SSSDConfig/__init__.py.in:241 msgid "" "PAM service names that map to the GPO (Deny)BatchLogonRight policy settings" msgstr "" "Назви служб PAM, які виконують прив’язування до параметрів правил GPO " "(Deny)BatchLogonRight" -#: src/config/SSSDConfig/__init__.py.in:241 +#: src/config/SSSDConfig/__init__.py.in:242 msgid "" "PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings" msgstr "" "Назви служб PAM, які виконують прив’язування до параметрів правил GPO " "(Deny)ServiceLogonRight" -#: src/config/SSSDConfig/__init__.py.in:242 +#: src/config/SSSDConfig/__init__.py.in:243 msgid "PAM service names for which GPO-based access is always granted" msgstr "Назви служб PAM, яким завжди надається доступ на основі GPO" -#: src/config/SSSDConfig/__init__.py.in:243 +#: src/config/SSSDConfig/__init__.py.in:244 msgid "PAM service names for which GPO-based access is always denied" msgstr "Назви служб PAM, яким ніколи не надається доступ на основі GPO" -#: src/config/SSSDConfig/__init__.py.in:244 +#: src/config/SSSDConfig/__init__.py.in:245 msgid "" "Default logon right (or permit/deny) to use for unmapped PAM service names" msgstr "" "Типове правило входу (або допуск/заборона), яким слід користуватися для " "неприв’язаних назв служб PAM" -#: src/config/SSSDConfig/__init__.py.in:245 +#: src/config/SSSDConfig/__init__.py.in:246 msgid "a particular site to be used by the client" msgstr "певний сайт, який слід використовувати клієнту" -#: src/config/SSSDConfig/__init__.py.in:246 +#: src/config/SSSDConfig/__init__.py.in:247 msgid "" "Maximum age in days before the machine account password should be renewed" msgstr "" "Максимальний вік пароля облікового запису комп'ютера, при досягненні якого " "пароль має бути оновлено" -#: src/config/SSSDConfig/__init__.py.in:247 +#: src/config/SSSDConfig/__init__.py.in:248 #, fuzzy msgid "Option for tuning the machine account renewal task" msgstr "" "Параметр для налаштовування завдання з оновлення облікових записів " "комп'ютерів" -#: src/config/SSSDConfig/__init__.py.in:250 #: src/config/SSSDConfig/__init__.py.in:251 +#: src/config/SSSDConfig/__init__.py.in:252 msgid "Kerberos server address" msgstr "Адреса сервера Kerberos" -#: src/config/SSSDConfig/__init__.py.in:252 +#: src/config/SSSDConfig/__init__.py.in:253 msgid "Kerberos backup server address" msgstr "Адреса резервного сервера Kerberos" -#: src/config/SSSDConfig/__init__.py.in:253 +#: src/config/SSSDConfig/__init__.py.in:254 msgid "Kerberos realm" msgstr "Область Kerberos" -#: src/config/SSSDConfig/__init__.py.in:254 +#: src/config/SSSDConfig/__init__.py.in:255 msgid "Authentication timeout" msgstr "Час очікування на розпізнавання" -#: src/config/SSSDConfig/__init__.py.in:255 +#: src/config/SSSDConfig/__init__.py.in:256 msgid "Whether to create kdcinfo files" msgstr "Визначає, чи слід створювати файли kdcinfo" -#: src/config/SSSDConfig/__init__.py.in:256 +#: src/config/SSSDConfig/__init__.py.in:257 msgid "Where to drop krb5 config snippets" msgstr "Місце, куди слід скидати фрагменти налаштувань krb5" -#: src/config/SSSDConfig/__init__.py.in:259 +#: src/config/SSSDConfig/__init__.py.in:260 msgid "Directory to store credential caches" msgstr "Каталог, де зберігатиметься кеш реєстраційних даних" -#: src/config/SSSDConfig/__init__.py.in:260 +#: src/config/SSSDConfig/__init__.py.in:261 msgid "Location of the user's credential cache" msgstr "Адреса кешу реєстраційних даних користувача" -#: src/config/SSSDConfig/__init__.py.in:261 +#: src/config/SSSDConfig/__init__.py.in:262 msgid "Location of the keytab to validate credentials" msgstr "Адреса таблиці ключів для перевірки реєстраційних даних" -#: src/config/SSSDConfig/__init__.py.in:262 +#: src/config/SSSDConfig/__init__.py.in:263 msgid "Enable credential validation" msgstr "Увімкнути перевірку реєстраційних даних" -#: src/config/SSSDConfig/__init__.py.in:263 +#: src/config/SSSDConfig/__init__.py.in:264 msgid "Store password if offline for later online authentication" msgstr "Зберігати пароль у автономному режимі для розпізнавання у мережі" -#: src/config/SSSDConfig/__init__.py.in:264 +#: src/config/SSSDConfig/__init__.py.in:265 msgid "Renewable lifetime of the TGT" msgstr "Поновлюваний строк дії TGT" -#: src/config/SSSDConfig/__init__.py.in:265 +#: src/config/SSSDConfig/__init__.py.in:266 msgid "Lifetime of the TGT" msgstr "Строк дії TGT" -#: src/config/SSSDConfig/__init__.py.in:266 +#: src/config/SSSDConfig/__init__.py.in:267 msgid "Time between two checks for renewal" msgstr "Граничний час між двома перевірками для поновлення" -#: src/config/SSSDConfig/__init__.py.in:267 +#: src/config/SSSDConfig/__init__.py.in:268 msgid "Enables FAST" msgstr "Вмикає FAST" -#: src/config/SSSDConfig/__init__.py.in:268 +#: src/config/SSSDConfig/__init__.py.in:269 msgid "Selects the principal to use for FAST" msgstr "Визначає реєстраційний запис, який слід використовувати для FAST" -#: src/config/SSSDConfig/__init__.py.in:269 +#: src/config/SSSDConfig/__init__.py.in:270 msgid "Enables principal canonicalization" msgstr "Вмикає перетворення реєстраційних записів у канонічну форму" -#: src/config/SSSDConfig/__init__.py.in:270 +#: src/config/SSSDConfig/__init__.py.in:271 msgid "Enables enterprise principals" msgstr "Увімкнути промислові реєстраційні дані" -#: src/config/SSSDConfig/__init__.py.in:271 -msgid "A mapping from user names to kerberos principal names" +#: src/config/SSSDConfig/__init__.py.in:272 +#, fuzzy +msgid "A mapping from user names to Kerberos principal names" msgstr "Прив’язка імен користувачів до основних імен kerberos" -#: src/config/SSSDConfig/__init__.py.in:274 #: src/config/SSSDConfig/__init__.py.in:275 +#: src/config/SSSDConfig/__init__.py.in:276 msgid "Server where the change password service is running if not on the KDC" msgstr "" "Сервер, на якому запущено службу зміни паролів, якщо такий не вдасться " "виявити у KDC" -#: src/config/SSSDConfig/__init__.py.in:278 +#: src/config/SSSDConfig/__init__.py.in:279 msgid "ldap_uri, The URI of the LDAP server" msgstr "ldap_uri, адреса URI сервера LDAP" -#: src/config/SSSDConfig/__init__.py.in:279 +#: src/config/SSSDConfig/__init__.py.in:280 msgid "ldap_backup_uri, The URI of the LDAP server" msgstr "ldap_backup_uri, адреса сервера LDAP" -#: src/config/SSSDConfig/__init__.py.in:280 +#: src/config/SSSDConfig/__init__.py.in:281 msgid "The default base DN" msgstr "Типова базова назва домену" -#: src/config/SSSDConfig/__init__.py.in:281 +#: src/config/SSSDConfig/__init__.py.in:282 msgid "The Schema Type in use on the LDAP server, rfc2307" msgstr "Тип схеми, використаний на сервері LDAP, rfc2307" -#: src/config/SSSDConfig/__init__.py.in:282 +#: src/config/SSSDConfig/__init__.py.in:283 msgid "The default bind DN" msgstr "Типова назва домену прив’язки" -#: src/config/SSSDConfig/__init__.py.in:283 +#: src/config/SSSDConfig/__init__.py.in:284 msgid "The type of the authentication token of the default bind DN" msgstr "Тип розпізнавання для типової назви сервера прив’язки" -#: src/config/SSSDConfig/__init__.py.in:284 +#: src/config/SSSDConfig/__init__.py.in:285 msgid "The authentication token of the default bind DN" msgstr "Лексема розпізнавання типової назви сервера прив’язки" -#: src/config/SSSDConfig/__init__.py.in:285 +#: src/config/SSSDConfig/__init__.py.in:286 msgid "Length of time to attempt connection" msgstr "Проміжок часу між спробами встановлення з’єднання" -#: src/config/SSSDConfig/__init__.py.in:286 +#: src/config/SSSDConfig/__init__.py.in:287 msgid "Length of time to attempt synchronous LDAP operations" msgstr "Проміжок часу між спробами виконання синхронних операцій LDAP" -#: src/config/SSSDConfig/__init__.py.in:287 +#: src/config/SSSDConfig/__init__.py.in:288 msgid "Length of time between attempts to reconnect while offline" msgstr "" "Проміжок часу між повторними спробами встановлення з’єднання у автономному " "режимі" -#: src/config/SSSDConfig/__init__.py.in:288 +#: src/config/SSSDConfig/__init__.py.in:289 msgid "Use only the upper case for realm names" msgstr "Використовувати для назв областей лише великі літери" -#: src/config/SSSDConfig/__init__.py.in:289 +#: src/config/SSSDConfig/__init__.py.in:290 msgid "File that contains CA certificates" msgstr "Файл, що містить сертифікати CA" -#: src/config/SSSDConfig/__init__.py.in:290 +#: src/config/SSSDConfig/__init__.py.in:291 msgid "Path to CA certificate directory" msgstr "Шлях до каталогу сертифікатів CA" -#: src/config/SSSDConfig/__init__.py.in:291 +#: src/config/SSSDConfig/__init__.py.in:292 msgid "File that contains the client certificate" msgstr "Файл, що містить клієнтський сертифікат" -#: src/config/SSSDConfig/__init__.py.in:292 +#: src/config/SSSDConfig/__init__.py.in:293 msgid "File that contains the client key" msgstr "Файл, що містить клієнтський ключ" -#: src/config/SSSDConfig/__init__.py.in:293 +#: src/config/SSSDConfig/__init__.py.in:294 msgid "List of possible ciphers suites" msgstr "Показати список можливих інструментів шифрування" -#: src/config/SSSDConfig/__init__.py.in:294 +#: src/config/SSSDConfig/__init__.py.in:295 msgid "Require TLS certificate verification" msgstr "Потрібна перевірка сертифіката TLS" -#: src/config/SSSDConfig/__init__.py.in:295 +#: src/config/SSSDConfig/__init__.py.in:296 msgid "Specify the sasl mechanism to use" msgstr "Вкажіть механізм SASL, який слід використовувати" -#: src/config/SSSDConfig/__init__.py.in:296 +#: src/config/SSSDConfig/__init__.py.in:297 msgid "Specify the sasl authorization id to use" msgstr "Вкажіть ідентифікатор уповноваження SASL, який слід використовувати" -#: src/config/SSSDConfig/__init__.py.in:297 +#: src/config/SSSDConfig/__init__.py.in:298 msgid "Specify the sasl authorization realm to use" msgstr "Вкажіть область уповноваження SASL, яку слід використовувати" -#: src/config/SSSDConfig/__init__.py.in:298 +#: src/config/SSSDConfig/__init__.py.in:299 msgid "Specify the minimal SSF for LDAP sasl authorization" msgstr "" "Вказати мінімальне значення SSF для розпізнавання на LDAP за допомогою sasl" -#: src/config/SSSDConfig/__init__.py.in:299 +#: src/config/SSSDConfig/__init__.py.in:300 msgid "Kerberos service keytab" msgstr "Таблиця ключів служби Kerberos" -#: src/config/SSSDConfig/__init__.py.in:300 +#: src/config/SSSDConfig/__init__.py.in:301 msgid "Use Kerberos auth for LDAP connection" msgstr "Розпізнавання Kerberos для з’єднання LDAP" -#: src/config/SSSDConfig/__init__.py.in:301 +#: src/config/SSSDConfig/__init__.py.in:302 msgid "Follow LDAP referrals" msgstr "Переходити за посиланнями LDAP" -#: src/config/SSSDConfig/__init__.py.in:302 +#: src/config/SSSDConfig/__init__.py.in:303 msgid "Lifetime of TGT for LDAP connection" msgstr "Строк дії TGT для з’єднання LDAP" -#: src/config/SSSDConfig/__init__.py.in:303 +#: src/config/SSSDConfig/__init__.py.in:304 msgid "How to dereference aliases" msgstr "Спосіб розіменування псевдонімів" -#: src/config/SSSDConfig/__init__.py.in:304 +#: src/config/SSSDConfig/__init__.py.in:305 msgid "Service name for DNS service lookups" msgstr "Назва служби для пошуків за допомогою служби DNS" -#: src/config/SSSDConfig/__init__.py.in:305 +#: src/config/SSSDConfig/__init__.py.in:306 msgid "The number of records to retrieve in a single LDAP query" msgstr "Кількість записів, які слід отримувати у відповідь на один запит LDAP" -#: src/config/SSSDConfig/__init__.py.in:306 +#: src/config/SSSDConfig/__init__.py.in:307 msgid "The number of members that must be missing to trigger a full deref" msgstr "" "Кількість учасників, яких має не вистачати для вмикання повного скасування " "посилань" -#: src/config/SSSDConfig/__init__.py.in:307 +#: src/config/SSSDConfig/__init__.py.in:308 msgid "" "Whether the LDAP library should perform a reverse lookup to canonicalize the " "host name during a SASL bind" @@ -1053,401 +1059,402 @@ msgstr "" "Визначає, чи має бібліотека LDAP виконувати зворотній пошук з метою " "переведення назв вузлів у канонічну форму під час прив’язки до SASL" -#: src/config/SSSDConfig/__init__.py.in:309 +#: src/config/SSSDConfig/__init__.py.in:310 msgid "entryUSN attribute" msgstr "Атрибут entryUSN" -#: src/config/SSSDConfig/__init__.py.in:310 +#: src/config/SSSDConfig/__init__.py.in:311 msgid "lastUSN attribute" msgstr "Атрибут lastUSN" -#: src/config/SSSDConfig/__init__.py.in:312 +#: src/config/SSSDConfig/__init__.py.in:313 msgid "How long to retain a connection to the LDAP server before disconnecting" msgstr "Тривалість підтримування з’єднання з сервером LDAP перед роз’єднанням" -#: src/config/SSSDConfig/__init__.py.in:314 +#: src/config/SSSDConfig/__init__.py.in:315 msgid "Disable the LDAP paging control" msgstr "Вимкнути контроль сторінок у LDAP" -#: src/config/SSSDConfig/__init__.py.in:315 +#: src/config/SSSDConfig/__init__.py.in:316 msgid "Disable Active Directory range retrieval" msgstr "Вимкнути отримання діапазонів Active Directory" -#: src/config/SSSDConfig/__init__.py.in:318 +#: src/config/SSSDConfig/__init__.py.in:319 msgid "Length of time to wait for a search request" msgstr "Тривалість очікування на дані запиту пошуку" -#: src/config/SSSDConfig/__init__.py.in:319 +#: src/config/SSSDConfig/__init__.py.in:320 msgid "Length of time to wait for a enumeration request" msgstr "Тривалість очікування на дані запиту щодо переліку" -#: src/config/SSSDConfig/__init__.py.in:320 +#: src/config/SSSDConfig/__init__.py.in:321 msgid "Length of time between enumeration updates" msgstr "Проміжок часу між оновленнями нумерації" -#: src/config/SSSDConfig/__init__.py.in:321 +#: src/config/SSSDConfig/__init__.py.in:322 msgid "Length of time between cache cleanups" msgstr "Проміжок часу між спорожненнями кешу" -#: src/config/SSSDConfig/__init__.py.in:322 +#: src/config/SSSDConfig/__init__.py.in:323 msgid "Require TLS for ID lookups" msgstr "Вимагати TLS для пошуків ідентифікаторів" -#: src/config/SSSDConfig/__init__.py.in:323 +#: src/config/SSSDConfig/__init__.py.in:324 msgid "Use ID-mapping of objectSID instead of pre-set IDs" msgstr "" "Використовувати відповідності ідентифікаторів objectSID замість попередньо " "встановлених ідентифікаторів" -#: src/config/SSSDConfig/__init__.py.in:324 +#: src/config/SSSDConfig/__init__.py.in:325 msgid "Base DN for user lookups" msgstr "Базова назва домену для пошуків користувачів" -#: src/config/SSSDConfig/__init__.py.in:325 +#: src/config/SSSDConfig/__init__.py.in:326 msgid "Scope of user lookups" msgstr "Діапазон пошуків користувачів" -#: src/config/SSSDConfig/__init__.py.in:326 +#: src/config/SSSDConfig/__init__.py.in:327 msgid "Filter for user lookups" msgstr "Фільтр пошуку користувачів" -#: src/config/SSSDConfig/__init__.py.in:327 +#: src/config/SSSDConfig/__init__.py.in:328 msgid "Objectclass for users" msgstr "Клас об’єктів для користувачів" -#: src/config/SSSDConfig/__init__.py.in:328 +#: src/config/SSSDConfig/__init__.py.in:329 msgid "Username attribute" msgstr "Атрибут імені користувача" -#: src/config/SSSDConfig/__init__.py.in:330 +#: src/config/SSSDConfig/__init__.py.in:331 msgid "UID attribute" msgstr "Атрибут UID" -#: src/config/SSSDConfig/__init__.py.in:331 +#: src/config/SSSDConfig/__init__.py.in:332 msgid "Primary GID attribute" msgstr "Головний атрибут GID" -#: src/config/SSSDConfig/__init__.py.in:332 +#: src/config/SSSDConfig/__init__.py.in:333 msgid "GECOS attribute" msgstr "Атрибут GECOS" -#: src/config/SSSDConfig/__init__.py.in:333 +#: src/config/SSSDConfig/__init__.py.in:334 msgid "Home directory attribute" msgstr "Атрибут домашнього каталогу" -#: src/config/SSSDConfig/__init__.py.in:334 +#: src/config/SSSDConfig/__init__.py.in:335 msgid "Shell attribute" msgstr "Атрибут оболонки" -#: src/config/SSSDConfig/__init__.py.in:335 +#: src/config/SSSDConfig/__init__.py.in:336 msgid "UUID attribute" msgstr "Атрибут UUID" -#: src/config/SSSDConfig/__init__.py.in:336 -#: src/config/SSSDConfig/__init__.py.in:378 +#: src/config/SSSDConfig/__init__.py.in:337 +#: src/config/SSSDConfig/__init__.py.in:379 msgid "objectSID attribute" msgstr "Атрибут objectSID" -#: src/config/SSSDConfig/__init__.py.in:337 +#: src/config/SSSDConfig/__init__.py.in:338 msgid "Active Directory primary group attribute for ID-mapping" msgstr "" "Атрибут основної групи Active Directory для встановлення відповідності " "ідентифікатора" -#: src/config/SSSDConfig/__init__.py.in:338 +#: src/config/SSSDConfig/__init__.py.in:339 msgid "User principal attribute (for Kerberos)" msgstr "Атрибут реєстраційного запису користувача (для Kerberos)" -#: src/config/SSSDConfig/__init__.py.in:339 +#: src/config/SSSDConfig/__init__.py.in:340 msgid "Full Name" msgstr "Повне ім'я" -#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:341 msgid "memberOf attribute" msgstr "Атрибут memberOf" -#: src/config/SSSDConfig/__init__.py.in:341 +#: src/config/SSSDConfig/__init__.py.in:342 msgid "Modification time attribute" msgstr "Атрибут часу зміни" -#: src/config/SSSDConfig/__init__.py.in:343 +#: src/config/SSSDConfig/__init__.py.in:344 msgid "shadowLastChange attribute" msgstr "Атрибут shadowLastChange" -#: src/config/SSSDConfig/__init__.py.in:344 +#: src/config/SSSDConfig/__init__.py.in:345 msgid "shadowMin attribute" msgstr "Атрибут shadowMin" -#: src/config/SSSDConfig/__init__.py.in:345 +#: src/config/SSSDConfig/__init__.py.in:346 msgid "shadowMax attribute" msgstr "Атрибут shadowMax" -#: src/config/SSSDConfig/__init__.py.in:346 +#: src/config/SSSDConfig/__init__.py.in:347 msgid "shadowWarning attribute" msgstr "Атрибут shadowWarning" -#: src/config/SSSDConfig/__init__.py.in:347 +#: src/config/SSSDConfig/__init__.py.in:348 msgid "shadowInactive attribute" msgstr "Атрибут shadowInactive" -#: src/config/SSSDConfig/__init__.py.in:348 +#: src/config/SSSDConfig/__init__.py.in:349 msgid "shadowExpire attribute" msgstr "Атрибут shadowExpire" -#: src/config/SSSDConfig/__init__.py.in:349 +#: src/config/SSSDConfig/__init__.py.in:350 msgid "shadowFlag attribute" msgstr "Атрибут shadowFlag" -#: src/config/SSSDConfig/__init__.py.in:350 +#: src/config/SSSDConfig/__init__.py.in:351 msgid "Attribute listing authorized PAM services" msgstr "Атрибути зі списком уповноважених служб PAM" -#: src/config/SSSDConfig/__init__.py.in:351 +#: src/config/SSSDConfig/__init__.py.in:352 msgid "Attribute listing authorized server hosts" msgstr "Атрибути зі списком уповноважених серверних вузлів" -#: src/config/SSSDConfig/__init__.py.in:352 +#: src/config/SSSDConfig/__init__.py.in:353 #, fuzzy msgid "Attribute listing authorized server rhosts" msgstr "Атрибути зі списком уповноважених серверних вузлів" -#: src/config/SSSDConfig/__init__.py.in:353 +#: src/config/SSSDConfig/__init__.py.in:354 msgid "krbLastPwdChange attribute" msgstr "Атрибут krbLastPwdChange" -#: src/config/SSSDConfig/__init__.py.in:354 +#: src/config/SSSDConfig/__init__.py.in:355 msgid "krbPasswordExpiration attribute" msgstr "Атрибут krbPasswordExpiration" -#: src/config/SSSDConfig/__init__.py.in:355 +#: src/config/SSSDConfig/__init__.py.in:356 msgid "Attribute indicating that server side password policies are active" msgstr "" "Атрибут, що відповідає за активізацію правил обробки паролів на боці сервера" -#: src/config/SSSDConfig/__init__.py.in:356 +#: src/config/SSSDConfig/__init__.py.in:357 msgid "accountExpires attribute of AD" msgstr "Атрибут accountExpires AD" -#: src/config/SSSDConfig/__init__.py.in:357 +#: src/config/SSSDConfig/__init__.py.in:358 msgid "userAccountControl attribute of AD" msgstr "Атрибут userAccountControl AD" -#: src/config/SSSDConfig/__init__.py.in:358 +#: src/config/SSSDConfig/__init__.py.in:359 msgid "nsAccountLock attribute" msgstr "Атрибут nsAccountLock" -#: src/config/SSSDConfig/__init__.py.in:359 +#: src/config/SSSDConfig/__init__.py.in:360 msgid "loginDisabled attribute of NDS" msgstr "Атрибут loginDisabled NDS" -#: src/config/SSSDConfig/__init__.py.in:360 +#: src/config/SSSDConfig/__init__.py.in:361 msgid "loginExpirationTime attribute of NDS" msgstr "Атрибут loginExpirationTime NDS" -#: src/config/SSSDConfig/__init__.py.in:361 +#: src/config/SSSDConfig/__init__.py.in:362 msgid "loginAllowedTimeMap attribute of NDS" msgstr "Атрибут loginAllowedTimeMap NDS" -#: src/config/SSSDConfig/__init__.py.in:362 +#: src/config/SSSDConfig/__init__.py.in:363 msgid "SSH public key attribute" msgstr "Атрибут відкритого ключа SSH" -#: src/config/SSSDConfig/__init__.py.in:363 +#: src/config/SSSDConfig/__init__.py.in:364 msgid "attribute listing allowed authentication types for a user" msgstr "атрибут зі списком дозволених типів розпізнавання для користувача" -#: src/config/SSSDConfig/__init__.py.in:364 +#: src/config/SSSDConfig/__init__.py.in:365 msgid "attribute containing the X509 certificate of the user" msgstr "атрибут, що містить сертифікат X509 користувача" -#: src/config/SSSDConfig/__init__.py.in:365 +#: src/config/SSSDConfig/__init__.py.in:366 msgid "attribute containing the email address of the user" msgstr "атрибут, що містить адресу електронної пошти користувача" -#: src/config/SSSDConfig/__init__.py.in:367 +#: src/config/SSSDConfig/__init__.py.in:368 msgid "A list of extra attributes to download along with the user entry" msgstr "" "Список додаткових атрибутів, які слід отримувати разом із записом користувача" -#: src/config/SSSDConfig/__init__.py.in:369 +#: src/config/SSSDConfig/__init__.py.in:370 msgid "Base DN for group lookups" msgstr "Базова назва домену для пошуків груп" -#: src/config/SSSDConfig/__init__.py.in:372 +#: src/config/SSSDConfig/__init__.py.in:373 msgid "Objectclass for groups" msgstr "Клас об’єктів для груп" -#: src/config/SSSDConfig/__init__.py.in:373 +#: src/config/SSSDConfig/__init__.py.in:374 msgid "Group name" msgstr "Назва групи" -#: src/config/SSSDConfig/__init__.py.in:374 +#: src/config/SSSDConfig/__init__.py.in:375 msgid "Group password" msgstr "Пароль групи" -#: src/config/SSSDConfig/__init__.py.in:375 +#: src/config/SSSDConfig/__init__.py.in:376 msgid "GID attribute" msgstr "Атрибут GID" -#: src/config/SSSDConfig/__init__.py.in:376 +#: src/config/SSSDConfig/__init__.py.in:377 msgid "Group member attribute" msgstr "Атрибут членства у групі" -#: src/config/SSSDConfig/__init__.py.in:377 +#: src/config/SSSDConfig/__init__.py.in:378 msgid "Group UUID attribute" msgstr "Атрибут UUID групи" -#: src/config/SSSDConfig/__init__.py.in:379 +#: src/config/SSSDConfig/__init__.py.in:380 msgid "Modification time attribute for groups" msgstr "Атрибут часу зміни для груп" -#: src/config/SSSDConfig/__init__.py.in:380 +#: src/config/SSSDConfig/__init__.py.in:381 msgid "Type of the group and other flags" msgstr "Тип групи та інші прапорці" -#: src/config/SSSDConfig/__init__.py.in:381 +#: src/config/SSSDConfig/__init__.py.in:382 msgid "The LDAP group external member attribute" msgstr "Атрибут групи LDAP зовнішнього учасника" -#: src/config/SSSDConfig/__init__.py.in:383 -msgid "Maximum nesting level SSSd will follow" +#: src/config/SSSDConfig/__init__.py.in:384 +#, fuzzy +msgid "Maximum nesting level SSSD will follow" msgstr "Максимальний рівень вкладеності, який використовуватиме SSSD" -#: src/config/SSSDConfig/__init__.py.in:385 +#: src/config/SSSDConfig/__init__.py.in:386 msgid "Base DN for netgroup lookups" msgstr "Базова назва домену для пошуків груп у мережі" -#: src/config/SSSDConfig/__init__.py.in:386 +#: src/config/SSSDConfig/__init__.py.in:387 msgid "Objectclass for netgroups" msgstr "Клас об’єктів для груп у мережі" -#: src/config/SSSDConfig/__init__.py.in:387 +#: src/config/SSSDConfig/__init__.py.in:388 msgid "Netgroup name" msgstr "Назва мережевої групи" -#: src/config/SSSDConfig/__init__.py.in:388 +#: src/config/SSSDConfig/__init__.py.in:389 msgid "Netgroups members attribute" msgstr "Атрибут членства у групах у мережі" -#: src/config/SSSDConfig/__init__.py.in:389 +#: src/config/SSSDConfig/__init__.py.in:390 msgid "Netgroup triple attribute" msgstr "Атрибут трійки груп у мережі" -#: src/config/SSSDConfig/__init__.py.in:390 +#: src/config/SSSDConfig/__init__.py.in:391 msgid "Modification time attribute for netgroups" msgstr "Атрибут часу зміни для мережевих груп" -#: src/config/SSSDConfig/__init__.py.in:392 +#: src/config/SSSDConfig/__init__.py.in:393 msgid "Base DN for service lookups" msgstr "Базова сервер назв домену для пошуку служб" -#: src/config/SSSDConfig/__init__.py.in:393 +#: src/config/SSSDConfig/__init__.py.in:394 msgid "Objectclass for services" msgstr "Клас об’єктів для служб" -#: src/config/SSSDConfig/__init__.py.in:394 +#: src/config/SSSDConfig/__init__.py.in:395 msgid "Service name attribute" msgstr "Атрибут назви служби" -#: src/config/SSSDConfig/__init__.py.in:395 +#: src/config/SSSDConfig/__init__.py.in:396 msgid "Service port attribute" msgstr "Атрибут порту служби" -#: src/config/SSSDConfig/__init__.py.in:396 +#: src/config/SSSDConfig/__init__.py.in:397 msgid "Service protocol attribute" msgstr "Атрибут протоколу служби" -#: src/config/SSSDConfig/__init__.py.in:399 +#: src/config/SSSDConfig/__init__.py.in:400 msgid "Lower bound for ID-mapping" msgstr "Нижня межа встановлення відповідності ідентифікатора" -#: src/config/SSSDConfig/__init__.py.in:400 +#: src/config/SSSDConfig/__init__.py.in:401 msgid "Upper bound for ID-mapping" msgstr "Верхня межа встановлення відповідності ідентифікатора" -#: src/config/SSSDConfig/__init__.py.in:401 +#: src/config/SSSDConfig/__init__.py.in:402 msgid "Number of IDs for each slice when ID-mapping" msgstr "" "Кількість ідентифікаторів для кожного зрізу під час встановлення " "відповідності ідентифікаторів" -#: src/config/SSSDConfig/__init__.py.in:402 +#: src/config/SSSDConfig/__init__.py.in:403 msgid "Use autorid-compatible algorithm for ID-mapping" msgstr "" "Використовувати для встановлення відповідності ідентифікаторів алгоритм, " "сумісний з autorid" -#: src/config/SSSDConfig/__init__.py.in:403 +#: src/config/SSSDConfig/__init__.py.in:404 msgid "Name of the default domain for ID-mapping" msgstr "Назва типового домену для встановлення відповідності ідентифікаторів" -#: src/config/SSSDConfig/__init__.py.in:404 +#: src/config/SSSDConfig/__init__.py.in:405 msgid "SID of the default domain for ID-mapping" msgstr "SID типового домену для встановлення відповідності ідентифікаторів" -#: src/config/SSSDConfig/__init__.py.in:405 +#: src/config/SSSDConfig/__init__.py.in:406 msgid "Number of secondary slices" msgstr "Кількість вторинних зрізів" -#: src/config/SSSDConfig/__init__.py.in:407 +#: src/config/SSSDConfig/__init__.py.in:408 msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups" msgstr "Використовувати LDAP_MATCHING_RULE_IN_CHAIN щодо пошуків груп (group)" -#: src/config/SSSDConfig/__init__.py.in:408 +#: src/config/SSSDConfig/__init__.py.in:409 msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups" msgstr "" "Використовувати LDAP_MATCHING_RULE_IN_CHAIN щодо пошуків початкових груп " "(initgroup)" -#: src/config/SSSDConfig/__init__.py.in:409 +#: src/config/SSSDConfig/__init__.py.in:410 msgid "Whether to use Token-Groups" msgstr "Визначає, чи слід використовувати крупи реєстраційних записів" -#: src/config/SSSDConfig/__init__.py.in:410 +#: src/config/SSSDConfig/__init__.py.in:411 msgid "Set lower boundary for allowed IDs from the LDAP server" msgstr "Встановити нижню межу для дозволених ідентифікаторів із сервера LDAP" -#: src/config/SSSDConfig/__init__.py.in:411 +#: src/config/SSSDConfig/__init__.py.in:412 msgid "Set upper boundary for allowed IDs from the LDAP server" msgstr "Встановити верхню межу для дозволених ідентифікаторів із сервера LDAP" -#: src/config/SSSDConfig/__init__.py.in:412 +#: src/config/SSSDConfig/__init__.py.in:413 msgid "DN for ppolicy queries" msgstr "DN для запитів щодо ppolicy" -#: src/config/SSSDConfig/__init__.py.in:413 +#: src/config/SSSDConfig/__init__.py.in:414 msgid "How many maximum entries to fetch during a wildcard request" msgstr "" "Максимальна кількість записів для отримання під час обробки запитів із " "замінниками" -#: src/config/SSSDConfig/__init__.py.in:416 +#: src/config/SSSDConfig/__init__.py.in:417 msgid "Policy to evaluate the password expiration" msgstr "Правила оцінки завершення строку дії пароля" -#: src/config/SSSDConfig/__init__.py.in:420 +#: src/config/SSSDConfig/__init__.py.in:421 msgid "Which attributes shall be used to evaluate if an account is expired" msgstr "" "Атрибути які слід використовувати для визначення чинності облікового запису" -#: src/config/SSSDConfig/__init__.py.in:421 +#: src/config/SSSDConfig/__init__.py.in:422 msgid "Which rules should be used to evaluate access control" msgstr "" "Правила, які має бути використано для визначення достатності прав доступу" -#: src/config/SSSDConfig/__init__.py.in:424 +#: src/config/SSSDConfig/__init__.py.in:425 msgid "URI of an LDAP server where password changes are allowed" msgstr "Адреса на сервері LDAP, для якої можливі зміни паролів" -#: src/config/SSSDConfig/__init__.py.in:425 +#: src/config/SSSDConfig/__init__.py.in:426 msgid "URI of a backup LDAP server where password changes are allowed" msgstr "Адреса резервного сервера LDAP, для якої можливі зміни паролів" -#: src/config/SSSDConfig/__init__.py.in:426 +#: src/config/SSSDConfig/__init__.py.in:427 msgid "DNS service name for LDAP password change server" msgstr "Назва у службі DNS сервера зміни паролів LDAP" -#: src/config/SSSDConfig/__init__.py.in:427 +#: src/config/SSSDConfig/__init__.py.in:428 msgid "" "Whether to update the ldap_user_shadow_last_change attribute after a " "password change" @@ -1455,25 +1462,25 @@ msgstr "" "Визначає, чи слід оновлювати атрибут ldap_user_shadow_last_change після " "зміни пароля" -#: src/config/SSSDConfig/__init__.py.in:430 +#: src/config/SSSDConfig/__init__.py.in:431 msgid "Base DN for sudo rules lookups" msgstr "Базова назва домену для пошуків правил sudo" -#: src/config/SSSDConfig/__init__.py.in:431 +#: src/config/SSSDConfig/__init__.py.in:432 msgid "Automatic full refresh period" msgstr "Період автоматичного повного оновлення даних" -#: src/config/SSSDConfig/__init__.py.in:432 +#: src/config/SSSDConfig/__init__.py.in:433 msgid "Automatic smart refresh period" msgstr "Період автоматичного кмітливого оновлення даних" -#: src/config/SSSDConfig/__init__.py.in:433 +#: src/config/SSSDConfig/__init__.py.in:434 msgid "Whether to filter rules by hostname, IP addresses and network" msgstr "" "Визначає, чи слід фільтрувати правила за назвами вузлів, IP-адресами та " "мережами" -#: src/config/SSSDConfig/__init__.py.in:434 +#: src/config/SSSDConfig/__init__.py.in:435 msgid "" "Hostnames and/or fully qualified domain names of this machine to filter sudo " "rules" @@ -1481,285 +1488,289 @@ msgstr "" "Назви вузлів і/або повні назви у домені для цього комп’ютера для " "фільтрування списку правил sudo" -#: src/config/SSSDConfig/__init__.py.in:435 +#: src/config/SSSDConfig/__init__.py.in:436 msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" msgstr "" "Адреси IPv4 або IPv6 чи мережа цього комп’ютера для фільтрування списку " "правил sudo" -#: src/config/SSSDConfig/__init__.py.in:436 +#: src/config/SSSDConfig/__init__.py.in:437 msgid "Whether to include rules that contains netgroup in host attribute" msgstr "" "Визначає, чи слід включати правила, що містять мережеву групу у атрибуті " "вузла" -#: src/config/SSSDConfig/__init__.py.in:437 +#: src/config/SSSDConfig/__init__.py.in:438 msgid "" "Whether to include rules that contains regular expression in host attribute" msgstr "" "Визначає, чи слід включати правила, що містять формальний вираз у атрибуті " "вузла" -#: src/config/SSSDConfig/__init__.py.in:438 +#: src/config/SSSDConfig/__init__.py.in:439 msgid "Object class for sudo rules" msgstr "Клас об’єктів для правил sudo" -#: src/config/SSSDConfig/__init__.py.in:439 +#: src/config/SSSDConfig/__init__.py.in:440 msgid "Sudo rule name" msgstr "Назва правила sudo" -#: src/config/SSSDConfig/__init__.py.in:440 +#: src/config/SSSDConfig/__init__.py.in:441 msgid "Sudo rule command attribute" msgstr "Атрибут команди правила sudo" -#: src/config/SSSDConfig/__init__.py.in:441 +#: src/config/SSSDConfig/__init__.py.in:442 msgid "Sudo rule host attribute" msgstr "Атрибут вузла правила sudo" -#: src/config/SSSDConfig/__init__.py.in:442 +#: src/config/SSSDConfig/__init__.py.in:443 msgid "Sudo rule user attribute" msgstr "Атрибут користувача правила sudo" -#: src/config/SSSDConfig/__init__.py.in:443 +#: src/config/SSSDConfig/__init__.py.in:444 msgid "Sudo rule option attribute" msgstr "Атрибут параметрів правила sudo" -#: src/config/SSSDConfig/__init__.py.in:444 +#: src/config/SSSDConfig/__init__.py.in:445 msgid "Sudo rule runas attribute" msgstr "Атрибут runas правила sudo" -#: src/config/SSSDConfig/__init__.py.in:445 +#: src/config/SSSDConfig/__init__.py.in:446 msgid "Sudo rule runasuser attribute" msgstr "" "Атрибут користувача, від імені якого виконуватиметься запуск, правила sudo" -#: src/config/SSSDConfig/__init__.py.in:446 +#: src/config/SSSDConfig/__init__.py.in:447 msgid "Sudo rule runasgroup attribute" msgstr "Атрибут групи, від імені якої виконуватиметься запуск, правила sudo" -#: src/config/SSSDConfig/__init__.py.in:447 +#: src/config/SSSDConfig/__init__.py.in:448 msgid "Sudo rule notbefore attribute" msgstr "Атрибут граничного часу початку дії правила sudo" -#: src/config/SSSDConfig/__init__.py.in:448 +#: src/config/SSSDConfig/__init__.py.in:449 msgid "Sudo rule notafter attribute" msgstr "Атрибут граничного часу завершення дії правила sudo" -#: src/config/SSSDConfig/__init__.py.in:449 +#: src/config/SSSDConfig/__init__.py.in:450 msgid "Sudo rule order attribute" msgstr "Атрибут порядку правила sudo" -#: src/config/SSSDConfig/__init__.py.in:452 +#: src/config/SSSDConfig/__init__.py.in:453 msgid "Object class for automounter maps" msgstr "Клас об’єктів для карт автоматичного монтування" -#: src/config/SSSDConfig/__init__.py.in:453 +#: src/config/SSSDConfig/__init__.py.in:454 msgid "Automounter map name attribute" msgstr "Атрибут назви карти автоматичного монтування" -#: src/config/SSSDConfig/__init__.py.in:454 +#: src/config/SSSDConfig/__init__.py.in:455 msgid "Object class for automounter map entries" msgstr "Клас об’єктів для записів карт автоматичного монтування" -#: src/config/SSSDConfig/__init__.py.in:455 +#: src/config/SSSDConfig/__init__.py.in:456 msgid "Automounter map entry key attribute" msgstr "Атрибут ключа запису карти автоматичного монтування" -#: src/config/SSSDConfig/__init__.py.in:456 +#: src/config/SSSDConfig/__init__.py.in:457 msgid "Automounter map entry value attribute" msgstr "Атрибут значення запису карти автоматичного монтування" -#: src/config/SSSDConfig/__init__.py.in:457 +#: src/config/SSSDConfig/__init__.py.in:458 msgid "Base DN for automounter map lookups" msgstr "Базовий сервер назв домену для пошуків карти автоматичного монтування" -#: src/config/SSSDConfig/__init__.py.in:460 +#: src/config/SSSDConfig/__init__.py.in:461 msgid "Comma separated list of allowed users" msgstr "Відокремлений комами список дозволених користувачів" -#: src/config/SSSDConfig/__init__.py.in:461 +#: src/config/SSSDConfig/__init__.py.in:462 msgid "Comma separated list of prohibited users" msgstr "Відокремлений комами список заборонених користувачів" -#: src/config/SSSDConfig/__init__.py.in:464 +#: src/config/SSSDConfig/__init__.py.in:465 msgid "Default shell, /bin/bash" msgstr "Типова оболонка, /bin/bash" -#: src/config/SSSDConfig/__init__.py.in:465 +#: src/config/SSSDConfig/__init__.py.in:466 msgid "Base for home directories" msgstr "Базова адреса домашніх каталогів" -#: src/config/SSSDConfig/__init__.py.in:468 +#: src/config/SSSDConfig/__init__.py.in:469 msgid "The number of preforked proxy children." msgstr "Кількість попередньо відгалужених дочірніх проксі-записів." -#: src/config/SSSDConfig/__init__.py.in:471 +#: src/config/SSSDConfig/__init__.py.in:472 msgid "The name of the NSS library to use" msgstr "Назва бібліотеки NSS, яку слід використовувати" -#: src/config/SSSDConfig/__init__.py.in:472 +#: src/config/SSSDConfig/__init__.py.in:473 msgid "Whether to look up canonical group name from cache if possible" msgstr "" "Визначає, чи слід виконувати пошук канонічної назви групи у кеші, якщо це " "можливо" -#: src/config/SSSDConfig/__init__.py.in:475 +#: src/config/SSSDConfig/__init__.py.in:476 msgid "PAM stack to use" msgstr "Стек PAM, який слід використовувати" -#: src/monitor/monitor.c:2469 +#: src/monitor/monitor.c:2449 msgid "Become a daemon (default)" msgstr "Запуститися фонову службу (типова поведінка)" -#: src/monitor/monitor.c:2471 +#: src/monitor/monitor.c:2451 msgid "Run interactive (not a daemon)" msgstr "Запустити у інтерактивному режимі (без фонової служби)" -#: src/monitor/monitor.c:2474 +#: src/monitor/monitor.c:2454 msgid "Disable netlink interface" msgstr "Вимкнути інтерфейс netlink" -#: src/monitor/monitor.c:2476 src/tools/sssctl/sssctl_logs.c:311 +#: src/monitor/monitor.c:2456 src/tools/sssctl/sssctl_logs.c:311 msgid "Specify a non-default config file" msgstr "Вказати нетиповий файл налаштувань" -#: src/monitor/monitor.c:2478 +#: src/monitor/monitor.c:2458 msgid "Refresh the configuration database, then exit" msgstr "Оновити налаштування бази даних, потім вийти" -#: src/monitor/monitor.c:2481 +#: src/monitor/monitor.c:2461 msgid "Print version number and exit" msgstr "Вивести номер версії і завершити роботу" -#: src/monitor/monitor.c:2645 +#: src/monitor/monitor.c:2627 msgid "SSSD is already running\n" msgstr "SSSD вже запущено\n" -#: src/providers/krb5/krb5_child.c:3032 src/providers/ldap/ldap_child.c:616 +#: src/providers/krb5/krb5_child.c:3216 src/providers/ldap/ldap_child.c:617 msgid "Debug level" msgstr "Рівень зневаджування" -#: src/providers/krb5/krb5_child.c:3034 src/providers/ldap/ldap_child.c:618 +#: src/providers/krb5/krb5_child.c:3218 src/providers/ldap/ldap_child.c:619 msgid "Add debug timestamps" msgstr "Додавати діагностичні часові позначки" -#: src/providers/krb5/krb5_child.c:3036 src/providers/ldap/ldap_child.c:620 +#: src/providers/krb5/krb5_child.c:3220 src/providers/ldap/ldap_child.c:621 msgid "Show timestamps with microseconds" msgstr "Показувати мікросекунди у часових позначках" -#: src/providers/krb5/krb5_child.c:3038 src/providers/ldap/ldap_child.c:622 +#: src/providers/krb5/krb5_child.c:3222 src/providers/ldap/ldap_child.c:623 msgid "An open file descriptor for the debug logs" msgstr "Дескриптор відкритого файла для запису журналів діагностики" -#: src/providers/krb5/krb5_child.c:3041 src/providers/ldap/ldap_child.c:624 +#: src/providers/krb5/krb5_child.c:3225 src/providers/ldap/ldap_child.c:625 msgid "Send the debug output to stderr directly." msgstr "Надіслати діагностичну інформацію безпосередньо до stderr." -#: src/providers/krb5/krb5_child.c:3043 +#: src/providers/krb5/krb5_child.c:3228 msgid "The user to create FAST ccache as" msgstr "Користувач, від імені якого слід створити ccache FAST" -#: src/providers/krb5/krb5_child.c:3045 +#: src/providers/krb5/krb5_child.c:3230 msgid "The group to create FAST ccache as" msgstr "Група, від імені якої слід створити ccache FAST" -#: src/providers/krb5/krb5_child.c:3047 +#: src/providers/krb5/krb5_child.c:3232 msgid "Kerberos realm to use" msgstr "Область Kerberos, якою слід скористатися" -#: src/providers/krb5/krb5_child.c:3049 +#: src/providers/krb5/krb5_child.c:3234 msgid "Requested lifetime of the ticket" msgstr "Запитаний строк дії квитка" -#: src/providers/krb5/krb5_child.c:3051 +#: src/providers/krb5/krb5_child.c:3236 msgid "Requested renewable lifetime of the ticket" msgstr "Запитаний час оновлення строку дії квитка" -#: src/providers/krb5/krb5_child.c:3053 +#: src/providers/krb5/krb5_child.c:3238 msgid "FAST options ('never', 'try', 'demand')" msgstr "Параметри FAST ('never', 'try', 'demand')" -#: src/providers/krb5/krb5_child.c:3056 +#: src/providers/krb5/krb5_child.c:3241 msgid "Specifies the server principal to use for FAST" msgstr "" "Визначає реєстраційний запис сервера, який слід використовувати для FAST" -#: src/providers/krb5/krb5_child.c:3058 +#: src/providers/krb5/krb5_child.c:3243 msgid "Requests canonicalization of the principal name" msgstr "Вимагає перетворення реєстраційного запису у канонічну форму" -#: src/providers/data_provider_be.c:553 +#: src/providers/krb5/krb5_child.c:3245 +msgid "Use custom version of krb5_get_init_creds_password" +msgstr "" + +#: src/providers/data_provider_be.c:555 msgid "Domain of the information provider (mandatory)" msgstr "Домен надання відомостей (обов’язковий)" -#: src/sss_client/common.c:1061 +#: src/sss_client/common.c:1066 msgid "Privileged socket has wrong ownership or permissions." msgstr "У привілейованого сокета помилковий власник або права доступу." -#: src/sss_client/common.c:1064 +#: src/sss_client/common.c:1069 msgid "Public socket has wrong ownership or permissions." msgstr "У відкритого сокета помилковий власник або права доступу." -#: src/sss_client/common.c:1067 +#: src/sss_client/common.c:1072 msgid "Unexpected format of the server credential message." msgstr "Некоректний формат повідомлення щодо реєстраційних даних сервера." -#: src/sss_client/common.c:1070 +#: src/sss_client/common.c:1075 msgid "SSSD is not run by root." msgstr "SSSD запущено не від імені користувача root." -#: src/sss_client/common.c:1075 +#: src/sss_client/common.c:1080 msgid "An error occurred, but no description can be found." msgstr "Сталася помилка, але не вдалося знайти її опису." -#: src/sss_client/common.c:1081 +#: src/sss_client/common.c:1086 msgid "Unexpected error while looking for an error description" msgstr "Неочікувана помилка під час пошуку опису помилки" -#: src/sss_client/pam_sss.c:68 +#: src/sss_client/pam_sss.c:76 msgid "Permission denied. " msgstr "Відмовлено у доступі. " -#: src/sss_client/pam_sss.c:69 src/sss_client/pam_sss.c:746 -#: src/sss_client/pam_sss.c:757 +#: src/sss_client/pam_sss.c:77 src/sss_client/pam_sss.c:782 +#: src/sss_client/pam_sss.c:793 msgid "Server message: " msgstr "Повідомлення сервера: " -#: src/sss_client/pam_sss.c:264 +#: src/sss_client/pam_sss.c:300 msgid "Passwords do not match" msgstr "Паролі не збігаються" -#: src/sss_client/pam_sss.c:452 +#: src/sss_client/pam_sss.c:488 msgid "Password reset by root is not supported." msgstr "Підтримки скидання пароля користувачем root не передбачено." -#: src/sss_client/pam_sss.c:493 +#: src/sss_client/pam_sss.c:529 msgid "Authenticated with cached credentials" msgstr "Розпізнано за реєстраційними даними з кешу" -#: src/sss_client/pam_sss.c:494 +#: src/sss_client/pam_sss.c:530 msgid ", your cached password will expire at: " msgstr ", строк дії вашого кешованого пароля завершиться: " -#: src/sss_client/pam_sss.c:524 +#: src/sss_client/pam_sss.c:560 #, c-format msgid "Your password has expired. You have %1$d grace login(s) remaining." msgstr "Строк дії вашого пароля вичерпано. Залишилося %1$d резервних входи." -#: src/sss_client/pam_sss.c:570 +#: src/sss_client/pam_sss.c:606 #, c-format msgid "Your password will expire in %1$d %2$s." msgstr "Строк дії вашого пароля завершиться за %1$d %2$s." -#: src/sss_client/pam_sss.c:619 +#: src/sss_client/pam_sss.c:655 msgid "Authentication is denied until: " msgstr "Розпізнавання заборонено до: " -#: src/sss_client/pam_sss.c:640 +#: src/sss_client/pam_sss.c:676 msgid "System is offline, password change not possible" msgstr "Система працює у автономному режимі, зміна пароля неможлива" -#: src/sss_client/pam_sss.c:655 +#: src/sss_client/pam_sss.c:691 msgid "" "After changing the OTP password, you need to log out and back in order to " "acquire a ticket" @@ -1767,39 +1778,44 @@ msgstr "" "Після зміни пароля OTP вам слід вийти із системи і увійти до неї знову, щоб " "отримати про квиток" -#: src/sss_client/pam_sss.c:743 src/sss_client/pam_sss.c:756 +#: src/sss_client/pam_sss.c:779 src/sss_client/pam_sss.c:792 msgid "Password change failed. " msgstr "Спроба зміни пароля зазнала невдачі. " -#: src/sss_client/pam_sss.c:1670 +#: src/sss_client/pam_sss.c:1926 msgid "New Password: " msgstr "Новий пароль: " -#: src/sss_client/pam_sss.c:1671 +#: src/sss_client/pam_sss.c:1927 msgid "Reenter new Password: " msgstr "Ще раз введіть новий пароль: " -#: src/sss_client/pam_sss.c:1783 src/sss_client/pam_sss.c:1786 +#: src/sss_client/pam_sss.c:2039 src/sss_client/pam_sss.c:2042 msgid "First Factor: " msgstr "Перший фактор:" -#: src/sss_client/pam_sss.c:1784 +#: src/sss_client/pam_sss.c:2040 src/sss_client/pam_sss.c:2202 msgid "Second Factor (optional): " msgstr "Другий фактор (необов'язковий): " -#: src/sss_client/pam_sss.c:1787 +#: src/sss_client/pam_sss.c:2043 src/sss_client/pam_sss.c:2205 msgid "Second Factor: " msgstr "Другий фактор:" -#: src/sss_client/pam_sss.c:1792 +#: src/sss_client/pam_sss.c:2058 msgid "Password: " msgstr "Пароль: " -#: src/sss_client/pam_sss.c:1832 +#: src/sss_client/pam_sss.c:2201 src/sss_client/pam_sss.c:2204 +#, fuzzy +msgid "First Factor (Current Password): " +msgstr "Поточний пароль: " + +#: src/sss_client/pam_sss.c:2208 msgid "Current Password: " msgstr "Поточний пароль: " -#: src/sss_client/pam_sss.c:2098 +#: src/sss_client/pam_sss.c:2536 msgid "Password expired. Change your password now." msgstr "Строк дії пароля вичерпано. Змініть ваш пароль." @@ -2476,38 +2492,38 @@ msgstr "Час завершення строку дії запису у кеші msgid "Cached in InfoPipe" msgstr "Кешовано в InfoPipe" -#: src/tools/sssctl/sssctl_cache.c:511 +#: src/tools/sssctl/sssctl_cache.c:512 #, c-format msgid "Error: Unable to get object [%d]: %s\n" msgstr "Помилка: не вдалося отримати об'єкт [%d]: %s\n" -#: src/tools/sssctl/sssctl_cache.c:527 +#: src/tools/sssctl/sssctl_cache.c:528 #, c-format msgid "%s: Unable to read value [%d]: %s\n" msgstr "%s: не вдалося прочитати значення [%d]: %s\n" -#: src/tools/sssctl/sssctl_cache.c:555 +#: src/tools/sssctl/sssctl_cache.c:556 msgid "Specify name." msgstr "Вказати ім'я." -#: src/tools/sssctl/sssctl_cache.c:565 +#: src/tools/sssctl/sssctl_cache.c:566 #, c-format msgid "Unable to parse name %s.\n" msgstr "Не вдалося обробити ім'я %s.\n" -#: src/tools/sssctl/sssctl_cache.c:591 src/tools/sssctl/sssctl_cache.c:638 +#: src/tools/sssctl/sssctl_cache.c:592 src/tools/sssctl/sssctl_cache.c:639 msgid "Search by SID" msgstr "Шукати за SID" -#: src/tools/sssctl/sssctl_cache.c:592 +#: src/tools/sssctl/sssctl_cache.c:593 msgid "Search by user ID" msgstr "Шукати за ідентифікатором користувача" -#: src/tools/sssctl/sssctl_cache.c:601 +#: src/tools/sssctl/sssctl_cache.c:602 msgid "Initgroups expiration time" msgstr "Час завершення строку дії груп ініціалізації" -#: src/tools/sssctl/sssctl_cache.c:639 +#: src/tools/sssctl/sssctl_cache.c:640 msgid "Search by group ID" msgstr "Шукати за ідентифікатором групи" @@ -2549,7 +2565,8 @@ msgid "Unable to create backup directory [%d]: %s" msgstr "Не вдалося створити каталог резервної копії [%d]: %s" #: src/tools/sssctl/sssctl_data.c:95 -msgid "SSSD backup of local data already exist, override?" +#, fuzzy +msgid "SSSD backup of local data already exists, override?" msgstr "Резервна копія SSSD локальних даних вже існує, перевизначити?" #: src/tools/sssctl/sssctl_data.c:111 diff --git a/po/zh_CN.po b/po/zh_CN.po index 7e94d9fdb43..e13f7c08400 100644 --- a/po/zh_CN.po +++ b/po/zh_CN.po @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2017-10-20 16:16+0200\n" +"POT-Creation-Date: 2018-03-09 12:31+0100\n" "PO-Revision-Date: 2014-12-14 11:50-0500\n" "Last-Translator: Copied by Zanata \n" "Language-Team: Chinese (China) (http://www.transifex.com/projects/p/sssd/" @@ -492,12 +492,12 @@ msgid "Whether to automatically update the client's DNS entry" msgstr "" #: src/config/SSSDConfig/__init__.py.in:184 -#: src/config/SSSDConfig/__init__.py.in:205 +#: src/config/SSSDConfig/__init__.py.in:206 msgid "The TTL to apply to the client's DNS entry after updating it" msgstr "" #: src/config/SSSDConfig/__init__.py.in:185 -#: src/config/SSSDConfig/__init__.py.in:206 +#: src/config/SSSDConfig/__init__.py.in:207 msgid "The interface whose IP should be used for dynamic DNS updates" msgstr "" @@ -541,1114 +541,1126 @@ msgstr "" msgid "How long can cached credentials be used for cached authentication" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:200 -msgid "IPA domain" +#: src/config/SSSDConfig/__init__.py.in:198 +msgid "Whether to automatically create private groups for users" msgstr "" #: src/config/SSSDConfig/__init__.py.in:201 +msgid "IPA domain" +msgstr "" + +#: src/config/SSSDConfig/__init__.py.in:202 msgid "IPA server address" msgstr "IPA 服务器地址" -#: src/config/SSSDConfig/__init__.py.in:202 +#: src/config/SSSDConfig/__init__.py.in:203 msgid "Address of backup IPA server" msgstr "IPA 备份服务器地址" -#: src/config/SSSDConfig/__init__.py.in:203 +#: src/config/SSSDConfig/__init__.py.in:204 msgid "IPA client hostname" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:204 +#: src/config/SSSDConfig/__init__.py.in:205 msgid "Whether to automatically update the client's DNS entry in FreeIPA" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:207 +#: src/config/SSSDConfig/__init__.py.in:208 msgid "Search base for HBAC related objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:208 +#: src/config/SSSDConfig/__init__.py.in:209 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:209 +#: src/config/SSSDConfig/__init__.py.in:210 msgid "" "The amount of time in seconds between lookups of the SELinux maps against " "the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:210 +#: src/config/SSSDConfig/__init__.py.in:211 msgid "If set to false, host argument given by PAM will be ignored" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:211 +#: src/config/SSSDConfig/__init__.py.in:212 msgid "The automounter location this IPA client is using" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:212 +#: src/config/SSSDConfig/__init__.py.in:213 msgid "Search base for object containing info about IPA domain" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:213 +#: src/config/SSSDConfig/__init__.py.in:214 msgid "Search base for objects containing info about ID ranges" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:214 -#: src/config/SSSDConfig/__init__.py.in:232 +#: src/config/SSSDConfig/__init__.py.in:215 +#: src/config/SSSDConfig/__init__.py.in:233 msgid "Enable DNS sites - location based service discovery" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:215 +#: src/config/SSSDConfig/__init__.py.in:216 msgid "Search base for view containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:216 +#: src/config/SSSDConfig/__init__.py.in:217 msgid "Objectclass for view containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:217 +#: src/config/SSSDConfig/__init__.py.in:218 msgid "Attribute with the name of the view" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:218 +#: src/config/SSSDConfig/__init__.py.in:219 msgid "Objectclass for override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:219 +#: src/config/SSSDConfig/__init__.py.in:220 msgid "Attribute with the reference to the original object" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:220 +#: src/config/SSSDConfig/__init__.py.in:221 msgid "Objectclass for user override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:221 +#: src/config/SSSDConfig/__init__.py.in:222 msgid "Objectclass for group override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:222 +#: src/config/SSSDConfig/__init__.py.in:223 msgid "Search base for Desktop Profile related objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:223 +#: src/config/SSSDConfig/__init__.py.in:224 msgid "" "The amount of time in seconds between lookups of the Desktop Profile rules " "against the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:224 +#: src/config/SSSDConfig/__init__.py.in:225 msgid "" "The amount of time in minutes between lookups of Desktop Profiles rules " "against the IPA server when the last request did not find any rule" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:227 +#: src/config/SSSDConfig/__init__.py.in:228 msgid "Active Directory domain" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:228 +#: src/config/SSSDConfig/__init__.py.in:229 msgid "Enabled Active Directory domains" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:229 +#: src/config/SSSDConfig/__init__.py.in:230 msgid "Active Directory server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:230 +#: src/config/SSSDConfig/__init__.py.in:231 msgid "Active Directory backup server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:231 +#: src/config/SSSDConfig/__init__.py.in:232 msgid "Active Directory client hostname" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:233 -#: src/config/SSSDConfig/__init__.py.in:419 +#: src/config/SSSDConfig/__init__.py.in:234 +#: src/config/SSSDConfig/__init__.py.in:420 msgid "LDAP filter to determine access privileges" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:234 +#: src/config/SSSDConfig/__init__.py.in:235 msgid "Whether to use the Global Catalog for lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:235 +#: src/config/SSSDConfig/__init__.py.in:236 msgid "Operation mode for GPO-based access control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:236 +#: src/config/SSSDConfig/__init__.py.in:237 msgid "" "The amount of time between lookups of the GPO policy files against the AD " "server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:237 +#: src/config/SSSDConfig/__init__.py.in:238 msgid "" "PAM service names that map to the GPO (Deny)InteractiveLogonRight policy " "settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:238 +#: src/config/SSSDConfig/__init__.py.in:239 msgid "" "PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight " "policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:239 +#: src/config/SSSDConfig/__init__.py.in:240 msgid "" "PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:240 +#: src/config/SSSDConfig/__init__.py.in:241 msgid "" "PAM service names that map to the GPO (Deny)BatchLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:241 +#: src/config/SSSDConfig/__init__.py.in:242 msgid "" "PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:242 +#: src/config/SSSDConfig/__init__.py.in:243 msgid "PAM service names for which GPO-based access is always granted" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:243 +#: src/config/SSSDConfig/__init__.py.in:244 msgid "PAM service names for which GPO-based access is always denied" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:244 +#: src/config/SSSDConfig/__init__.py.in:245 msgid "" "Default logon right (or permit/deny) to use for unmapped PAM service names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:245 +#: src/config/SSSDConfig/__init__.py.in:246 msgid "a particular site to be used by the client" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:246 +#: src/config/SSSDConfig/__init__.py.in:247 msgid "" "Maximum age in days before the machine account password should be renewed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:247 +#: src/config/SSSDConfig/__init__.py.in:248 msgid "Option for tuning the machine account renewal task" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:250 #: src/config/SSSDConfig/__init__.py.in:251 +#: src/config/SSSDConfig/__init__.py.in:252 msgid "Kerberos server address" msgstr "Kerberos 服务器地址" -#: src/config/SSSDConfig/__init__.py.in:252 +#: src/config/SSSDConfig/__init__.py.in:253 msgid "Kerberos backup server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:253 +#: src/config/SSSDConfig/__init__.py.in:254 msgid "Kerberos realm" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:254 +#: src/config/SSSDConfig/__init__.py.in:255 msgid "Authentication timeout" msgstr "验证超时" -#: src/config/SSSDConfig/__init__.py.in:255 +#: src/config/SSSDConfig/__init__.py.in:256 msgid "Whether to create kdcinfo files" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:256 +#: src/config/SSSDConfig/__init__.py.in:257 msgid "Where to drop krb5 config snippets" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:259 +#: src/config/SSSDConfig/__init__.py.in:260 msgid "Directory to store credential caches" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:260 +#: src/config/SSSDConfig/__init__.py.in:261 msgid "Location of the user's credential cache" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:261 +#: src/config/SSSDConfig/__init__.py.in:262 msgid "Location of the keytab to validate credentials" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:262 +#: src/config/SSSDConfig/__init__.py.in:263 msgid "Enable credential validation" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:263 +#: src/config/SSSDConfig/__init__.py.in:264 msgid "Store password if offline for later online authentication" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:264 +#: src/config/SSSDConfig/__init__.py.in:265 msgid "Renewable lifetime of the TGT" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:265 +#: src/config/SSSDConfig/__init__.py.in:266 msgid "Lifetime of the TGT" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:266 +#: src/config/SSSDConfig/__init__.py.in:267 msgid "Time between two checks for renewal" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:267 +#: src/config/SSSDConfig/__init__.py.in:268 msgid "Enables FAST" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:268 +#: src/config/SSSDConfig/__init__.py.in:269 msgid "Selects the principal to use for FAST" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:269 +#: src/config/SSSDConfig/__init__.py.in:270 msgid "Enables principal canonicalization" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:270 +#: src/config/SSSDConfig/__init__.py.in:271 msgid "Enables enterprise principals" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:271 -msgid "A mapping from user names to kerberos principal names" +#: src/config/SSSDConfig/__init__.py.in:272 +msgid "A mapping from user names to Kerberos principal names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:274 #: src/config/SSSDConfig/__init__.py.in:275 +#: src/config/SSSDConfig/__init__.py.in:276 msgid "Server where the change password service is running if not on the KDC" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:278 +#: src/config/SSSDConfig/__init__.py.in:279 msgid "ldap_uri, The URI of the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:279 +#: src/config/SSSDConfig/__init__.py.in:280 msgid "ldap_backup_uri, The URI of the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:280 +#: src/config/SSSDConfig/__init__.py.in:281 msgid "The default base DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:281 +#: src/config/SSSDConfig/__init__.py.in:282 msgid "The Schema Type in use on the LDAP server, rfc2307" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:282 +#: src/config/SSSDConfig/__init__.py.in:283 msgid "The default bind DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:283 +#: src/config/SSSDConfig/__init__.py.in:284 msgid "The type of the authentication token of the default bind DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:284 +#: src/config/SSSDConfig/__init__.py.in:285 msgid "The authentication token of the default bind DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:285 +#: src/config/SSSDConfig/__init__.py.in:286 msgid "Length of time to attempt connection" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:286 +#: src/config/SSSDConfig/__init__.py.in:287 msgid "Length of time to attempt synchronous LDAP operations" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:287 +#: src/config/SSSDConfig/__init__.py.in:288 msgid "Length of time between attempts to reconnect while offline" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:288 +#: src/config/SSSDConfig/__init__.py.in:289 msgid "Use only the upper case for realm names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:289 +#: src/config/SSSDConfig/__init__.py.in:290 msgid "File that contains CA certificates" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:290 +#: src/config/SSSDConfig/__init__.py.in:291 msgid "Path to CA certificate directory" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:291 +#: src/config/SSSDConfig/__init__.py.in:292 msgid "File that contains the client certificate" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:292 +#: src/config/SSSDConfig/__init__.py.in:293 msgid "File that contains the client key" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:293 +#: src/config/SSSDConfig/__init__.py.in:294 msgid "List of possible ciphers suites" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:294 +#: src/config/SSSDConfig/__init__.py.in:295 msgid "Require TLS certificate verification" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:295 +#: src/config/SSSDConfig/__init__.py.in:296 msgid "Specify the sasl mechanism to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:296 +#: src/config/SSSDConfig/__init__.py.in:297 msgid "Specify the sasl authorization id to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:297 +#: src/config/SSSDConfig/__init__.py.in:298 msgid "Specify the sasl authorization realm to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:298 +#: src/config/SSSDConfig/__init__.py.in:299 msgid "Specify the minimal SSF for LDAP sasl authorization" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:299 +#: src/config/SSSDConfig/__init__.py.in:300 msgid "Kerberos service keytab" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:300 +#: src/config/SSSDConfig/__init__.py.in:301 msgid "Use Kerberos auth for LDAP connection" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:301 +#: src/config/SSSDConfig/__init__.py.in:302 msgid "Follow LDAP referrals" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:302 +#: src/config/SSSDConfig/__init__.py.in:303 msgid "Lifetime of TGT for LDAP connection" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:303 +#: src/config/SSSDConfig/__init__.py.in:304 msgid "How to dereference aliases" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:304 +#: src/config/SSSDConfig/__init__.py.in:305 msgid "Service name for DNS service lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:305 +#: src/config/SSSDConfig/__init__.py.in:306 msgid "The number of records to retrieve in a single LDAP query" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:306 +#: src/config/SSSDConfig/__init__.py.in:307 msgid "The number of members that must be missing to trigger a full deref" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:307 +#: src/config/SSSDConfig/__init__.py.in:308 msgid "" "Whether the LDAP library should perform a reverse lookup to canonicalize the " "host name during a SASL bind" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:309 +#: src/config/SSSDConfig/__init__.py.in:310 msgid "entryUSN attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:310 +#: src/config/SSSDConfig/__init__.py.in:311 msgid "lastUSN attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:312 +#: src/config/SSSDConfig/__init__.py.in:313 msgid "How long to retain a connection to the LDAP server before disconnecting" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:314 +#: src/config/SSSDConfig/__init__.py.in:315 msgid "Disable the LDAP paging control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:315 +#: src/config/SSSDConfig/__init__.py.in:316 msgid "Disable Active Directory range retrieval" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:318 +#: src/config/SSSDConfig/__init__.py.in:319 msgid "Length of time to wait for a search request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:319 +#: src/config/SSSDConfig/__init__.py.in:320 msgid "Length of time to wait for a enumeration request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:320 +#: src/config/SSSDConfig/__init__.py.in:321 msgid "Length of time between enumeration updates" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:321 +#: src/config/SSSDConfig/__init__.py.in:322 msgid "Length of time between cache cleanups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:322 +#: src/config/SSSDConfig/__init__.py.in:323 msgid "Require TLS for ID lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:323 +#: src/config/SSSDConfig/__init__.py.in:324 msgid "Use ID-mapping of objectSID instead of pre-set IDs" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:324 +#: src/config/SSSDConfig/__init__.py.in:325 msgid "Base DN for user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:325 +#: src/config/SSSDConfig/__init__.py.in:326 msgid "Scope of user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:326 +#: src/config/SSSDConfig/__init__.py.in:327 msgid "Filter for user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:327 +#: src/config/SSSDConfig/__init__.py.in:328 msgid "Objectclass for users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:328 +#: src/config/SSSDConfig/__init__.py.in:329 msgid "Username attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:330 +#: src/config/SSSDConfig/__init__.py.in:331 msgid "UID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:331 +#: src/config/SSSDConfig/__init__.py.in:332 msgid "Primary GID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:332 +#: src/config/SSSDConfig/__init__.py.in:333 msgid "GECOS attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:333 +#: src/config/SSSDConfig/__init__.py.in:334 msgid "Home directory attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:334 +#: src/config/SSSDConfig/__init__.py.in:335 msgid "Shell attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:335 +#: src/config/SSSDConfig/__init__.py.in:336 msgid "UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:336 -#: src/config/SSSDConfig/__init__.py.in:378 +#: src/config/SSSDConfig/__init__.py.in:337 +#: src/config/SSSDConfig/__init__.py.in:379 msgid "objectSID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:337 +#: src/config/SSSDConfig/__init__.py.in:338 msgid "Active Directory primary group attribute for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:338 +#: src/config/SSSDConfig/__init__.py.in:339 msgid "User principal attribute (for Kerberos)" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:339 +#: src/config/SSSDConfig/__init__.py.in:340 msgid "Full Name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:341 msgid "memberOf attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:341 +#: src/config/SSSDConfig/__init__.py.in:342 msgid "Modification time attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:343 +#: src/config/SSSDConfig/__init__.py.in:344 msgid "shadowLastChange attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:344 +#: src/config/SSSDConfig/__init__.py.in:345 msgid "shadowMin attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:345 +#: src/config/SSSDConfig/__init__.py.in:346 msgid "shadowMax attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:346 +#: src/config/SSSDConfig/__init__.py.in:347 msgid "shadowWarning attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:347 +#: src/config/SSSDConfig/__init__.py.in:348 msgid "shadowInactive attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:348 +#: src/config/SSSDConfig/__init__.py.in:349 msgid "shadowExpire attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:349 +#: src/config/SSSDConfig/__init__.py.in:350 msgid "shadowFlag attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:350 +#: src/config/SSSDConfig/__init__.py.in:351 msgid "Attribute listing authorized PAM services" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:351 +#: src/config/SSSDConfig/__init__.py.in:352 msgid "Attribute listing authorized server hosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:352 +#: src/config/SSSDConfig/__init__.py.in:353 msgid "Attribute listing authorized server rhosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:353 +#: src/config/SSSDConfig/__init__.py.in:354 msgid "krbLastPwdChange attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:354 +#: src/config/SSSDConfig/__init__.py.in:355 msgid "krbPasswordExpiration attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:355 +#: src/config/SSSDConfig/__init__.py.in:356 msgid "Attribute indicating that server side password policies are active" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:356 +#: src/config/SSSDConfig/__init__.py.in:357 msgid "accountExpires attribute of AD" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:357 +#: src/config/SSSDConfig/__init__.py.in:358 msgid "userAccountControl attribute of AD" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:358 +#: src/config/SSSDConfig/__init__.py.in:359 msgid "nsAccountLock attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:359 +#: src/config/SSSDConfig/__init__.py.in:360 msgid "loginDisabled attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:360 +#: src/config/SSSDConfig/__init__.py.in:361 msgid "loginExpirationTime attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:361 +#: src/config/SSSDConfig/__init__.py.in:362 msgid "loginAllowedTimeMap attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:362 +#: src/config/SSSDConfig/__init__.py.in:363 msgid "SSH public key attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:363 +#: src/config/SSSDConfig/__init__.py.in:364 msgid "attribute listing allowed authentication types for a user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:364 +#: src/config/SSSDConfig/__init__.py.in:365 msgid "attribute containing the X509 certificate of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:365 +#: src/config/SSSDConfig/__init__.py.in:366 msgid "attribute containing the email address of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:367 +#: src/config/SSSDConfig/__init__.py.in:368 msgid "A list of extra attributes to download along with the user entry" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:369 +#: src/config/SSSDConfig/__init__.py.in:370 msgid "Base DN for group lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:372 +#: src/config/SSSDConfig/__init__.py.in:373 msgid "Objectclass for groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:373 +#: src/config/SSSDConfig/__init__.py.in:374 msgid "Group name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:374 +#: src/config/SSSDConfig/__init__.py.in:375 msgid "Group password" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:375 +#: src/config/SSSDConfig/__init__.py.in:376 msgid "GID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:376 +#: src/config/SSSDConfig/__init__.py.in:377 msgid "Group member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:377 +#: src/config/SSSDConfig/__init__.py.in:378 msgid "Group UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:379 +#: src/config/SSSDConfig/__init__.py.in:380 msgid "Modification time attribute for groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:380 +#: src/config/SSSDConfig/__init__.py.in:381 msgid "Type of the group and other flags" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:381 +#: src/config/SSSDConfig/__init__.py.in:382 msgid "The LDAP group external member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:383 -msgid "Maximum nesting level SSSd will follow" +#: src/config/SSSDConfig/__init__.py.in:384 +msgid "Maximum nesting level SSSD will follow" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:385 +#: src/config/SSSDConfig/__init__.py.in:386 msgid "Base DN for netgroup lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:386 +#: src/config/SSSDConfig/__init__.py.in:387 msgid "Objectclass for netgroups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:387 +#: src/config/SSSDConfig/__init__.py.in:388 msgid "Netgroup name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:388 +#: src/config/SSSDConfig/__init__.py.in:389 msgid "Netgroups members attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:389 +#: src/config/SSSDConfig/__init__.py.in:390 msgid "Netgroup triple attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:390 +#: src/config/SSSDConfig/__init__.py.in:391 msgid "Modification time attribute for netgroups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:392 +#: src/config/SSSDConfig/__init__.py.in:393 msgid "Base DN for service lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:393 +#: src/config/SSSDConfig/__init__.py.in:394 msgid "Objectclass for services" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:394 +#: src/config/SSSDConfig/__init__.py.in:395 msgid "Service name attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:395 +#: src/config/SSSDConfig/__init__.py.in:396 msgid "Service port attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:396 +#: src/config/SSSDConfig/__init__.py.in:397 msgid "Service protocol attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:399 +#: src/config/SSSDConfig/__init__.py.in:400 msgid "Lower bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:400 +#: src/config/SSSDConfig/__init__.py.in:401 msgid "Upper bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:401 +#: src/config/SSSDConfig/__init__.py.in:402 msgid "Number of IDs for each slice when ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:402 +#: src/config/SSSDConfig/__init__.py.in:403 msgid "Use autorid-compatible algorithm for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:403 +#: src/config/SSSDConfig/__init__.py.in:404 msgid "Name of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:404 +#: src/config/SSSDConfig/__init__.py.in:405 msgid "SID of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:405 +#: src/config/SSSDConfig/__init__.py.in:406 msgid "Number of secondary slices" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:407 +#: src/config/SSSDConfig/__init__.py.in:408 msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:408 +#: src/config/SSSDConfig/__init__.py.in:409 msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:409 +#: src/config/SSSDConfig/__init__.py.in:410 msgid "Whether to use Token-Groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:410 +#: src/config/SSSDConfig/__init__.py.in:411 msgid "Set lower boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:411 +#: src/config/SSSDConfig/__init__.py.in:412 msgid "Set upper boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:412 +#: src/config/SSSDConfig/__init__.py.in:413 msgid "DN for ppolicy queries" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:413 +#: src/config/SSSDConfig/__init__.py.in:414 msgid "How many maximum entries to fetch during a wildcard request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:416 +#: src/config/SSSDConfig/__init__.py.in:417 msgid "Policy to evaluate the password expiration" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:420 +#: src/config/SSSDConfig/__init__.py.in:421 msgid "Which attributes shall be used to evaluate if an account is expired" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:421 +#: src/config/SSSDConfig/__init__.py.in:422 msgid "Which rules should be used to evaluate access control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:424 +#: src/config/SSSDConfig/__init__.py.in:425 msgid "URI of an LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:425 +#: src/config/SSSDConfig/__init__.py.in:426 msgid "URI of a backup LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:426 +#: src/config/SSSDConfig/__init__.py.in:427 msgid "DNS service name for LDAP password change server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:427 +#: src/config/SSSDConfig/__init__.py.in:428 msgid "" "Whether to update the ldap_user_shadow_last_change attribute after a " "password change" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:430 +#: src/config/SSSDConfig/__init__.py.in:431 msgid "Base DN for sudo rules lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:431 +#: src/config/SSSDConfig/__init__.py.in:432 msgid "Automatic full refresh period" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:432 +#: src/config/SSSDConfig/__init__.py.in:433 msgid "Automatic smart refresh period" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:433 +#: src/config/SSSDConfig/__init__.py.in:434 msgid "Whether to filter rules by hostname, IP addresses and network" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:434 +#: src/config/SSSDConfig/__init__.py.in:435 msgid "" "Hostnames and/or fully qualified domain names of this machine to filter sudo " "rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:435 +#: src/config/SSSDConfig/__init__.py.in:436 msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:436 +#: src/config/SSSDConfig/__init__.py.in:437 msgid "Whether to include rules that contains netgroup in host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:437 +#: src/config/SSSDConfig/__init__.py.in:438 msgid "" "Whether to include rules that contains regular expression in host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:438 +#: src/config/SSSDConfig/__init__.py.in:439 msgid "Object class for sudo rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:439 +#: src/config/SSSDConfig/__init__.py.in:440 msgid "Sudo rule name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:440 +#: src/config/SSSDConfig/__init__.py.in:441 msgid "Sudo rule command attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:441 +#: src/config/SSSDConfig/__init__.py.in:442 msgid "Sudo rule host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:442 +#: src/config/SSSDConfig/__init__.py.in:443 msgid "Sudo rule user attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:443 +#: src/config/SSSDConfig/__init__.py.in:444 msgid "Sudo rule option attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:444 +#: src/config/SSSDConfig/__init__.py.in:445 msgid "Sudo rule runas attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:445 +#: src/config/SSSDConfig/__init__.py.in:446 msgid "Sudo rule runasuser attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:446 +#: src/config/SSSDConfig/__init__.py.in:447 msgid "Sudo rule runasgroup attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:447 +#: src/config/SSSDConfig/__init__.py.in:448 msgid "Sudo rule notbefore attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:448 +#: src/config/SSSDConfig/__init__.py.in:449 msgid "Sudo rule notafter attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:449 +#: src/config/SSSDConfig/__init__.py.in:450 msgid "Sudo rule order attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:452 +#: src/config/SSSDConfig/__init__.py.in:453 msgid "Object class for automounter maps" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:453 +#: src/config/SSSDConfig/__init__.py.in:454 msgid "Automounter map name attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:454 +#: src/config/SSSDConfig/__init__.py.in:455 msgid "Object class for automounter map entries" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:455 +#: src/config/SSSDConfig/__init__.py.in:456 msgid "Automounter map entry key attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:456 +#: src/config/SSSDConfig/__init__.py.in:457 msgid "Automounter map entry value attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:457 +#: src/config/SSSDConfig/__init__.py.in:458 msgid "Base DN for automounter map lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:460 +#: src/config/SSSDConfig/__init__.py.in:461 msgid "Comma separated list of allowed users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:461 +#: src/config/SSSDConfig/__init__.py.in:462 msgid "Comma separated list of prohibited users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:464 +#: src/config/SSSDConfig/__init__.py.in:465 msgid "Default shell, /bin/bash" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:465 +#: src/config/SSSDConfig/__init__.py.in:466 msgid "Base for home directories" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:468 +#: src/config/SSSDConfig/__init__.py.in:469 msgid "The number of preforked proxy children." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:471 +#: src/config/SSSDConfig/__init__.py.in:472 msgid "The name of the NSS library to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:472 +#: src/config/SSSDConfig/__init__.py.in:473 msgid "Whether to look up canonical group name from cache if possible" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:475 +#: src/config/SSSDConfig/__init__.py.in:476 msgid "PAM stack to use" msgstr "" -#: src/monitor/monitor.c:2469 +#: src/monitor/monitor.c:2449 msgid "Become a daemon (default)" msgstr "" -#: src/monitor/monitor.c:2471 +#: src/monitor/monitor.c:2451 msgid "Run interactive (not a daemon)" msgstr "" -#: src/monitor/monitor.c:2474 +#: src/monitor/monitor.c:2454 msgid "Disable netlink interface" msgstr "" -#: src/monitor/monitor.c:2476 src/tools/sssctl/sssctl_logs.c:311 +#: src/monitor/monitor.c:2456 src/tools/sssctl/sssctl_logs.c:311 msgid "Specify a non-default config file" msgstr "" -#: src/monitor/monitor.c:2478 +#: src/monitor/monitor.c:2458 msgid "Refresh the configuration database, then exit" msgstr "" -#: src/monitor/monitor.c:2481 +#: src/monitor/monitor.c:2461 msgid "Print version number and exit" msgstr "" -#: src/monitor/monitor.c:2645 +#: src/monitor/monitor.c:2627 msgid "SSSD is already running\n" msgstr "" -#: src/providers/krb5/krb5_child.c:3032 src/providers/ldap/ldap_child.c:616 +#: src/providers/krb5/krb5_child.c:3216 src/providers/ldap/ldap_child.c:617 msgid "Debug level" msgstr "" -#: src/providers/krb5/krb5_child.c:3034 src/providers/ldap/ldap_child.c:618 +#: src/providers/krb5/krb5_child.c:3218 src/providers/ldap/ldap_child.c:619 msgid "Add debug timestamps" msgstr "" -#: src/providers/krb5/krb5_child.c:3036 src/providers/ldap/ldap_child.c:620 +#: src/providers/krb5/krb5_child.c:3220 src/providers/ldap/ldap_child.c:621 msgid "Show timestamps with microseconds" msgstr "" -#: src/providers/krb5/krb5_child.c:3038 src/providers/ldap/ldap_child.c:622 +#: src/providers/krb5/krb5_child.c:3222 src/providers/ldap/ldap_child.c:623 msgid "An open file descriptor for the debug logs" msgstr "" -#: src/providers/krb5/krb5_child.c:3041 src/providers/ldap/ldap_child.c:624 +#: src/providers/krb5/krb5_child.c:3225 src/providers/ldap/ldap_child.c:625 msgid "Send the debug output to stderr directly." msgstr "" -#: src/providers/krb5/krb5_child.c:3043 +#: src/providers/krb5/krb5_child.c:3228 msgid "The user to create FAST ccache as" msgstr "" -#: src/providers/krb5/krb5_child.c:3045 +#: src/providers/krb5/krb5_child.c:3230 msgid "The group to create FAST ccache as" msgstr "" -#: src/providers/krb5/krb5_child.c:3047 +#: src/providers/krb5/krb5_child.c:3232 msgid "Kerberos realm to use" msgstr "" -#: src/providers/krb5/krb5_child.c:3049 +#: src/providers/krb5/krb5_child.c:3234 msgid "Requested lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:3051 +#: src/providers/krb5/krb5_child.c:3236 msgid "Requested renewable lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:3053 +#: src/providers/krb5/krb5_child.c:3238 msgid "FAST options ('never', 'try', 'demand')" msgstr "" -#: src/providers/krb5/krb5_child.c:3056 +#: src/providers/krb5/krb5_child.c:3241 msgid "Specifies the server principal to use for FAST" msgstr "" -#: src/providers/krb5/krb5_child.c:3058 +#: src/providers/krb5/krb5_child.c:3243 msgid "Requests canonicalization of the principal name" msgstr "" -#: src/providers/data_provider_be.c:553 +#: src/providers/krb5/krb5_child.c:3245 +msgid "Use custom version of krb5_get_init_creds_password" +msgstr "" + +#: src/providers/data_provider_be.c:555 msgid "Domain of the information provider (mandatory)" msgstr "" -#: src/sss_client/common.c:1061 +#: src/sss_client/common.c:1066 msgid "Privileged socket has wrong ownership or permissions." msgstr "" -#: src/sss_client/common.c:1064 +#: src/sss_client/common.c:1069 msgid "Public socket has wrong ownership or permissions." msgstr "" -#: src/sss_client/common.c:1067 +#: src/sss_client/common.c:1072 msgid "Unexpected format of the server credential message." msgstr "" -#: src/sss_client/common.c:1070 +#: src/sss_client/common.c:1075 msgid "SSSD is not run by root." msgstr "" -#: src/sss_client/common.c:1075 +#: src/sss_client/common.c:1080 msgid "An error occurred, but no description can be found." msgstr "" -#: src/sss_client/common.c:1081 +#: src/sss_client/common.c:1086 msgid "Unexpected error while looking for an error description" msgstr "" -#: src/sss_client/pam_sss.c:68 +#: src/sss_client/pam_sss.c:76 msgid "Permission denied. " msgstr "" -#: src/sss_client/pam_sss.c:69 src/sss_client/pam_sss.c:746 -#: src/sss_client/pam_sss.c:757 +#: src/sss_client/pam_sss.c:77 src/sss_client/pam_sss.c:782 +#: src/sss_client/pam_sss.c:793 msgid "Server message: " msgstr "" -#: src/sss_client/pam_sss.c:264 +#: src/sss_client/pam_sss.c:300 msgid "Passwords do not match" msgstr "" -#: src/sss_client/pam_sss.c:452 +#: src/sss_client/pam_sss.c:488 msgid "Password reset by root is not supported." msgstr "" -#: src/sss_client/pam_sss.c:493 +#: src/sss_client/pam_sss.c:529 msgid "Authenticated with cached credentials" msgstr "" -#: src/sss_client/pam_sss.c:494 +#: src/sss_client/pam_sss.c:530 msgid ", your cached password will expire at: " msgstr "" -#: src/sss_client/pam_sss.c:524 +#: src/sss_client/pam_sss.c:560 #, c-format msgid "Your password has expired. You have %1$d grace login(s) remaining." msgstr "" -#: src/sss_client/pam_sss.c:570 +#: src/sss_client/pam_sss.c:606 #, c-format msgid "Your password will expire in %1$d %2$s." msgstr "" -#: src/sss_client/pam_sss.c:619 +#: src/sss_client/pam_sss.c:655 msgid "Authentication is denied until: " msgstr "" -#: src/sss_client/pam_sss.c:640 +#: src/sss_client/pam_sss.c:676 msgid "System is offline, password change not possible" msgstr "" -#: src/sss_client/pam_sss.c:655 +#: src/sss_client/pam_sss.c:691 msgid "" "After changing the OTP password, you need to log out and back in order to " "acquire a ticket" msgstr "" -#: src/sss_client/pam_sss.c:743 src/sss_client/pam_sss.c:756 +#: src/sss_client/pam_sss.c:779 src/sss_client/pam_sss.c:792 msgid "Password change failed. " msgstr "" -#: src/sss_client/pam_sss.c:1670 +#: src/sss_client/pam_sss.c:1926 msgid "New Password: " msgstr "" -#: src/sss_client/pam_sss.c:1671 +#: src/sss_client/pam_sss.c:1927 msgid "Reenter new Password: " msgstr "" -#: src/sss_client/pam_sss.c:1783 src/sss_client/pam_sss.c:1786 +#: src/sss_client/pam_sss.c:2039 src/sss_client/pam_sss.c:2042 msgid "First Factor: " msgstr "" -#: src/sss_client/pam_sss.c:1784 +#: src/sss_client/pam_sss.c:2040 src/sss_client/pam_sss.c:2202 msgid "Second Factor (optional): " msgstr "" -#: src/sss_client/pam_sss.c:1787 +#: src/sss_client/pam_sss.c:2043 src/sss_client/pam_sss.c:2205 msgid "Second Factor: " msgstr "" -#: src/sss_client/pam_sss.c:1792 +#: src/sss_client/pam_sss.c:2058 msgid "Password: " msgstr "" -#: src/sss_client/pam_sss.c:1832 +#: src/sss_client/pam_sss.c:2201 src/sss_client/pam_sss.c:2204 +msgid "First Factor (Current Password): " +msgstr "" + +#: src/sss_client/pam_sss.c:2208 msgid "Current Password: " msgstr "" -#: src/sss_client/pam_sss.c:2098 +#: src/sss_client/pam_sss.c:2536 msgid "Password expired. Change your password now." msgstr "" @@ -2281,38 +2293,38 @@ msgstr "" msgid "Cached in InfoPipe" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:511 +#: src/tools/sssctl/sssctl_cache.c:512 #, c-format msgid "Error: Unable to get object [%d]: %s\n" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:527 +#: src/tools/sssctl/sssctl_cache.c:528 #, c-format msgid "%s: Unable to read value [%d]: %s\n" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:555 +#: src/tools/sssctl/sssctl_cache.c:556 msgid "Specify name." msgstr "" -#: src/tools/sssctl/sssctl_cache.c:565 +#: src/tools/sssctl/sssctl_cache.c:566 #, c-format msgid "Unable to parse name %s.\n" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:591 src/tools/sssctl/sssctl_cache.c:638 +#: src/tools/sssctl/sssctl_cache.c:592 src/tools/sssctl/sssctl_cache.c:639 msgid "Search by SID" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:592 +#: src/tools/sssctl/sssctl_cache.c:593 msgid "Search by user ID" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:601 +#: src/tools/sssctl/sssctl_cache.c:602 msgid "Initgroups expiration time" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:639 +#: src/tools/sssctl/sssctl_cache.c:640 msgid "Search by group ID" msgstr "" @@ -2350,7 +2362,7 @@ msgid "Unable to create backup directory [%d]: %s" msgstr "" #: src/tools/sssctl/sssctl_data.c:95 -msgid "SSSD backup of local data already exist, override?" +msgid "SSSD backup of local data already exists, override?" msgstr "" #: src/tools/sssctl/sssctl_data.c:111 diff --git a/po/zh_TW.po b/po/zh_TW.po index 81275090d91..de1a8f0f947 100644 --- a/po/zh_TW.po +++ b/po/zh_TW.po @@ -7,7 +7,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2017-10-20 16:16+0200\n" +"POT-Creation-Date: 2018-03-09 12:31+0100\n" "PO-Revision-Date: 2014-12-14 11:50-0500\n" "Last-Translator: Copied by Zanata \n" "Language-Team: Chinese (Taiwan) (http://www.transifex.com/projects/p/sssd/" @@ -492,12 +492,12 @@ msgid "Whether to automatically update the client's DNS entry" msgstr "" #: src/config/SSSDConfig/__init__.py.in:184 -#: src/config/SSSDConfig/__init__.py.in:205 +#: src/config/SSSDConfig/__init__.py.in:206 msgid "The TTL to apply to the client's DNS entry after updating it" msgstr "" #: src/config/SSSDConfig/__init__.py.in:185 -#: src/config/SSSDConfig/__init__.py.in:206 +#: src/config/SSSDConfig/__init__.py.in:207 msgid "The interface whose IP should be used for dynamic DNS updates" msgstr "" @@ -541,1114 +541,1127 @@ msgstr "" msgid "How long can cached credentials be used for cached authentication" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:200 +#: src/config/SSSDConfig/__init__.py.in:198 +msgid "Whether to automatically create private groups for users" +msgstr "" + +#: src/config/SSSDConfig/__init__.py.in:201 msgid "IPA domain" msgstr "IPA 網域" -#: src/config/SSSDConfig/__init__.py.in:201 +#: src/config/SSSDConfig/__init__.py.in:202 msgid "IPA server address" msgstr "IPA 伺服器位址" -#: src/config/SSSDConfig/__init__.py.in:202 +#: src/config/SSSDConfig/__init__.py.in:203 msgid "Address of backup IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:203 +#: src/config/SSSDConfig/__init__.py.in:204 msgid "IPA client hostname" msgstr "IPA 客戶端主機名稱" -#: src/config/SSSDConfig/__init__.py.in:204 +#: src/config/SSSDConfig/__init__.py.in:205 msgid "Whether to automatically update the client's DNS entry in FreeIPA" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:207 +#: src/config/SSSDConfig/__init__.py.in:208 msgid "Search base for HBAC related objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:208 +#: src/config/SSSDConfig/__init__.py.in:209 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:209 +#: src/config/SSSDConfig/__init__.py.in:210 msgid "" "The amount of time in seconds between lookups of the SELinux maps against " "the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:210 +#: src/config/SSSDConfig/__init__.py.in:211 msgid "If set to false, host argument given by PAM will be ignored" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:211 +#: src/config/SSSDConfig/__init__.py.in:212 msgid "The automounter location this IPA client is using" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:212 +#: src/config/SSSDConfig/__init__.py.in:213 msgid "Search base for object containing info about IPA domain" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:213 +#: src/config/SSSDConfig/__init__.py.in:214 msgid "Search base for objects containing info about ID ranges" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:214 -#: src/config/SSSDConfig/__init__.py.in:232 +#: src/config/SSSDConfig/__init__.py.in:215 +#: src/config/SSSDConfig/__init__.py.in:233 msgid "Enable DNS sites - location based service discovery" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:215 +#: src/config/SSSDConfig/__init__.py.in:216 msgid "Search base for view containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:216 +#: src/config/SSSDConfig/__init__.py.in:217 msgid "Objectclass for view containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:217 +#: src/config/SSSDConfig/__init__.py.in:218 msgid "Attribute with the name of the view" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:218 +#: src/config/SSSDConfig/__init__.py.in:219 msgid "Objectclass for override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:219 +#: src/config/SSSDConfig/__init__.py.in:220 msgid "Attribute with the reference to the original object" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:220 +#: src/config/SSSDConfig/__init__.py.in:221 msgid "Objectclass for user override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:221 +#: src/config/SSSDConfig/__init__.py.in:222 msgid "Objectclass for group override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:222 +#: src/config/SSSDConfig/__init__.py.in:223 msgid "Search base for Desktop Profile related objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:223 +#: src/config/SSSDConfig/__init__.py.in:224 msgid "" "The amount of time in seconds between lookups of the Desktop Profile rules " "against the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:224 +#: src/config/SSSDConfig/__init__.py.in:225 msgid "" "The amount of time in minutes between lookups of Desktop Profiles rules " "against the IPA server when the last request did not find any rule" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:227 +#: src/config/SSSDConfig/__init__.py.in:228 msgid "Active Directory domain" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:228 +#: src/config/SSSDConfig/__init__.py.in:229 msgid "Enabled Active Directory domains" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:229 +#: src/config/SSSDConfig/__init__.py.in:230 msgid "Active Directory server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:230 +#: src/config/SSSDConfig/__init__.py.in:231 msgid "Active Directory backup server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:231 +#: src/config/SSSDConfig/__init__.py.in:232 msgid "Active Directory client hostname" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:233 -#: src/config/SSSDConfig/__init__.py.in:419 +#: src/config/SSSDConfig/__init__.py.in:234 +#: src/config/SSSDConfig/__init__.py.in:420 msgid "LDAP filter to determine access privileges" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:234 +#: src/config/SSSDConfig/__init__.py.in:235 msgid "Whether to use the Global Catalog for lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:235 +#: src/config/SSSDConfig/__init__.py.in:236 msgid "Operation mode for GPO-based access control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:236 +#: src/config/SSSDConfig/__init__.py.in:237 msgid "" "The amount of time between lookups of the GPO policy files against the AD " "server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:237 +#: src/config/SSSDConfig/__init__.py.in:238 msgid "" "PAM service names that map to the GPO (Deny)InteractiveLogonRight policy " "settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:238 +#: src/config/SSSDConfig/__init__.py.in:239 msgid "" "PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight " "policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:239 +#: src/config/SSSDConfig/__init__.py.in:240 msgid "" "PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:240 +#: src/config/SSSDConfig/__init__.py.in:241 msgid "" "PAM service names that map to the GPO (Deny)BatchLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:241 +#: src/config/SSSDConfig/__init__.py.in:242 msgid "" "PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:242 +#: src/config/SSSDConfig/__init__.py.in:243 msgid "PAM service names for which GPO-based access is always granted" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:243 +#: src/config/SSSDConfig/__init__.py.in:244 msgid "PAM service names for which GPO-based access is always denied" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:244 +#: src/config/SSSDConfig/__init__.py.in:245 msgid "" "Default logon right (or permit/deny) to use for unmapped PAM service names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:245 +#: src/config/SSSDConfig/__init__.py.in:246 msgid "a particular site to be used by the client" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:246 +#: src/config/SSSDConfig/__init__.py.in:247 msgid "" "Maximum age in days before the machine account password should be renewed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:247 +#: src/config/SSSDConfig/__init__.py.in:248 msgid "Option for tuning the machine account renewal task" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:250 #: src/config/SSSDConfig/__init__.py.in:251 +#: src/config/SSSDConfig/__init__.py.in:252 msgid "Kerberos server address" msgstr "Kerberos 伺服器位址" -#: src/config/SSSDConfig/__init__.py.in:252 +#: src/config/SSSDConfig/__init__.py.in:253 msgid "Kerberos backup server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:253 +#: src/config/SSSDConfig/__init__.py.in:254 msgid "Kerberos realm" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:254 +#: src/config/SSSDConfig/__init__.py.in:255 msgid "Authentication timeout" msgstr "認證逾時" -#: src/config/SSSDConfig/__init__.py.in:255 +#: src/config/SSSDConfig/__init__.py.in:256 msgid "Whether to create kdcinfo files" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:256 +#: src/config/SSSDConfig/__init__.py.in:257 msgid "Where to drop krb5 config snippets" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:259 +#: src/config/SSSDConfig/__init__.py.in:260 msgid "Directory to store credential caches" msgstr "儲存憑證快取的目錄" -#: src/config/SSSDConfig/__init__.py.in:260 +#: src/config/SSSDConfig/__init__.py.in:261 msgid "Location of the user's credential cache" msgstr "使用者憑證快取的位置" -#: src/config/SSSDConfig/__init__.py.in:261 +#: src/config/SSSDConfig/__init__.py.in:262 msgid "Location of the keytab to validate credentials" msgstr "驗證憑證用的金鑰表格位置" -#: src/config/SSSDConfig/__init__.py.in:262 +#: src/config/SSSDConfig/__init__.py.in:263 msgid "Enable credential validation" msgstr "啟用憑證驗證" -#: src/config/SSSDConfig/__init__.py.in:263 +#: src/config/SSSDConfig/__init__.py.in:264 msgid "Store password if offline for later online authentication" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:264 +#: src/config/SSSDConfig/__init__.py.in:265 msgid "Renewable lifetime of the TGT" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:265 +#: src/config/SSSDConfig/__init__.py.in:266 msgid "Lifetime of the TGT" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:266 +#: src/config/SSSDConfig/__init__.py.in:267 msgid "Time between two checks for renewal" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:267 +#: src/config/SSSDConfig/__init__.py.in:268 msgid "Enables FAST" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:268 +#: src/config/SSSDConfig/__init__.py.in:269 msgid "Selects the principal to use for FAST" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:269 +#: src/config/SSSDConfig/__init__.py.in:270 msgid "Enables principal canonicalization" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:270 +#: src/config/SSSDConfig/__init__.py.in:271 msgid "Enables enterprise principals" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:271 -msgid "A mapping from user names to kerberos principal names" +#: src/config/SSSDConfig/__init__.py.in:272 +msgid "A mapping from user names to Kerberos principal names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:274 #: src/config/SSSDConfig/__init__.py.in:275 +#: src/config/SSSDConfig/__init__.py.in:276 msgid "Server where the change password service is running if not on the KDC" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:278 +#: src/config/SSSDConfig/__init__.py.in:279 msgid "ldap_uri, The URI of the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:279 +#: src/config/SSSDConfig/__init__.py.in:280 msgid "ldap_backup_uri, The URI of the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:280 +#: src/config/SSSDConfig/__init__.py.in:281 msgid "The default base DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:281 +#: src/config/SSSDConfig/__init__.py.in:282 msgid "The Schema Type in use on the LDAP server, rfc2307" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:282 +#: src/config/SSSDConfig/__init__.py.in:283 msgid "The default bind DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:283 +#: src/config/SSSDConfig/__init__.py.in:284 msgid "The type of the authentication token of the default bind DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:284 +#: src/config/SSSDConfig/__init__.py.in:285 msgid "The authentication token of the default bind DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:285 +#: src/config/SSSDConfig/__init__.py.in:286 msgid "Length of time to attempt connection" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:286 +#: src/config/SSSDConfig/__init__.py.in:287 msgid "Length of time to attempt synchronous LDAP operations" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:287 +#: src/config/SSSDConfig/__init__.py.in:288 msgid "Length of time between attempts to reconnect while offline" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:288 +#: src/config/SSSDConfig/__init__.py.in:289 msgid "Use only the upper case for realm names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:289 +#: src/config/SSSDConfig/__init__.py.in:290 msgid "File that contains CA certificates" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:290 +#: src/config/SSSDConfig/__init__.py.in:291 msgid "Path to CA certificate directory" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:291 +#: src/config/SSSDConfig/__init__.py.in:292 msgid "File that contains the client certificate" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:292 +#: src/config/SSSDConfig/__init__.py.in:293 msgid "File that contains the client key" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:293 +#: src/config/SSSDConfig/__init__.py.in:294 msgid "List of possible ciphers suites" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:294 +#: src/config/SSSDConfig/__init__.py.in:295 msgid "Require TLS certificate verification" msgstr "需要 TLS 憑證驗證" -#: src/config/SSSDConfig/__init__.py.in:295 +#: src/config/SSSDConfig/__init__.py.in:296 msgid "Specify the sasl mechanism to use" msgstr "指定要使用的 sasl 機制" -#: src/config/SSSDConfig/__init__.py.in:296 +#: src/config/SSSDConfig/__init__.py.in:297 msgid "Specify the sasl authorization id to use" msgstr "指定要使用的 sasl 認證 id" -#: src/config/SSSDConfig/__init__.py.in:297 +#: src/config/SSSDConfig/__init__.py.in:298 msgid "Specify the sasl authorization realm to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:298 +#: src/config/SSSDConfig/__init__.py.in:299 msgid "Specify the minimal SSF for LDAP sasl authorization" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:299 +#: src/config/SSSDConfig/__init__.py.in:300 msgid "Kerberos service keytab" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:300 +#: src/config/SSSDConfig/__init__.py.in:301 msgid "Use Kerberos auth for LDAP connection" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:301 +#: src/config/SSSDConfig/__init__.py.in:302 msgid "Follow LDAP referrals" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:302 +#: src/config/SSSDConfig/__init__.py.in:303 msgid "Lifetime of TGT for LDAP connection" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:303 +#: src/config/SSSDConfig/__init__.py.in:304 msgid "How to dereference aliases" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:304 +#: src/config/SSSDConfig/__init__.py.in:305 msgid "Service name for DNS service lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:305 +#: src/config/SSSDConfig/__init__.py.in:306 msgid "The number of records to retrieve in a single LDAP query" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:306 +#: src/config/SSSDConfig/__init__.py.in:307 msgid "The number of members that must be missing to trigger a full deref" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:307 +#: src/config/SSSDConfig/__init__.py.in:308 msgid "" "Whether the LDAP library should perform a reverse lookup to canonicalize the " "host name during a SASL bind" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:309 +#: src/config/SSSDConfig/__init__.py.in:310 msgid "entryUSN attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:310 +#: src/config/SSSDConfig/__init__.py.in:311 msgid "lastUSN attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:312 +#: src/config/SSSDConfig/__init__.py.in:313 msgid "How long to retain a connection to the LDAP server before disconnecting" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:314 +#: src/config/SSSDConfig/__init__.py.in:315 msgid "Disable the LDAP paging control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:315 +#: src/config/SSSDConfig/__init__.py.in:316 msgid "Disable Active Directory range retrieval" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:318 +#: src/config/SSSDConfig/__init__.py.in:319 msgid "Length of time to wait for a search request" msgstr "搜尋請求的等候時間長度" -#: src/config/SSSDConfig/__init__.py.in:319 +#: src/config/SSSDConfig/__init__.py.in:320 msgid "Length of time to wait for a enumeration request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:320 +#: src/config/SSSDConfig/__init__.py.in:321 msgid "Length of time between enumeration updates" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:321 +#: src/config/SSSDConfig/__init__.py.in:322 msgid "Length of time between cache cleanups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:322 +#: src/config/SSSDConfig/__init__.py.in:323 msgid "Require TLS for ID lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:323 +#: src/config/SSSDConfig/__init__.py.in:324 msgid "Use ID-mapping of objectSID instead of pre-set IDs" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:324 +#: src/config/SSSDConfig/__init__.py.in:325 msgid "Base DN for user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:325 +#: src/config/SSSDConfig/__init__.py.in:326 msgid "Scope of user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:326 +#: src/config/SSSDConfig/__init__.py.in:327 msgid "Filter for user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:327 +#: src/config/SSSDConfig/__init__.py.in:328 msgid "Objectclass for users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:328 +#: src/config/SSSDConfig/__init__.py.in:329 msgid "Username attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:330 +#: src/config/SSSDConfig/__init__.py.in:331 msgid "UID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:331 +#: src/config/SSSDConfig/__init__.py.in:332 msgid "Primary GID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:332 +#: src/config/SSSDConfig/__init__.py.in:333 msgid "GECOS attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:333 +#: src/config/SSSDConfig/__init__.py.in:334 msgid "Home directory attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:334 +#: src/config/SSSDConfig/__init__.py.in:335 msgid "Shell attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:335 +#: src/config/SSSDConfig/__init__.py.in:336 msgid "UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:336 -#: src/config/SSSDConfig/__init__.py.in:378 +#: src/config/SSSDConfig/__init__.py.in:337 +#: src/config/SSSDConfig/__init__.py.in:379 msgid "objectSID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:337 +#: src/config/SSSDConfig/__init__.py.in:338 msgid "Active Directory primary group attribute for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:338 +#: src/config/SSSDConfig/__init__.py.in:339 msgid "User principal attribute (for Kerberos)" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:339 +#: src/config/SSSDConfig/__init__.py.in:340 msgid "Full Name" msgstr "全名" -#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:341 msgid "memberOf attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:341 +#: src/config/SSSDConfig/__init__.py.in:342 msgid "Modification time attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:343 +#: src/config/SSSDConfig/__init__.py.in:344 msgid "shadowLastChange attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:344 +#: src/config/SSSDConfig/__init__.py.in:345 msgid "shadowMin attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:345 +#: src/config/SSSDConfig/__init__.py.in:346 msgid "shadowMax attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:346 +#: src/config/SSSDConfig/__init__.py.in:347 msgid "shadowWarning attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:347 +#: src/config/SSSDConfig/__init__.py.in:348 msgid "shadowInactive attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:348 +#: src/config/SSSDConfig/__init__.py.in:349 msgid "shadowExpire attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:349 +#: src/config/SSSDConfig/__init__.py.in:350 msgid "shadowFlag attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:350 +#: src/config/SSSDConfig/__init__.py.in:351 msgid "Attribute listing authorized PAM services" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:351 +#: src/config/SSSDConfig/__init__.py.in:352 msgid "Attribute listing authorized server hosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:352 +#: src/config/SSSDConfig/__init__.py.in:353 msgid "Attribute listing authorized server rhosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:353 +#: src/config/SSSDConfig/__init__.py.in:354 msgid "krbLastPwdChange attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:354 +#: src/config/SSSDConfig/__init__.py.in:355 msgid "krbPasswordExpiration attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:355 +#: src/config/SSSDConfig/__init__.py.in:356 msgid "Attribute indicating that server side password policies are active" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:356 +#: src/config/SSSDConfig/__init__.py.in:357 msgid "accountExpires attribute of AD" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:357 +#: src/config/SSSDConfig/__init__.py.in:358 msgid "userAccountControl attribute of AD" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:358 +#: src/config/SSSDConfig/__init__.py.in:359 msgid "nsAccountLock attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:359 +#: src/config/SSSDConfig/__init__.py.in:360 msgid "loginDisabled attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:360 +#: src/config/SSSDConfig/__init__.py.in:361 msgid "loginExpirationTime attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:361 +#: src/config/SSSDConfig/__init__.py.in:362 msgid "loginAllowedTimeMap attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:362 +#: src/config/SSSDConfig/__init__.py.in:363 msgid "SSH public key attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:363 +#: src/config/SSSDConfig/__init__.py.in:364 msgid "attribute listing allowed authentication types for a user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:364 +#: src/config/SSSDConfig/__init__.py.in:365 msgid "attribute containing the X509 certificate of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:365 +#: src/config/SSSDConfig/__init__.py.in:366 msgid "attribute containing the email address of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:367 +#: src/config/SSSDConfig/__init__.py.in:368 msgid "A list of extra attributes to download along with the user entry" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:369 +#: src/config/SSSDConfig/__init__.py.in:370 msgid "Base DN for group lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:372 +#: src/config/SSSDConfig/__init__.py.in:373 msgid "Objectclass for groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:373 +#: src/config/SSSDConfig/__init__.py.in:374 msgid "Group name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:374 +#: src/config/SSSDConfig/__init__.py.in:375 msgid "Group password" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:375 +#: src/config/SSSDConfig/__init__.py.in:376 msgid "GID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:376 +#: src/config/SSSDConfig/__init__.py.in:377 msgid "Group member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:377 +#: src/config/SSSDConfig/__init__.py.in:378 msgid "Group UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:379 +#: src/config/SSSDConfig/__init__.py.in:380 msgid "Modification time attribute for groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:380 +#: src/config/SSSDConfig/__init__.py.in:381 msgid "Type of the group and other flags" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:381 +#: src/config/SSSDConfig/__init__.py.in:382 msgid "The LDAP group external member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:383 -msgid "Maximum nesting level SSSd will follow" +#: src/config/SSSDConfig/__init__.py.in:384 +msgid "Maximum nesting level SSSD will follow" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:385 +#: src/config/SSSDConfig/__init__.py.in:386 msgid "Base DN for netgroup lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:386 +#: src/config/SSSDConfig/__init__.py.in:387 msgid "Objectclass for netgroups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:387 +#: src/config/SSSDConfig/__init__.py.in:388 msgid "Netgroup name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:388 +#: src/config/SSSDConfig/__init__.py.in:389 msgid "Netgroups members attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:389 +#: src/config/SSSDConfig/__init__.py.in:390 msgid "Netgroup triple attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:390 +#: src/config/SSSDConfig/__init__.py.in:391 msgid "Modification time attribute for netgroups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:392 +#: src/config/SSSDConfig/__init__.py.in:393 msgid "Base DN for service lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:393 +#: src/config/SSSDConfig/__init__.py.in:394 msgid "Objectclass for services" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:394 +#: src/config/SSSDConfig/__init__.py.in:395 msgid "Service name attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:395 +#: src/config/SSSDConfig/__init__.py.in:396 msgid "Service port attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:396 +#: src/config/SSSDConfig/__init__.py.in:397 msgid "Service protocol attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:399 +#: src/config/SSSDConfig/__init__.py.in:400 msgid "Lower bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:400 +#: src/config/SSSDConfig/__init__.py.in:401 msgid "Upper bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:401 +#: src/config/SSSDConfig/__init__.py.in:402 msgid "Number of IDs for each slice when ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:402 +#: src/config/SSSDConfig/__init__.py.in:403 msgid "Use autorid-compatible algorithm for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:403 +#: src/config/SSSDConfig/__init__.py.in:404 msgid "Name of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:404 +#: src/config/SSSDConfig/__init__.py.in:405 msgid "SID of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:405 +#: src/config/SSSDConfig/__init__.py.in:406 msgid "Number of secondary slices" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:407 +#: src/config/SSSDConfig/__init__.py.in:408 msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:408 +#: src/config/SSSDConfig/__init__.py.in:409 msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:409 +#: src/config/SSSDConfig/__init__.py.in:410 msgid "Whether to use Token-Groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:410 +#: src/config/SSSDConfig/__init__.py.in:411 msgid "Set lower boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:411 +#: src/config/SSSDConfig/__init__.py.in:412 msgid "Set upper boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:412 +#: src/config/SSSDConfig/__init__.py.in:413 msgid "DN for ppolicy queries" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:413 +#: src/config/SSSDConfig/__init__.py.in:414 msgid "How many maximum entries to fetch during a wildcard request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:416 +#: src/config/SSSDConfig/__init__.py.in:417 msgid "Policy to evaluate the password expiration" msgstr "評估密碼過期時效的策略" -#: src/config/SSSDConfig/__init__.py.in:420 +#: src/config/SSSDConfig/__init__.py.in:421 msgid "Which attributes shall be used to evaluate if an account is expired" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:421 +#: src/config/SSSDConfig/__init__.py.in:422 msgid "Which rules should be used to evaluate access control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:424 +#: src/config/SSSDConfig/__init__.py.in:425 msgid "URI of an LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:425 +#: src/config/SSSDConfig/__init__.py.in:426 msgid "URI of a backup LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:426 +#: src/config/SSSDConfig/__init__.py.in:427 msgid "DNS service name for LDAP password change server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:427 +#: src/config/SSSDConfig/__init__.py.in:428 msgid "" "Whether to update the ldap_user_shadow_last_change attribute after a " "password change" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:430 +#: src/config/SSSDConfig/__init__.py.in:431 msgid "Base DN for sudo rules lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:431 +#: src/config/SSSDConfig/__init__.py.in:432 msgid "Automatic full refresh period" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:432 +#: src/config/SSSDConfig/__init__.py.in:433 msgid "Automatic smart refresh period" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:433 +#: src/config/SSSDConfig/__init__.py.in:434 msgid "Whether to filter rules by hostname, IP addresses and network" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:434 +#: src/config/SSSDConfig/__init__.py.in:435 msgid "" "Hostnames and/or fully qualified domain names of this machine to filter sudo " "rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:435 +#: src/config/SSSDConfig/__init__.py.in:436 msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:436 +#: src/config/SSSDConfig/__init__.py.in:437 msgid "Whether to include rules that contains netgroup in host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:437 +#: src/config/SSSDConfig/__init__.py.in:438 msgid "" "Whether to include rules that contains regular expression in host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:438 +#: src/config/SSSDConfig/__init__.py.in:439 msgid "Object class for sudo rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:439 +#: src/config/SSSDConfig/__init__.py.in:440 msgid "Sudo rule name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:440 +#: src/config/SSSDConfig/__init__.py.in:441 msgid "Sudo rule command attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:441 +#: src/config/SSSDConfig/__init__.py.in:442 msgid "Sudo rule host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:442 +#: src/config/SSSDConfig/__init__.py.in:443 msgid "Sudo rule user attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:443 +#: src/config/SSSDConfig/__init__.py.in:444 msgid "Sudo rule option attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:444 +#: src/config/SSSDConfig/__init__.py.in:445 msgid "Sudo rule runas attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:445 +#: src/config/SSSDConfig/__init__.py.in:446 msgid "Sudo rule runasuser attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:446 +#: src/config/SSSDConfig/__init__.py.in:447 msgid "Sudo rule runasgroup attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:447 +#: src/config/SSSDConfig/__init__.py.in:448 msgid "Sudo rule notbefore attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:448 +#: src/config/SSSDConfig/__init__.py.in:449 msgid "Sudo rule notafter attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:449 +#: src/config/SSSDConfig/__init__.py.in:450 msgid "Sudo rule order attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:452 +#: src/config/SSSDConfig/__init__.py.in:453 msgid "Object class for automounter maps" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:453 +#: src/config/SSSDConfig/__init__.py.in:454 msgid "Automounter map name attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:454 +#: src/config/SSSDConfig/__init__.py.in:455 msgid "Object class for automounter map entries" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:455 +#: src/config/SSSDConfig/__init__.py.in:456 msgid "Automounter map entry key attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:456 +#: src/config/SSSDConfig/__init__.py.in:457 msgid "Automounter map entry value attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:457 +#: src/config/SSSDConfig/__init__.py.in:458 msgid "Base DN for automounter map lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:460 +#: src/config/SSSDConfig/__init__.py.in:461 msgid "Comma separated list of allowed users" msgstr "許可的使用者清單,請使用半形逗號作為分隔" -#: src/config/SSSDConfig/__init__.py.in:461 +#: src/config/SSSDConfig/__init__.py.in:462 msgid "Comma separated list of prohibited users" msgstr "被禁止的使用者清單,請使用半形逗號作為分隔" -#: src/config/SSSDConfig/__init__.py.in:464 +#: src/config/SSSDConfig/__init__.py.in:465 msgid "Default shell, /bin/bash" msgstr "預設 shell,/bin/bash" -#: src/config/SSSDConfig/__init__.py.in:465 +#: src/config/SSSDConfig/__init__.py.in:466 msgid "Base for home directories" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:468 +#: src/config/SSSDConfig/__init__.py.in:469 msgid "The number of preforked proxy children." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:471 +#: src/config/SSSDConfig/__init__.py.in:472 msgid "The name of the NSS library to use" msgstr "要使用的 NSS 函式庫名稱" -#: src/config/SSSDConfig/__init__.py.in:472 +#: src/config/SSSDConfig/__init__.py.in:473 msgid "Whether to look up canonical group name from cache if possible" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:475 +#: src/config/SSSDConfig/__init__.py.in:476 msgid "PAM stack to use" msgstr "要使用的 PAM 堆疊" -#: src/monitor/monitor.c:2469 +#: src/monitor/monitor.c:2449 msgid "Become a daemon (default)" msgstr "作為幕後程式 (預設)" -#: src/monitor/monitor.c:2471 +#: src/monitor/monitor.c:2451 msgid "Run interactive (not a daemon)" msgstr "以互動方式執行 (非幕後程式)" -#: src/monitor/monitor.c:2474 +#: src/monitor/monitor.c:2454 msgid "Disable netlink interface" msgstr "" -#: src/monitor/monitor.c:2476 src/tools/sssctl/sssctl_logs.c:311 +#: src/monitor/monitor.c:2456 src/tools/sssctl/sssctl_logs.c:311 msgid "Specify a non-default config file" msgstr "指定非預設的配置檔" -#: src/monitor/monitor.c:2478 +#: src/monitor/monitor.c:2458 msgid "Refresh the configuration database, then exit" msgstr "" -#: src/monitor/monitor.c:2481 +#: src/monitor/monitor.c:2461 msgid "Print version number and exit" msgstr "" -#: src/monitor/monitor.c:2645 +#: src/monitor/monitor.c:2627 msgid "SSSD is already running\n" msgstr "" -#: src/providers/krb5/krb5_child.c:3032 src/providers/ldap/ldap_child.c:616 +#: src/providers/krb5/krb5_child.c:3216 src/providers/ldap/ldap_child.c:617 msgid "Debug level" msgstr "除錯層級" -#: src/providers/krb5/krb5_child.c:3034 src/providers/ldap/ldap_child.c:618 +#: src/providers/krb5/krb5_child.c:3218 src/providers/ldap/ldap_child.c:619 msgid "Add debug timestamps" msgstr "加入除錯時間戳記" -#: src/providers/krb5/krb5_child.c:3036 src/providers/ldap/ldap_child.c:620 +#: src/providers/krb5/krb5_child.c:3220 src/providers/ldap/ldap_child.c:621 msgid "Show timestamps with microseconds" msgstr "" -#: src/providers/krb5/krb5_child.c:3038 src/providers/ldap/ldap_child.c:622 +#: src/providers/krb5/krb5_child.c:3222 src/providers/ldap/ldap_child.c:623 msgid "An open file descriptor for the debug logs" msgstr "" -#: src/providers/krb5/krb5_child.c:3041 src/providers/ldap/ldap_child.c:624 +#: src/providers/krb5/krb5_child.c:3225 src/providers/ldap/ldap_child.c:625 msgid "Send the debug output to stderr directly." msgstr "" -#: src/providers/krb5/krb5_child.c:3043 +#: src/providers/krb5/krb5_child.c:3228 msgid "The user to create FAST ccache as" msgstr "" -#: src/providers/krb5/krb5_child.c:3045 +#: src/providers/krb5/krb5_child.c:3230 msgid "The group to create FAST ccache as" msgstr "" -#: src/providers/krb5/krb5_child.c:3047 +#: src/providers/krb5/krb5_child.c:3232 msgid "Kerberos realm to use" msgstr "" -#: src/providers/krb5/krb5_child.c:3049 +#: src/providers/krb5/krb5_child.c:3234 msgid "Requested lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:3051 +#: src/providers/krb5/krb5_child.c:3236 msgid "Requested renewable lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:3053 +#: src/providers/krb5/krb5_child.c:3238 msgid "FAST options ('never', 'try', 'demand')" msgstr "" -#: src/providers/krb5/krb5_child.c:3056 +#: src/providers/krb5/krb5_child.c:3241 msgid "Specifies the server principal to use for FAST" msgstr "" -#: src/providers/krb5/krb5_child.c:3058 +#: src/providers/krb5/krb5_child.c:3243 msgid "Requests canonicalization of the principal name" msgstr "" -#: src/providers/data_provider_be.c:553 +#: src/providers/krb5/krb5_child.c:3245 +msgid "Use custom version of krb5_get_init_creds_password" +msgstr "" + +#: src/providers/data_provider_be.c:555 msgid "Domain of the information provider (mandatory)" msgstr "" -#: src/sss_client/common.c:1061 +#: src/sss_client/common.c:1066 msgid "Privileged socket has wrong ownership or permissions." msgstr "" -#: src/sss_client/common.c:1064 +#: src/sss_client/common.c:1069 msgid "Public socket has wrong ownership or permissions." msgstr "" -#: src/sss_client/common.c:1067 +#: src/sss_client/common.c:1072 msgid "Unexpected format of the server credential message." msgstr "" -#: src/sss_client/common.c:1070 +#: src/sss_client/common.c:1075 msgid "SSSD is not run by root." msgstr "" -#: src/sss_client/common.c:1075 +#: src/sss_client/common.c:1080 msgid "An error occurred, but no description can be found." msgstr "" -#: src/sss_client/common.c:1081 +#: src/sss_client/common.c:1086 msgid "Unexpected error while looking for an error description" msgstr "" -#: src/sss_client/pam_sss.c:68 +#: src/sss_client/pam_sss.c:76 msgid "Permission denied. " msgstr "" -#: src/sss_client/pam_sss.c:69 src/sss_client/pam_sss.c:746 -#: src/sss_client/pam_sss.c:757 +#: src/sss_client/pam_sss.c:77 src/sss_client/pam_sss.c:782 +#: src/sss_client/pam_sss.c:793 msgid "Server message: " msgstr "伺服器訊息:" -#: src/sss_client/pam_sss.c:264 +#: src/sss_client/pam_sss.c:300 msgid "Passwords do not match" msgstr "密碼不相符" -#: src/sss_client/pam_sss.c:452 +#: src/sss_client/pam_sss.c:488 msgid "Password reset by root is not supported." msgstr "" -#: src/sss_client/pam_sss.c:493 +#: src/sss_client/pam_sss.c:529 msgid "Authenticated with cached credentials" msgstr "" -#: src/sss_client/pam_sss.c:494 +#: src/sss_client/pam_sss.c:530 msgid ", your cached password will expire at: " msgstr ",您快取的密碼將在此刻過期:" -#: src/sss_client/pam_sss.c:524 +#: src/sss_client/pam_sss.c:560 #, c-format msgid "Your password has expired. You have %1$d grace login(s) remaining." msgstr "" -#: src/sss_client/pam_sss.c:570 +#: src/sss_client/pam_sss.c:606 #, c-format msgid "Your password will expire in %1$d %2$s." msgstr "" -#: src/sss_client/pam_sss.c:619 +#: src/sss_client/pam_sss.c:655 msgid "Authentication is denied until: " msgstr "" -#: src/sss_client/pam_sss.c:640 +#: src/sss_client/pam_sss.c:676 msgid "System is offline, password change not possible" msgstr "系統已離線,不可能作密碼變更" -#: src/sss_client/pam_sss.c:655 +#: src/sss_client/pam_sss.c:691 msgid "" "After changing the OTP password, you need to log out and back in order to " "acquire a ticket" msgstr "" -#: src/sss_client/pam_sss.c:743 src/sss_client/pam_sss.c:756 +#: src/sss_client/pam_sss.c:779 src/sss_client/pam_sss.c:792 msgid "Password change failed. " msgstr "密碼變更失敗。" -#: src/sss_client/pam_sss.c:1670 +#: src/sss_client/pam_sss.c:1926 msgid "New Password: " msgstr "新密碼:" -#: src/sss_client/pam_sss.c:1671 +#: src/sss_client/pam_sss.c:1927 msgid "Reenter new Password: " msgstr "再次輸入新密碼:" -#: src/sss_client/pam_sss.c:1783 src/sss_client/pam_sss.c:1786 +#: src/sss_client/pam_sss.c:2039 src/sss_client/pam_sss.c:2042 msgid "First Factor: " msgstr "" -#: src/sss_client/pam_sss.c:1784 +#: src/sss_client/pam_sss.c:2040 src/sss_client/pam_sss.c:2202 msgid "Second Factor (optional): " msgstr "" -#: src/sss_client/pam_sss.c:1787 +#: src/sss_client/pam_sss.c:2043 src/sss_client/pam_sss.c:2205 msgid "Second Factor: " msgstr "" -#: src/sss_client/pam_sss.c:1792 +#: src/sss_client/pam_sss.c:2058 msgid "Password: " msgstr "密碼:" -#: src/sss_client/pam_sss.c:1832 +#: src/sss_client/pam_sss.c:2201 src/sss_client/pam_sss.c:2204 +#, fuzzy +msgid "First Factor (Current Password): " +msgstr "目前的密碼:" + +#: src/sss_client/pam_sss.c:2208 msgid "Current Password: " msgstr "目前的密碼:" -#: src/sss_client/pam_sss.c:2098 +#: src/sss_client/pam_sss.c:2536 msgid "Password expired. Change your password now." msgstr "密碼已過期。請立刻變更您的密碼。" @@ -2281,38 +2294,38 @@ msgstr "" msgid "Cached in InfoPipe" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:511 +#: src/tools/sssctl/sssctl_cache.c:512 #, c-format msgid "Error: Unable to get object [%d]: %s\n" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:527 +#: src/tools/sssctl/sssctl_cache.c:528 #, c-format msgid "%s: Unable to read value [%d]: %s\n" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:555 +#: src/tools/sssctl/sssctl_cache.c:556 msgid "Specify name." msgstr "" -#: src/tools/sssctl/sssctl_cache.c:565 +#: src/tools/sssctl/sssctl_cache.c:566 #, c-format msgid "Unable to parse name %s.\n" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:591 src/tools/sssctl/sssctl_cache.c:638 +#: src/tools/sssctl/sssctl_cache.c:592 src/tools/sssctl/sssctl_cache.c:639 msgid "Search by SID" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:592 +#: src/tools/sssctl/sssctl_cache.c:593 msgid "Search by user ID" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:601 +#: src/tools/sssctl/sssctl_cache.c:602 msgid "Initgroups expiration time" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:639 +#: src/tools/sssctl/sssctl_cache.c:640 msgid "Search by group ID" msgstr "" @@ -2350,7 +2363,7 @@ msgid "Unable to create backup directory [%d]: %s" msgstr "" #: src/tools/sssctl/sssctl_data.c:95 -msgid "SSSD backup of local data already exist, override?" +msgid "SSSD backup of local data already exists, override?" msgstr "" #: src/tools/sssctl/sssctl_data.c:111 diff --git a/src/man/po/br.po b/src/man/po/br.po index 96e14947593..9d7351e7eff 100644 --- a/src/man/po/br.po +++ b/src/man/po/br.po @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: sssd-docs 1.15.3\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2017-10-20 16:15+0200\n" +"POT-Creation-Date: 2018-03-09 12:30+0100\n" "PO-Revision-Date: 2014-12-14 11:51-0500\n" "Last-Translator: Copied by Zanata \n" "Language-Team: Breton (http://www.transifex.com/projects/p/sssd/language/" @@ -299,9 +299,9 @@ msgstr "" #. type: Content of: #: sssd.conf.5.xml:133 sssd.conf.5.xml:543 sssd.conf.5.xml:837 -#: sssd.conf.5.xml:1467 sssd-ldap.5.xml:1722 sssd-ldap.5.xml:1819 -#: sssd-ldap.5.xml:1881 sssd-ldap.5.xml:2447 sssd-ldap.5.xml:2512 -#: sssd-ldap.5.xml:2530 sssd-ad.5.xml:211 sssd-ad.5.xml:325 sssd-ad.5.xml:862 +#: sssd.conf.5.xml:1474 sssd-ldap.5.xml:1840 sssd-ldap.5.xml:1937 +#: sssd-ldap.5.xml:1999 sssd-ldap.5.xml:2565 sssd-ldap.5.xml:2630 +#: sssd-ldap.5.xml:2648 sssd-ad.5.xml:224 sssd-ad.5.xml:338 sssd-ad.5.xml:882 #: sssd-krb5.5.xml:499 sssd-secrets.5.xml:351 sssd-secrets.5.xml:364 msgid "Default: true" msgstr "Dre ziouer : true" @@ -320,16 +320,16 @@ msgstr "" #. type: Content of: #: sssd.conf.5.xml:146 sssd.conf.5.xml:540 sssd.conf.5.xml:721 -#: sssd.conf.5.xml:1400 sssd.conf.5.xml:2865 sssd-ldap.5.xml:708 -#: sssd-ldap.5.xml:1596 sssd-ldap.5.xml:1615 sssd-ldap.5.xml:1791 -#: sssd-ldap.5.xml:2217 sssd-ipa.5.xml:145 sssd-ipa.5.xml:232 -#: sssd-ipa.5.xml:540 sssd-krb5.5.xml:266 sssd-krb5.5.xml:300 +#: sssd.conf.5.xml:1407 sssd.conf.5.xml:2925 sssd-ldap.5.xml:708 +#: sssd-ldap.5.xml:1714 sssd-ldap.5.xml:1733 sssd-ldap.5.xml:1909 +#: sssd-ldap.5.xml:2335 sssd-ipa.5.xml:151 sssd-ipa.5.xml:238 +#: sssd-ipa.5.xml:559 sssd-krb5.5.xml:266 sssd-krb5.5.xml:300 #: sssd-krb5.5.xml:471 msgid "Default: false" msgstr "" #. type: Content of: -#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2255 +#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2373 #: sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 sssd-systemtap.5.xml:210 #: sssd-systemtap.5.xml:248 sssd-systemtap.5.xml:304 msgid "" @@ -354,8 +354,8 @@ msgid "" msgstr "" #. type: Content of: -#: sssd.conf.5.xml:169 sssd.conf.5.xml:1352 sssd.conf.5.xml:2881 -#: sssd-ldap.5.xml:1467 include/ldap_id_mapping.xml:264 +#: sssd.conf.5.xml:169 sssd.conf.5.xml:1359 sssd.conf.5.xml:2941 +#: sssd-ldap.5.xml:1585 include/ldap_id_mapping.xml:264 msgid "Default: 10" msgstr "" @@ -370,7 +370,7 @@ msgid "The [sssd] section" msgstr "Ar rann [sssd]" #. type: Content of: -#: sssd.conf.5.xml:191 sssd.conf.5.xml:2970 +#: sssd.conf.5.xml:191 sssd.conf.5.xml:3030 msgid "Section parameters" msgstr "Arventennoù ar rann" @@ -396,7 +396,7 @@ msgstr "" msgid "" "Comma separated list of services that are started when sssd itself starts. " "<phrase condition=\"have_systemd\"> The services' list is optional on " -"platforms where systemd is supported, as they will either be socket or dbus " +"platforms where systemd is supported, as they will either be socket or D-Bus " "activated when needed. </phrase>" msgstr "" @@ -450,7 +450,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:259 sssd.conf.5.xml:2508 +#: sssd.conf.5.xml:259 sssd.conf.5.xml:2539 msgid "re_expression (string)" msgstr "re_expression (neudennad)" @@ -470,12 +470,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:276 sssd.conf.5.xml:2559 +#: sssd.conf.5.xml:276 sssd.conf.5.xml:2590 msgid "full_name_format (string)" msgstr "full_name_format (neudennad)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:279 sssd.conf.5.xml:2562 +#: sssd.conf.5.xml:279 sssd.conf.5.xml:2593 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -483,39 +483,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:290 sssd.conf.5.xml:2573 +#: sssd.conf.5.xml:290 sssd.conf.5.xml:2604 msgid "%1$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:291 sssd.conf.5.xml:2574 +#: sssd.conf.5.xml:291 sssd.conf.5.xml:2605 msgid "user name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:294 sssd.conf.5.xml:2577 +#: sssd.conf.5.xml:294 sssd.conf.5.xml:2608 msgid "%2$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:297 sssd.conf.5.xml:2580 +#: sssd.conf.5.xml:297 sssd.conf.5.xml:2611 msgid "domain name as specified in the SSSD config file." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:303 sssd.conf.5.xml:2586 +#: sssd.conf.5.xml:303 sssd.conf.5.xml:2617 msgid "%3$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:306 sssd.conf.5.xml:2589 +#: sssd.conf.5.xml:306 sssd.conf.5.xml:2620 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:287 sssd.conf.5.xml:2570 +#: sssd.conf.5.xml:287 sssd.conf.5.xml:2601 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -639,12 +639,13 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:418 sssd.conf.5.xml:1156 sssd-ldap.5.xml:679 -#: sssd-ldap.5.xml:1555 sssd-ldap.5.xml:1567 sssd-ldap.5.xml:1649 -#: sssd-ad.5.xml:667 sssd-ad.5.xml:742 sssd-krb5.5.xml:410 sssd-krb5.5.xml:556 -#: sssd-secrets.5.xml:339 sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 -#: sssd-secrets.5.xml:404 sssd-secrets.5.xml:415 -#: include/ldap_id_mapping.xml:205 include/ldap_id_mapping.xml:216 +#: sssd.conf.5.xml:418 sssd.conf.5.xml:1163 sssd-ldap.5.xml:679 +#: sssd-ldap.5.xml:1319 sssd-ldap.5.xml:1673 sssd-ldap.5.xml:1685 +#: sssd-ldap.5.xml:1767 sssd-ad.5.xml:687 sssd-ad.5.xml:762 sssd.8.xml:126 +#: sssd-krb5.5.xml:410 sssd-krb5.5.xml:556 sssd-secrets.5.xml:339 +#: sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 sssd-secrets.5.xml:404 +#: sssd-secrets.5.xml:415 include/ldap_id_mapping.xml:205 +#: include/ldap_id_mapping.xml:216 msgid "Default: not set" msgstr "" @@ -831,8 +832,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:587 sssd.conf.5.xml:1364 sssd.conf.5.xml:2931 -#: sssd-ad.5.xml:148 sssd-ad.5.xml:286 sssd-ad.5.xml:300 +#: sssd.conf.5.xml:587 sssd.conf.5.xml:1371 sssd.conf.5.xml:2991 +#: sssd-ad.5.xml:161 sssd-ad.5.xml:299 sssd-ad.5.xml:313 msgid "Default: Not set" msgstr "" @@ -908,7 +909,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:655 sssd.conf.5.xml:687 sssd.conf.5.xml:968 -#: sssd.conf.5.xml:1222 sssd-ldap.5.xml:1294 +#: sssd.conf.5.xml:1229 sssd-ldap.5.xml:1412 msgid "Default: 60" msgstr "" @@ -963,12 +964,12 @@ msgid "" "resource exhaustion on the system. The minimum acceptable value for this " "option is 60 seconds. Setting this option to 0 (zero) means that no timeout " "will be set up to the responder. This option only has effect when SSSD is " -"built with systemd support and when services are either socket or dbus " +"built with systemd support and when services are either socket or D-Bus " "activated." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:709 sssd.conf.5.xml:980 sssd.conf.5.xml:1559 +#: sssd.conf.5.xml:709 sssd.conf.5.xml:981 sssd.conf.5.xml:1566 #: sssd-ldap.5.xml:722 msgid "Default: 300" msgstr "" @@ -1046,7 +1047,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:775 sssd.conf.5.xml:1421 +#: sssd.conf.5.xml:775 sssd.conf.5.xml:1428 msgid "Default: 50" msgstr "" @@ -1064,7 +1065,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:789 sssd.conf.5.xml:1445 +#: sssd.conf.5.xml:789 sssd.conf.5.xml:1452 msgid "Default: 15" msgstr "Dre ziouer : 15" @@ -1081,7 +1082,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:802 sssd.conf.5.xml:1210 sssd.conf.5.xml:2815 sssd.8.xml:79 +#: sssd.conf.5.xml:802 sssd.conf.5.xml:1217 sssd.conf.5.xml:2846 sssd.8.xml:79 msgid "Default: 0" msgstr "Dre ziouer : 0" @@ -1151,7 +1152,7 @@ msgid "" msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:856 sssd.conf.5.xml:1289 sssd.conf.5.xml:1308 +#: sssd.conf.5.xml:856 sssd.conf.5.xml:1296 sssd.conf.5.xml:1315 #: sssd-krb5.5.xml:539 include/override_homedir.xml:59 msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" @@ -1285,12 +1286,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:961 sssd.conf.5.xml:1215 +#: sssd.conf.5.xml:961 sssd.conf.5.xml:1222 msgid "get_domains_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:964 sssd.conf.5.xml:1218 +#: sssd.conf.5.xml:964 sssd.conf.5.xml:1225 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." @@ -1305,23 +1306,30 @@ msgstr "" #: sssd.conf.5.xml:976 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " -"valid." +"valid. Setting this option to zero will disable the in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:983 +#: sssd.conf.5.xml:984 +msgid "" +"WARNING: Disabling the in-memory cache will have significant negative impact " +"on SSSD's performance and should only be used for testing." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:990 msgid "" "NOTE: If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", " "client applications will not use the fast in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:991 sssd-ifp.5.xml:74 +#: sssd.conf.5.xml:998 sssd-ifp.5.xml:74 msgid "user_attributes (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:994 +#: sssd.conf.5.xml:1001 msgid "" "Some of the additional NSS responder requests can return more attributes " "than just the POSIX ones defined by the NSS interface. The list of " @@ -1332,96 +1340,96 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1007 +#: sssd.conf.5.xml:1014 msgid "" "To make configuration more easy the NSS responder will check the InfoPipe " "option if it is not set for the NSS responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1012 +#: sssd.conf.5.xml:1019 msgid "Default: not set, fallback to InfoPipe option" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1017 +#: sssd.conf.5.xml:1024 msgid "pwfield (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1020 +#: sssd.conf.5.xml:1027 msgid "" "The value that NSS operations that return users or groups will return for " "the <quote>password</quote> field." msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:1025 include/override_homedir.xml:56 +#: sssd.conf.5.xml:1032 include/override_homedir.xml:56 msgid "This option can also be set per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1028 +#: sssd.conf.5.xml:1035 msgid "" "Default: <quote>*</quote> (remote domains) or <quote>x</quote> (the files " "domain)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1036 +#: sssd.conf.5.xml:1043 msgid "PAM configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1038 +#: sssd.conf.5.xml:1045 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1043 +#: sssd.conf.5.xml:1050 msgid "offline_credentials_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1046 +#: sssd.conf.5.xml:1053 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1051 sssd.conf.5.xml:1064 +#: sssd.conf.5.xml:1058 sssd.conf.5.xml:1071 msgid "Default: 0 (No limit)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1057 +#: sssd.conf.5.xml:1064 msgid "offline_failed_login_attempts (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1060 +#: sssd.conf.5.xml:1067 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1070 +#: sssd.conf.5.xml:1077 msgid "offline_failed_login_delay (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1073 +#: sssd.conf.5.xml:1080 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1078 +#: sssd.conf.5.xml:1085 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -1429,59 +1437,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1084 sssd.conf.5.xml:1182 +#: sssd.conf.5.xml:1091 sssd.conf.5.xml:1189 msgid "Default: 5" msgstr "Dre zoiuer : 5" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1090 +#: sssd.conf.5.xml:1097 msgid "pam_verbosity (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1093 +#: sssd.conf.5.xml:1100 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1098 +#: sssd.conf.5.xml:1105 msgid "Currently sssd supports the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1101 +#: sssd.conf.5.xml:1108 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1104 +#: sssd.conf.5.xml:1111 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1108 +#: sssd.conf.5.xml:1115 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1111 +#: sssd.conf.5.xml:1118 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1115 sssd.8.xml:63 +#: sssd.conf.5.xml:1122 sssd.8.xml:63 msgid "Default: 1" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1121 +#: sssd.conf.5.xml:1128 msgid "pam_response_filter (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1124 +#: sssd.conf.5.xml:1131 msgid "" "A comma separated list of strings which allows to remove (filter) data sent " "by the PAM responder to pam_sss PAM module. There are different kind of " @@ -1490,61 +1498,61 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1132 +#: sssd.conf.5.xml:1139 msgid "" "While messages already can be controlled with the help of the pam_verbosity " "option this option allows to filter out other kind of responses as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1139 +#: sssd.conf.5.xml:1146 msgid "ENV" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1140 +#: sssd.conf.5.xml:1147 msgid "Do not send any environment variables to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1143 +#: sssd.conf.5.xml:1150 msgid "ENV:var_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1144 +#: sssd.conf.5.xml:1151 msgid "Do not send environment variable var_name to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1148 +#: sssd.conf.5.xml:1155 msgid "ENV:var_name:service" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1149 +#: sssd.conf.5.xml:1156 msgid "Do not send environment variable var_name to service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1137 +#: sssd.conf.5.xml:1144 msgid "" "Currently the following filters are supported: <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1159 +#: sssd.conf.5.xml:1166 msgid "Example: ENV:KRB5CCNAME:sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1165 +#: sssd.conf.5.xml:1172 msgid "pam_id_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1168 +#: sssd.conf.5.xml:1175 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1552,7 +1560,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1174 +#: sssd.conf.5.xml:1181 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -1561,17 +1569,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1188 +#: sssd.conf.5.xml:1195 msgid "pam_pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1191 sssd.conf.5.xml:2010 +#: sssd.conf.5.xml:1198 sssd.conf.5.xml:2028 msgid "Display a warning N days before the password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1194 +#: sssd.conf.5.xml:1201 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1579,26 +1587,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1200 sssd.conf.5.xml:2013 +#: sssd.conf.5.xml:1207 sssd.conf.5.xml:2031 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1205 +#: sssd.conf.5.xml:1212 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:1234 msgid "pam_trusted_users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1230 +#: sssd.conf.5.xml:1237 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to run PAM conversations against trusted domains. Users not " @@ -1608,74 +1616,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1240 +#: sssd.conf.5.xml:1247 msgid "Default: All users are considered trusted by default" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1244 +#: sssd.conf.5.xml:1251 msgid "" "Please note that UID 0 is always allowed to access the PAM responder even in " "case it is not in the pam_trusted_users list." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1251 +#: sssd.conf.5.xml:1258 msgid "pam_public_domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1254 +#: sssd.conf.5.xml:1261 msgid "" "Specifies the comma-separated list of domain names that are accessible even " "to untrusted users." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1258 +#: sssd.conf.5.xml:1265 msgid "Two special values for pam_public_domains option are defined:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1262 +#: sssd.conf.5.xml:1269 msgid "" "all (Untrusted users are allowed to access all domains in PAM responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1266 +#: sssd.conf.5.xml:1273 msgid "" "none (Untrusted users are not allowed to access any domains PAM in " "responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1270 sssd.conf.5.xml:1295 sssd.conf.5.xml:1314 -#: sssd.conf.5.xml:1807 sssd.conf.5.xml:2751 sssd-ldap.5.xml:1850 +#: sssd.conf.5.xml:1277 sssd.conf.5.xml:1302 sssd.conf.5.xml:1321 +#: sssd.conf.5.xml:1825 sssd.conf.5.xml:2782 sssd-ldap.5.xml:1968 msgid "Default: none" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1275 +#: sssd.conf.5.xml:1282 msgid "pam_account_expired_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1278 +#: sssd.conf.5.xml:1285 msgid "" "Allows a custom expiration message to be set, replacing the default " "'Permission denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1283 +#: sssd.conf.5.xml:1290 msgid "" "Note: Please be aware that message is only printed for the SSH service " "unless pam_verbosity is set to 3 (show all messages and debug information)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1291 +#: sssd.conf.5.xml:1298 #, no-wrap msgid "" "pam_account_expired_message = Account expired, please contact help desk.\n" @@ -1683,19 +1691,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1300 +#: sssd.conf.5.xml:1307 msgid "pam_account_locked_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1303 +#: sssd.conf.5.xml:1310 msgid "" "Allows a custom lockout message to be set, replacing the default 'Permission " "denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1310 +#: sssd.conf.5.xml:1317 #, no-wrap msgid "" "pam_account_locked_message = Account locked, please contact help desk.\n" @@ -1703,12 +1711,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1319 +#: sssd.conf.5.xml:1326 msgid "pam_cert_auth (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1322 +#: sssd.conf.5.xml:1329 msgid "" "Enable certificate based Smartcard authentication. Since this requires " "additional communication with the Smartcard which will delay the " @@ -1716,58 +1724,58 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1328 sssd-ldap.5.xml:1078 sssd-ldap.5.xml:1105 -#: sssd-ldap.5.xml:1396 sssd-ldap.5.xml:1417 sssd-ldap.5.xml:1923 -#: include/ldap_id_mapping.xml:244 +#: sssd.conf.5.xml:1335 sssd.conf.5.xml:2875 sssd-ldap.5.xml:1087 +#: sssd-ldap.5.xml:1114 sssd-ldap.5.xml:1514 sssd-ldap.5.xml:1535 +#: sssd-ldap.5.xml:2041 include/ldap_id_mapping.xml:244 msgid "Default: False" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1333 +#: sssd.conf.5.xml:1340 msgid "pam_cert_db_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1336 +#: sssd.conf.5.xml:1343 msgid "" "The path to the certificate database which contain the PKCS#11 modules to " "access the Smartcard." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1340 +#: sssd.conf.5.xml:1347 msgid "Default: /etc/pki/nssdb (NSS version)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1345 +#: sssd.conf.5.xml:1352 msgid "p11_child_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1348 +#: sssd.conf.5.xml:1355 msgid "How many seconds will pam_sss wait for p11_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1357 +#: sssd.conf.5.xml:1364 msgid "pam_app_services (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1360 +#: sssd.conf.5.xml:1367 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1373 +#: sssd.conf.5.xml:1380 msgid "SUDO configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1375 +#: sssd.conf.5.xml:1382 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -1778,24 +1786,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1392 +#: sssd.conf.5.xml:1399 msgid "sudo_timed (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1395 +#: sssd.conf.5.xml:1402 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1407 +#: sssd.conf.5.xml:1414 msgid "sudo_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1410 +#: sssd.conf.5.xml:1417 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -1805,22 +1813,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1429 +#: sssd.conf.5.xml:1436 msgid "AUTOFS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1431 +#: sssd.conf.5.xml:1438 msgid "These options can be used to configure the autofs service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1435 +#: sssd.conf.5.xml:1442 msgid "autofs_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1438 +#: sssd.conf.5.xml:1445 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -1828,68 +1836,68 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1454 +#: sssd.conf.5.xml:1461 msgid "SSH configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1456 +#: sssd.conf.5.xml:1463 msgid "These options can be used to configure the SSH service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1460 +#: sssd.conf.5.xml:1467 msgid "ssh_hash_known_hosts (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1463 +#: sssd.conf.5.xml:1470 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1472 +#: sssd.conf.5.xml:1479 msgid "ssh_known_hosts_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1475 +#: sssd.conf.5.xml:1482 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1479 +#: sssd.conf.5.xml:1486 msgid "Default: 180" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1484 +#: sssd.conf.5.xml:1491 msgid "ca_db (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1487 +#: sssd.conf.5.xml:1494 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1492 +#: sssd.conf.5.xml:1499 msgid "Default: /etc/pki/nssdb" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1500 +#: sssd.conf.5.xml:1507 msgid "PAC responder configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1502 +#: sssd.conf.5.xml:1509 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -1900,7 +1908,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1511 +#: sssd.conf.5.xml:1518 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -1911,24 +1919,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1519 +#: sssd.conf.5.xml:1526 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1525 +#: sssd.conf.5.xml:1532 msgid "These options can be used to configure the PAC responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1529 sssd-ifp.5.xml:50 +#: sssd.conf.5.xml:1536 sssd-ifp.5.xml:50 msgid "allowed_uids (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1532 +#: sssd.conf.5.xml:1539 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -1936,12 +1944,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1538 +#: sssd.conf.5.xml:1545 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1542 +#: sssd.conf.5.xml:1549 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -1950,24 +1958,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1551 +#: sssd.conf.5.xml:1558 msgid "pac_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1554 +#: sssd.conf.5.xml:1561 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1567 +#: sssd.conf.5.xml:1574 msgid "Session recording configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1569 +#: sssd.conf.5.xml:1576 msgid "" "Session recording works in conjunction with <citerefentry> " "<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> </" @@ -1977,72 +1985,72 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1582 +#: sssd.conf.5.xml:1589 msgid "These options can be used to configure session recording." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1586 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:1593 sssd-session-recording.5.xml:64 #, fuzzy #| msgid "re_expression (string)" msgid "scope (string)" msgstr "re_expression (neudennad)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1593 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:1600 sssd-session-recording.5.xml:71 msgid "\"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1596 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:1603 sssd-session-recording.5.xml:74 msgid "No users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1601 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:1608 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1604 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:1611 sssd-session-recording.5.xml:82 msgid "" "Users/groups specified by <replaceable>users</replaceable> and " "<replaceable>groups</replaceable> options are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1613 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:1620 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1616 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:1623 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1589 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:1596 sssd-session-recording.5.xml:67 msgid "" "One of the following strings specifying the scope of session recording: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1623 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:1630 sssd-session-recording.5.xml:101 #, fuzzy #| msgid "Default: 3" msgid "Default: \"none\"" msgstr "Dre ziouer : 3" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1628 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:1635 sssd-session-recording.5.xml:106 #, fuzzy #| msgid "re_expression (string)" msgid "users (string)" msgstr "re_expression (neudennad)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1631 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:1638 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording enabled. " "Matches user names as returned by NSS. I.e. after the possible space " @@ -2050,19 +2058,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1637 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:1644 sssd-session-recording.5.xml:115 msgid "Default: Empty. Matches no users." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1642 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:1649 sssd-session-recording.5.xml:120 #, fuzzy #| msgid "re_expression (string)" msgid "groups (string)" msgstr "re_expression (neudennad)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1645 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:1652 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " @@ -2070,7 +2078,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1651 sssd-session-recording.5.xml:129 +#: sssd.conf.5.xml:1658 sssd-session-recording.5.xml:129 msgid "" "NOTE: using this option (having it set to anything) has a considerable " "performance cost, because each uncached request for a user requires " @@ -2078,22 +2086,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1658 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:1665 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1668 +#: sssd.conf.5.xml:1675 msgid "DOMAIN SECTIONS" msgstr "RANNOÙ DOMANI" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1675 +#: sssd.conf.5.xml:1682 msgid "domain_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1678 +#: sssd.conf.5.xml:1685 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " @@ -2102,14 +2110,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1686 +#: sssd.conf.5.xml:1693 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1690 +#: sssd.conf.5.xml:1697 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " @@ -2118,38 +2126,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1698 +#: sssd.conf.5.xml:1705 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1702 +#: sssd.conf.5.xml:1709 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1706 +#: sssd.conf.5.xml:1713 msgid "Default: posix" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1712 +#: sssd.conf.5.xml:1719 msgid "min_id,max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1715 +#: sssd.conf.5.xml:1722 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1720 +#: sssd.conf.5.xml:1727 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -2158,46 +2166,55 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1727 +#: sssd.conf.5.xml:1734 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1731 +#: sssd.conf.5.xml:1738 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1737 +#: sssd.conf.5.xml:1744 msgid "enumerate (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1740 +#: sssd.conf.5.xml:1747 msgid "" -"Determines if a domain can be enumerated. This parameter can have one of the " -"following values:" +"Determines if a domain can be enumerated, that is, whether the domain can " +"list all the users and group it contains. Note that it is not required to " +"enable enumeration in order for secondary groups to be displayed. This " +"parameter can have one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1744 +#: sssd.conf.5.xml:1755 msgid "TRUE = Users and groups are enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1747 +#: sssd.conf.5.xml:1758 msgid "FALSE = No enumerations for this domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1750 sssd.conf.5.xml:1965 sssd.conf.5.xml:2132 +#: sssd.conf.5.xml:1761 sssd.conf.5.xml:1983 sssd.conf.5.xml:2150 msgid "Default: FALSE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1753 +#: sssd.conf.5.xml:1764 +msgid "" +"Enumerating a domain requires SSSD to download and store ALL user and group " +"entries from the remote server." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1769 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -2205,18 +2222,20 @@ msgid "" "information will go directly to LDAP, though it may be slow, due to the " "heavy enumeration processing. Saving a large number of entries to cache " "after the enumeration completes might also be CPU intensive as the " -"memberships have to be recomputed." +"memberships have to be recomputed. This can lead to the <quote>sssd_be</" +"quote> process becoming unresponsive or even restarted by the internal " +"watchdog." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1766 +#: sssd.conf.5.xml:1784 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1771 +#: sssd.conf.5.xml:1789 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -2225,39 +2244,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1779 +#: sssd.conf.5.xml:1797 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1787 +#: sssd.conf.5.xml:1805 msgid "subdomain_enumerate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1794 +#: sssd.conf.5.xml:1812 msgid "all" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1795 +#: sssd.conf.5.xml:1813 msgid "All discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1798 +#: sssd.conf.5.xml:1816 msgid "none" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1799 +#: sssd.conf.5.xml:1817 msgid "No discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1790 +#: sssd.conf.5.xml:1808 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -2266,19 +2285,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1813 +#: sssd.conf.5.xml:1831 msgid "entry_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1816 +#: sssd.conf.5.xml:1834 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1820 +#: sssd.conf.5.xml:1838 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -2289,151 +2308,151 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1833 +#: sssd.conf.5.xml:1851 msgid "Default: 5400" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1839 +#: sssd.conf.5.xml:1857 msgid "entry_cache_user_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1842 +#: sssd.conf.5.xml:1860 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1846 sssd.conf.5.xml:1859 sssd.conf.5.xml:1872 -#: sssd.conf.5.xml:1885 sssd.conf.5.xml:1898 sssd.conf.5.xml:1912 -#: sssd.conf.5.xml:1926 +#: sssd.conf.5.xml:1864 sssd.conf.5.xml:1877 sssd.conf.5.xml:1890 +#: sssd.conf.5.xml:1903 sssd.conf.5.xml:1916 sssd.conf.5.xml:1930 +#: sssd.conf.5.xml:1944 msgid "Default: entry_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1852 +#: sssd.conf.5.xml:1870 msgid "entry_cache_group_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1855 +#: sssd.conf.5.xml:1873 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1865 +#: sssd.conf.5.xml:1883 msgid "entry_cache_netgroup_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1868 +#: sssd.conf.5.xml:1886 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1878 +#: sssd.conf.5.xml:1896 msgid "entry_cache_service_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1881 +#: sssd.conf.5.xml:1899 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1891 +#: sssd.conf.5.xml:1909 msgid "entry_cache_sudo_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1894 +#: sssd.conf.5.xml:1912 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1904 +#: sssd.conf.5.xml:1922 msgid "entry_cache_autofs_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1907 +#: sssd.conf.5.xml:1925 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1918 +#: sssd.conf.5.xml:1936 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1921 +#: sssd.conf.5.xml:1939 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1932 +#: sssd.conf.5.xml:1950 msgid "refresh_expired_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1935 +#: sssd.conf.5.xml:1953 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1940 +#: sssd.conf.5.xml:1958 msgid "" "The background refresh will process users, groups and netgroups in the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1944 +#: sssd.conf.5.xml:1962 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1948 sssd-ldap.5.xml:746 sssd-ipa.5.xml:248 +#: sssd.conf.5.xml:1966 sssd-ldap.5.xml:746 sssd-ipa.5.xml:254 msgid "Default: 0 (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1954 +#: sssd.conf.5.xml:1972 msgid "cache_credentials (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1957 +#: sssd.conf.5.xml:1975 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1961 +#: sssd.conf.5.xml:1979 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1971 +#: sssd.conf.5.xml:1989 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1974 +#: sssd.conf.5.xml:1992 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " @@ -2441,24 +2460,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1981 +#: sssd.conf.5.xml:1999 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1986 +#: sssd.conf.5.xml:2004 msgid "Default: 8" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1992 +#: sssd.conf.5.xml:2010 msgid "account_cache_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1995 +#: sssd.conf.5.xml:2013 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -2467,17 +2486,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2002 +#: sssd.conf.5.xml:2020 msgid "Default: 0 (unlimited)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2007 +#: sssd.conf.5.xml:2025 msgid "pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2018 +#: sssd.conf.5.xml:2036 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -2486,33 +2505,33 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2025 +#: sssd.conf.5.xml:2043 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2031 +#: sssd.conf.5.xml:2049 msgid "id_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2034 +#: sssd.conf.5.xml:2052 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2038 +#: sssd.conf.5.xml:2056 msgid "<quote>proxy</quote>: Support a legacy NSS provider" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2041 sssd.conf.5.xml:2178 +#: sssd.conf.5.xml:2059 sssd.conf.5.xml:2196 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2045 +#: sssd.conf.5.xml:2063 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -2520,8 +2539,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2053 sssd.conf.5.xml:2158 sssd.conf.5.xml:2213 -#: sssd.conf.5.xml:2276 +#: sssd.conf.5.xml:2071 sssd.conf.5.xml:2176 sssd.conf.5.xml:2231 +#: sssd.conf.5.xml:2294 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -2530,8 +2549,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2062 sssd.conf.5.xml:2167 sssd.conf.5.xml:2222 -#: sssd.conf.5.xml:2285 +#: sssd.conf.5.xml:2080 sssd.conf.5.xml:2185 sssd.conf.5.xml:2240 +#: sssd.conf.5.xml:2303 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2539,19 +2558,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2073 +#: sssd.conf.5.xml:2091 msgid "use_fully_qualified_names (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2076 +#: sssd.conf.5.xml:2094 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2081 +#: sssd.conf.5.xml:2099 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -2560,7 +2579,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2089 +#: sssd.conf.5.xml:2107 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -2568,22 +2587,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2096 +#: sssd.conf.5.xml:2114 msgid "Default: FALSE (TRUE if default_domain_suffix is used)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2102 +#: sssd.conf.5.xml:2120 msgid "ignore_group_members (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2105 +#: sssd.conf.5.xml:2123 msgid "Do not return group members for group lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2108 +#: sssd.conf.5.xml:2126 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -2595,7 +2614,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2126 +#: sssd.conf.5.xml:2144 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " @@ -2603,19 +2622,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2137 +#: sssd.conf.5.xml:2155 msgid "auth_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2140 +#: sssd.conf.5.xml:2158 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2144 sssd.conf.5.xml:2206 +#: sssd.conf.5.xml:2162 sssd.conf.5.xml:2224 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2623,7 +2642,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2151 +#: sssd.conf.5.xml:2169 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2631,30 +2650,30 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2175 +#: sssd.conf.5.xml:2193 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2182 +#: sssd.conf.5.xml:2200 msgid "<quote>none</quote> disables authentication explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2185 +#: sssd.conf.5.xml:2203 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2191 +#: sssd.conf.5.xml:2209 msgid "access_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2194 +#: sssd.conf.5.xml:2212 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -2662,19 +2681,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2200 +#: sssd.conf.5.xml:2218 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2203 +#: sssd.conf.5.xml:2221 msgid "<quote>deny</quote> always deny access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2230 +#: sssd.conf.5.xml:2248 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -2683,7 +2702,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2237 +#: sssd.conf.5.xml:2255 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum></" @@ -2691,29 +2710,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2244 +#: sssd.conf.5.xml:2262 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2247 +#: sssd.conf.5.xml:2265 msgid "Default: <quote>permit</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2252 +#: sssd.conf.5.xml:2270 msgid "chpass_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2255 +#: sssd.conf.5.xml:2273 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2260 +#: sssd.conf.5.xml:2278 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -2721,7 +2740,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2268 +#: sssd.conf.5.xml:2286 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2729,35 +2748,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2293 +#: sssd.conf.5.xml:2311 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2297 +#: sssd.conf.5.xml:2315 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2300 +#: sssd.conf.5.xml:2318 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2307 +#: sssd.conf.5.xml:2325 msgid "sudo_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2310 +#: sssd.conf.5.xml:2328 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2314 +#: sssd.conf.5.xml:2332 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2765,32 +2784,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2322 +#: sssd.conf.5.xml:2340 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2326 +#: sssd.conf.5.xml:2344 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2330 +#: sssd.conf.5.xml:2348 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2333 sssd.conf.5.xml:2411 sssd.conf.5.xml:2476 -#: sssd.conf.5.xml:2501 +#: sssd.conf.5.xml:2351 sssd.conf.5.xml:2437 sssd.conf.5.xml:2507 +#: sssd.conf.5.xml:2532 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2337 +#: sssd.conf.5.xml:2355 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -2800,13 +2819,22 @@ msgid "" "<manvolnum>5</manvolnum> </citerefentry>." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2370 +msgid "" +"<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " +"background unless the sudo provider is explicitly disabled. Set " +"<emphasis>sudo_provider = None</emphasis> to disable all sudo-related " +"activity in SSSD if you do not want to use sudo with SSSD at all." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2354 +#: sssd.conf.5.xml:2380 msgid "selinux_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2357 +#: sssd.conf.5.xml:2383 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -2814,7 +2842,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2363 +#: sssd.conf.5.xml:2389 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -2822,31 +2850,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2371 +#: sssd.conf.5.xml:2397 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2374 +#: sssd.conf.5.xml:2400 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2380 +#: sssd.conf.5.xml:2406 msgid "subdomains_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2383 +#: sssd.conf.5.xml:2409 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2389 +#: sssd.conf.5.xml:2415 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -2854,7 +2882,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2398 +#: sssd.conf.5.xml:2424 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -2863,19 +2891,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2407 +#: sssd.conf.5.xml:2433 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2417 +#: sssd.conf.5.xml:2443 #, fuzzy #| msgid "re_expression (string)" msgid "session_provider (string)" msgstr "re_expression (neudennad)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2420 +#: sssd.conf.5.xml:2446 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " @@ -2883,36 +2911,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2427 +#: sssd.conf.5.xml:2453 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2431 +#: sssd.conf.5.xml:2457 msgid "" "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2435 +#: sssd.conf.5.xml:2461 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can perform " "session related tasks." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2465 +msgid "" +"<emphasis>NOTE:</emphasis> In order to have this feature working as expected " +"SSSD must be running as \"root\" and not as the unprivileged user." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2442 +#: sssd.conf.5.xml:2473 msgid "autofs_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2445 +#: sssd.conf.5.xml:2476 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2449 +#: sssd.conf.5.xml:2480 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2920,7 +2955,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2456 +#: sssd.conf.5.xml:2487 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2928,7 +2963,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2464 +#: sssd.conf.5.xml:2495 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2936,24 +2971,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2473 +#: sssd.conf.5.xml:2504 msgid "<quote>none</quote> disables autofs explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2483 +#: sssd.conf.5.xml:2514 msgid "hostid_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2486 +#: sssd.conf.5.xml:2517 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2490 +#: sssd.conf.5.xml:2521 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -2961,12 +2996,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2498 +#: sssd.conf.5.xml:2529 msgid "<quote>none</quote> disables hostid explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2511 +#: sssd.conf.5.xml:2542 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -2976,7 +3011,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2520 +#: sssd.conf.5.xml:2551 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -2985,29 +3020,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2525 +#: sssd.conf.5.xml:2556 msgid "username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2528 +#: sssd.conf.5.xml:2559 msgid "username@domain.name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2531 +#: sssd.conf.5.xml:2562 msgid "domain\\username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2534 +#: sssd.conf.5.xml:2565 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2539 +#: sssd.conf.5.xml:2570 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -3015,7 +3050,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2545 +#: sssd.conf.5.xml:2576 msgid "" "PLEASE NOTE: the support for non-unique named subpatterns is not available " "on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre " @@ -3023,66 +3058,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2552 +#: sssd.conf.5.xml:2583 msgid "" "PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?" "P<name>) to label subpatterns." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2599 +#: sssd.conf.5.xml:2630 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2605 +#: sssd.conf.5.xml:2636 msgid "lookup_family_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2608 +#: sssd.conf.5.xml:2639 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2612 +#: sssd.conf.5.xml:2643 msgid "Supported values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2615 +#: sssd.conf.5.xml:2646 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2618 +#: sssd.conf.5.xml:2649 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2621 +#: sssd.conf.5.xml:2652 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2624 +#: sssd.conf.5.xml:2655 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2627 +#: sssd.conf.5.xml:2658 msgid "Default: ipv4_first" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2633 +#: sssd.conf.5.xml:2664 msgid "dns_resolver_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2636 +#: sssd.conf.5.xml:2667 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the " "internal fail over service before assuming that the service is unreachable. " @@ -3091,77 +3126,77 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2643 +#: sssd.conf.5.xml:2674 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2648 sssd-ldap.5.xml:1278 sssd-ldap.5.xml:1320 -#: sssd-ldap.5.xml:1338 sssd-krb5.5.xml:248 +#: sssd.conf.5.xml:2679 sssd-ldap.5.xml:1396 sssd-ldap.5.xml:1438 +#: sssd-ldap.5.xml:1456 sssd-krb5.5.xml:248 msgid "Default: 6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2654 +#: sssd.conf.5.xml:2685 msgid "dns_discovery_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2657 +#: sssd.conf.5.xml:2688 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2661 +#: sssd.conf.5.xml:2692 msgid "Default: Use the domain part of machine's hostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2667 +#: sssd.conf.5.xml:2698 msgid "override_gid (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2670 +#: sssd.conf.5.xml:2701 msgid "Override the primary GID value with the one specified." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2676 +#: sssd.conf.5.xml:2707 msgid "case_sensitive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2684 +#: sssd.conf.5.xml:2715 msgid "True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2687 +#: sssd.conf.5.xml:2718 msgid "Case sensitive. This value is invalid for AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2693 +#: sssd.conf.5.xml:2724 msgid "False" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2695 +#: sssd.conf.5.xml:2726 msgid "Case insensitive." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2699 +#: sssd.conf.5.xml:2730 msgid "Preserving" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2702 +#: sssd.conf.5.xml:2733 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " @@ -3169,7 +3204,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2679 +#: sssd.conf.5.xml:2710 msgid "" "Treat user and group names as case sensitive. At the moment, this option is " "not supported in the local provider. Possible option values are: " @@ -3177,17 +3212,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2714 +#: sssd.conf.5.xml:2745 msgid "Default: True (False for AD provider)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2720 +#: sssd.conf.5.xml:2751 msgid "subdomain_inherit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2723 +#: sssd.conf.5.xml:2754 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " @@ -3195,34 +3230,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2729 +#: sssd.conf.5.xml:2760 msgid "ignore_group_members" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2732 +#: sssd.conf.5.xml:2763 msgid "ldap_purge_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2735 sssd-ldap.5.xml:1111 +#: sssd.conf.5.xml:2766 sssd-ldap.5.xml:1120 msgid "ldap_use_tokengroups" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2738 +#: sssd.conf.5.xml:2769 msgid "ldap_user_principal" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2741 +#: sssd.conf.5.xml:2772 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:2747 +#: sssd.conf.5.xml:2778 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" @@ -3230,32 +3265,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2745 sssd-secrets.5.xml:448 +#: sssd.conf.5.xml:2776 sssd-secrets.5.xml:448 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2754 +#: sssd.conf.5.xml:2785 msgid "Note: This option only works with the IPA and AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2761 +#: sssd.conf.5.xml:2792 msgid "subdomain_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2772 +#: sssd.conf.5.xml:2803 msgid "%F" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2773 +#: sssd.conf.5.xml:2804 msgid "flat (NetBIOS) name of a subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2764 +#: sssd.conf.5.xml:2795 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -3265,34 +3300,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2778 +#: sssd.conf.5.xml:2809 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2782 +#: sssd.conf.5.xml:2813 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2787 +#: sssd.conf.5.xml:2818 msgid "realmd_tags (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2790 +#: sssd.conf.5.xml:2821 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2796 +#: sssd.conf.5.xml:2827 msgid "cached_auth_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2799 +#: sssd.conf.5.xml:2830 msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " @@ -3300,20 +3335,58 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2805 +#: sssd.conf.5.xml:2836 msgid "Special value 0 implies that this feature is disabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2809 +#: sssd.conf.5.xml:2840 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " "<quote>initgroups.</quote>" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2851 +#, fuzzy +#| msgid "filter_users, filter_groups (string)" +msgid "auto_private_groups (string)" +msgstr "filter_users, filter_groups (neudennad)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2854 +msgid "" +"If this option is enabled, SSSD will automatically create user private " +"groups based on user's UID number. The GID number is ignored in this case." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2859 +msgid "" +"For POSIX subdomains, setting the option in the main domain is inherited in " +"the subdomain." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2863 +msgid "" +"For ID-mapping subdomains, auto_private_groups is already enabled for the " +"subdomains and setting it to false will not have any effect for the " +"subdomain." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2868 +msgid "" +"NOTE: Because the GID number and the user private group are inferred from " +"the UID number, it is not supported to have multiple entries with the same " +"UID or GID number with this option. In other words, enabling this option " +"enforces uniqueness across the ID space." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1670 +#: sssd.conf.5.xml:1677 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -3321,29 +3394,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2827 +#: sssd.conf.5.xml:2887 msgid "proxy_pam_target (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2830 +#: sssd.conf.5.xml:2890 msgid "The proxy target PAM proxies to." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2833 +#: sssd.conf.5.xml:2893 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2841 +#: sssd.conf.5.xml:2901 msgid "proxy_lib_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2844 +#: sssd.conf.5.xml:2904 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -3351,12 +3424,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2854 +#: sssd.conf.5.xml:2914 msgid "proxy_fast_alias (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2857 +#: sssd.conf.5.xml:2917 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -3365,12 +3438,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2871 +#: sssd.conf.5.xml:2931 msgid "proxy_max_children (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2874 +#: sssd.conf.5.xml:2934 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " @@ -3378,19 +3451,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:2823 +#: sssd.conf.5.xml:2883 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2890 +#: sssd.conf.5.xml:2950 msgid "Application domains" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2892 +#: sssd.conf.5.xml:2952 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> <refentrytitle>sssd-ifp</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) is appealing to " @@ -3407,7 +3480,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2912 +#: sssd.conf.5.xml:2972 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " @@ -3415,17 +3488,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:2918 +#: sssd.conf.5.xml:2978 msgid "Application domain parameters" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2920 +#: sssd.conf.5.xml:2980 msgid "inherit_from (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2923 +#: sssd.conf.5.xml:2983 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " @@ -3434,7 +3507,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2937 +#: sssd.conf.5.xml:2997 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " @@ -3444,7 +3517,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:2945 +#: sssd.conf.5.xml:3005 #, no-wrap msgid "" "[sssd]\n" @@ -3464,12 +3537,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2963 +#: sssd.conf.5.xml:3023 msgid "The local domain section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2965 +#: sssd.conf.5.xml:3025 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -3477,73 +3550,73 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2972 +#: sssd.conf.5.xml:3032 msgid "default_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2975 +#: sssd.conf.5.xml:3035 msgid "The default shell for users created with SSSD userspace tools." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2979 +#: sssd.conf.5.xml:3039 msgid "Default: <filename>/bin/bash</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2984 +#: sssd.conf.5.xml:3044 msgid "base_directory (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2987 +#: sssd.conf.5.xml:3047 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2992 +#: sssd.conf.5.xml:3052 msgid "Default: <filename>/home</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2997 +#: sssd.conf.5.xml:3057 msgid "create_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3000 +#: sssd.conf.5.xml:3060 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3004 sssd.conf.5.xml:3016 +#: sssd.conf.5.xml:3064 sssd.conf.5.xml:3076 msgid "Default: TRUE" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3009 +#: sssd.conf.5.xml:3069 msgid "remove_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3012 +#: sssd.conf.5.xml:3072 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3021 +#: sssd.conf.5.xml:3081 msgid "homedir_umask (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3024 +#: sssd.conf.5.xml:3084 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -3551,17 +3624,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3032 +#: sssd.conf.5.xml:3092 msgid "Default: 077" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3037 +#: sssd.conf.5.xml:3097 msgid "skel_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3040 +#: sssd.conf.5.xml:3100 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -3570,17 +3643,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3050 +#: sssd.conf.5.xml:3110 msgid "Default: <filename>/etc/skel</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3055 +#: sssd.conf.5.xml:3115 msgid "mail_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3058 +#: sssd.conf.5.xml:3118 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -3588,17 +3661,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3065 +#: sssd.conf.5.xml:3125 msgid "Default: <filename>/var/mail</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3070 +#: sssd.conf.5.xml:3130 msgid "userdel_cmd (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3073 +#: sssd.conf.5.xml:3133 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -3606,17 +3679,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3079 +#: sssd.conf.5.xml:3139 msgid "Default: None, no command is run" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3089 +#: sssd.conf.5.xml:3149 msgid "TRUSTED DOMAIN SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3091 +#: sssd.conf.5.xml:3151 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called <quote>[domain/" @@ -3627,64 +3700,64 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3098 +#: sssd.conf.5.xml:3158 msgid "ldap_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3099 +#: sssd.conf.5.xml:3159 msgid "ldap_user_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3100 +#: sssd.conf.5.xml:3160 msgid "ldap_group_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3101 +#: sssd.conf.5.xml:3161 msgid "ldap_netgroup_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3102 +#: sssd.conf.5.xml:3162 msgid "ldap_service_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3103 +#: sssd.conf.5.xml:3163 msgid "ad_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3104 +#: sssd.conf.5.xml:3164 msgid "ad_backup_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3105 +#: sssd.conf.5.xml:3165 msgid "ad_site," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3106 +#: sssd.conf.5.xml:3166 msgid "use_fully_qualified_names" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3108 +#: sssd.conf.5.xml:3168 msgid "" "For more details about these options see their individual description in the " "manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3114 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:3174 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3120 +#: sssd.conf.5.xml:3180 #, no-wrap msgid "" "[sssd]\n" @@ -3714,7 +3787,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3116 +#: sssd.conf.5.xml:3176 msgid "" "1. The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -3723,7 +3796,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3153 +#: sssd.conf.5.xml:3213 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" @@ -3731,7 +3804,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3147 +#: sssd.conf.5.xml:3207 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -3779,7 +3852,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:75 sssd-ad.5.xml:99 +#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:81 sssd-ad.5.xml:112 #: sssd-krb5.5.xml:63 sssd-ifp.5.xml:44 sssd-files.5.xml:57 #: sssd-secrets.5.xml:120 sssd-session-recording.5.xml:58 sssd-kcm.8.xml:139 msgid "CONFIGURATION OPTIONS" @@ -3880,7 +3953,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:662 sssd-ad.5.xml:270 +#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:662 sssd-ad.5.xml:283 #: sss_override.8.xml:137 sss_override.8.xml:234 msgid "Examples:" msgstr "" @@ -4081,7 +4154,7 @@ msgid "The LDAP attribute that corresponds to the user's primary group id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:297 sssd-ldap.5.xml:920 +#: sssd-ldap.5.xml:297 sssd-ldap.5.xml:929 msgid "Default: gidNumber" msgstr "" @@ -4159,7 +4232,7 @@ msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:364 sssd-ldap.5.xml:946 +#: sssd-ldap.5.xml:364 sssd-ldap.5.xml:955 msgid "" "Default: not set in the general case, objectGUID for AD and ipaUniqueID for " "IPA" @@ -4178,7 +4251,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:379 sssd-ldap.5.xml:961 +#: sssd-ldap.5.xml:379 sssd-ldap.5.xml:970 msgid "Default: objectSid for ActiveDirectory, not set for other servers." msgstr "" @@ -4188,14 +4261,14 @@ msgid "ldap_user_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:389 sssd-ldap.5.xml:971 sssd-ldap.5.xml:1194 +#: sssd-ldap.5.xml:389 sssd-ldap.5.xml:980 sssd-ldap.5.xml:1203 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:393 sssd-ldap.5.xml:975 sssd-ldap.5.xml:1201 +#: sssd-ldap.5.xml:393 sssd-ldap.5.xml:984 sssd-ldap.5.xml:1210 msgid "Default: modifyTimestamp" msgstr "" @@ -4527,7 +4600,7 @@ msgid "The LDAP attribute that contains the user's SSH public keys." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:692 +#: sssd-ldap.5.xml:692 sssd-ldap.5.xml:1306 msgid "Default: sshPublicKey" msgstr "" @@ -4590,8 +4663,8 @@ msgid "The LDAP attribute that corresponds to the user's full name." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:759 sssd-ldap.5.xml:1152 sssd-ldap.5.xml:1226 -#: sssd-ldap.5.xml:2276 sssd-ipa.5.xml:588 +#: sssd-ldap.5.xml:759 sssd-ldap.5.xml:1161 sssd-ldap.5.xml:1235 +#: sssd-ldap.5.xml:1344 sssd-ldap.5.xml:2394 sssd-ipa.5.xml:607 msgid "Default: cn" msgstr "" @@ -4606,7 +4679,7 @@ msgid "The LDAP attribute that lists the user's group memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:772 +#: sssd-ldap.5.xml:772 sssd-ldap.5.xml:1274 msgid "Default: memberOf" msgstr "" @@ -4738,105 +4811,115 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:881 +msgid "" +"Note: If an email address of a user conflicts with an email address or fully " +"qualified name of another user, then SSSD will not be able to serve those " +"users properly. If for some reason several users need to share the same " +"email address then set this option to a nonexistent attribute name in order " +"to disable user lookup/login by email." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:890 msgid "Default: mail" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:887 +#: sssd-ldap.5.xml:896 msgid "ldap_group_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:890 +#: sssd-ldap.5.xml:899 msgid "The object class of a group entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:893 +#: sssd-ldap.5.xml:902 msgid "Default: posixGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:899 +#: sssd-ldap.5.xml:908 msgid "ldap_group_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:902 +#: sssd-ldap.5.xml:911 msgid "The LDAP attribute that corresponds to the group name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:906 +#: sssd-ldap.5.xml:915 msgid "Default: cn (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:913 +#: sssd-ldap.5.xml:922 msgid "ldap_group_gid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:916 +#: sssd-ldap.5.xml:925 msgid "The LDAP attribute that corresponds to the group's id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:926 +#: sssd-ldap.5.xml:935 msgid "ldap_group_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:929 +#: sssd-ldap.5.xml:938 msgid "The LDAP attribute that contains the names of the group's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:933 +#: sssd-ldap.5.xml:942 msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:939 +#: sssd-ldap.5.xml:948 msgid "ldap_group_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:942 +#: sssd-ldap.5.xml:951 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:953 +#: sssd-ldap.5.xml:962 msgid "ldap_group_objectsid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:956 +#: sssd-ldap.5.xml:965 msgid "" "The LDAP attribute that contains the objectSID of an LDAP group object. This " "is usually only necessary for ActiveDirectory servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:968 +#: sssd-ldap.5.xml:977 msgid "ldap_group_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:981 +#: sssd-ldap.5.xml:990 msgid "ldap_group_type (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:984 +#: sssd-ldap.5.xml:993 msgid "" "The LDAP attribute that contains an integer value indicating the type of the " "group and maybe other flags." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:989 +#: sssd-ldap.5.xml:998 msgid "" "This attribute is currently only used by the AD provider to determine if a " "group is a domain local groups and has to be filtered out for trusted " @@ -4844,34 +4927,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:995 +#: sssd-ldap.5.xml:1004 msgid "Default: groupType in the AD provider, otherwise not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1002 +#: sssd-ldap.5.xml:1011 msgid "ldap_group_external_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1005 +#: sssd-ldap.5.xml:1014 msgid "" "The LDAP attribute that references group members that are defined in an " "external domain. At the moment, only IPA's external members are supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1011 +#: sssd-ldap.5.xml:1020 msgid "Default: ipaExternalMember in the IPA provider, otherwise unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1018 +#: sssd-ldap.5.xml:1027 msgid "ldap_group_nesting_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1021 +#: sssd-ldap.5.xml:1030 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -4879,7 +4962,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1028 +#: sssd-ldap.5.xml:1037 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -4889,7 +4972,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1037 +#: sssd-ldap.5.xml:1046 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " @@ -4899,17 +4982,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1046 +#: sssd-ldap.5.xml:1055 msgid "Default: 2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1052 +#: sssd-ldap.5.xml:1061 msgid "ldap_groups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1055 +#: sssd-ldap.5.xml:1064 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which may speed up group lookup operations on deployments with " @@ -4917,14 +5000,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1061 +#: sssd-ldap.5.xml:1070 msgid "" "In most common cases, it is best to leave this option disabled. It generally " "only provides a performance increase on very complex nestings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1066 sssd-ldap.5.xml:1093 +#: sssd-ldap.5.xml:1075 sssd-ldap.5.xml:1102 msgid "" "If this option is enabled, SSSD will use it if it detects that the server " "supports it during initial connection. So \"True\" here essentially means " @@ -4932,7 +5015,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1072 sssd-ldap.5.xml:1099 +#: sssd-ldap.5.xml:1081 sssd-ldap.5.xml:1108 msgid "" "Note: This feature is currently known to work only with Active Directory " "2008 R1 and later. See <ulink url=\"http://msdn.microsoft.com/en-us/library/" @@ -4941,12 +5024,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1084 +#: sssd-ldap.5.xml:1093 msgid "ldap_initgroups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1087 +#: sssd-ldap.5.xml:1096 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which might speed up initgroups operations (most notably when " @@ -4954,168 +5037,274 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1114 +#: sssd-ldap.5.xml:1123 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1119 +#: sssd-ldap.5.xml:1128 msgid "Default: True for AD and IPA otherwise False." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1125 +#: sssd-ldap.5.xml:1134 msgid "ldap_netgroup_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1128 +#: sssd-ldap.5.xml:1137 msgid "The object class of a netgroup entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1131 +#: sssd-ldap.5.xml:1140 msgid "In IPA provider, ipa_netgroup_object_class should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1135 +#: sssd-ldap.5.xml:1144 msgid "Default: nisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1141 +#: sssd-ldap.5.xml:1150 msgid "ldap_netgroup_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1144 +#: sssd-ldap.5.xml:1153 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1148 +#: sssd-ldap.5.xml:1157 msgid "In IPA provider, ipa_netgroup_name should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1158 +#: sssd-ldap.5.xml:1167 msgid "ldap_netgroup_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1161 +#: sssd-ldap.5.xml:1170 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1165 +#: sssd-ldap.5.xml:1174 msgid "In IPA provider, ipa_netgroup_member should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1169 +#: sssd-ldap.5.xml:1178 msgid "Default: memberNisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1175 +#: sssd-ldap.5.xml:1184 msgid "ldap_netgroup_triple (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1178 +#: sssd-ldap.5.xml:1187 msgid "" "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1182 sssd-ldap.5.xml:1198 +#: sssd-ldap.5.xml:1191 sssd-ldap.5.xml:1207 msgid "This option is not available in IPA provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1185 +#: sssd-ldap.5.xml:1194 msgid "Default: nisNetgroupTriple" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1191 +#: sssd-ldap.5.xml:1200 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1207 -msgid "ldap_service_object_class (string)" +#: sssd-ldap.5.xml:1216 +msgid "ldap_host_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1210 -msgid "The object class of a service entry in LDAP." +#: sssd-ldap.5.xml:1219 +msgid "The object class of a host entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1213 +#: sssd-ldap.5.xml:1222 sssd-ldap.5.xml:1331 msgid "Default: ipService" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1219 +#: sssd-ldap.5.xml:1228 +#, fuzzy +#| msgid "full_name_format (string)" +msgid "ldap_host_name (string)" +msgstr "full_name_format (neudennad)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1231 sssd-ldap.5.xml:1257 +msgid "The LDAP attribute that corresponds to the host's name." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1241 +msgid "ldap_host_fqdn (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1244 +msgid "" +"The LDAP attribute that corresponds to the host's fully-qualified domain " +"name." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1248 +#, fuzzy +#| msgid "Default: 3" +msgid "Default: fqdn" +msgstr "Dre ziouer : 3" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1254 +msgid "ldap_host_serverhostname (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1261 +#, fuzzy +#| msgid "Default: root" +msgid "Default: serverHostname" +msgstr "Dre zoiuer : root" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1267 +msgid "ldap_host_member_of (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1270 +msgid "The LDAP attribute that lists the host's group memberships." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1280 +msgid "ldap_host_search_base (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1283 +msgid "Optional. Use the given string as search base for host objects." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1287 sssd-ipa.5.xml:359 sssd-ipa.5.xml:378 +#: sssd-ipa.5.xml:397 sssd-ipa.5.xml:416 +msgid "" +"See <quote>ldap_search_base</quote> for information about configuring " +"multiple search bases." +msgstr "" + +#. type: Content of: <listitem><para> +#: sssd-ldap.5.xml:1292 sssd-ipa.5.xml:364 include/ldap_search_bases.xml:27 +msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1299 +msgid "ldap_host_ssh_public_key (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1302 +msgid "The LDAP attribute that contains the host's SSH public keys." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1312 +msgid "ldap_host_uuid (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1315 +msgid "The LDAP attribute that contains the UUID/GUID of an LDAP host object." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1325 +msgid "ldap_service_object_class (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1328 +msgid "The object class of a service entry in LDAP." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1337 msgid "ldap_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1222 +#: sssd-ldap.5.xml:1340 msgid "" "The LDAP attribute that contains the name of service attributes and their " "aliases." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1232 +#: sssd-ldap.5.xml:1350 msgid "ldap_service_port (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1235 +#: sssd-ldap.5.xml:1353 msgid "The LDAP attribute that contains the port managed by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1239 +#: sssd-ldap.5.xml:1357 msgid "Default: ipServicePort" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1245 +#: sssd-ldap.5.xml:1363 msgid "ldap_service_proto (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1248 +#: sssd-ldap.5.xml:1366 msgid "" "The LDAP attribute that contains the protocols understood by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1252 +#: sssd-ldap.5.xml:1370 msgid "Default: ipServiceProtocol" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1258 +#: sssd-ldap.5.xml:1376 msgid "ldap_service_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1263 +#: sssd-ldap.5.xml:1381 msgid "ldap_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1266 +#: sssd-ldap.5.xml:1384 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -5123,7 +5312,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1272 +#: sssd-ldap.5.xml:1390 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -5131,12 +5320,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1284 +#: sssd-ldap.5.xml:1402 msgid "ldap_enumeration_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1287 +#: sssd-ldap.5.xml:1405 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -5144,12 +5333,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1300 +#: sssd-ldap.5.xml:1418 msgid "ldap_network_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1303 +#: sssd-ldap.5.xml:1421 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -5160,12 +5349,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1326 +#: sssd-ldap.5.xml:1444 msgid "ldap_opt_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1329 +#: sssd-ldap.5.xml:1447 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -5174,12 +5363,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1344 +#: sssd-ldap.5.xml:1462 msgid "ldap_connection_expire_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1347 +#: sssd-ldap.5.xml:1465 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -5188,34 +5377,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1355 sssd-ldap.5.xml:2433 +#: sssd-ldap.5.xml:1473 sssd-ldap.5.xml:2551 msgid "Default: 900 (15 minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1361 +#: sssd-ldap.5.xml:1479 msgid "ldap_page_size (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1364 +#: sssd-ldap.5.xml:1482 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1369 +#: sssd-ldap.5.xml:1487 msgid "Default: 1000" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1375 +#: sssd-ldap.5.xml:1493 msgid "ldap_disable_paging (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1378 +#: sssd-ldap.5.xml:1496 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -5223,14 +5412,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1384 +#: sssd-ldap.5.xml:1502 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1390 +#: sssd-ldap.5.xml:1508 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -5238,17 +5427,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1402 +#: sssd-ldap.5.xml:1520 msgid "ldap_disable_range_retrieval (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1405 +#: sssd-ldap.5.xml:1523 msgid "Disable Active Directory range retrieval." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1408 +#: sssd-ldap.5.xml:1526 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -5258,12 +5447,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1423 +#: sssd-ldap.5.xml:1541 msgid "ldap_sasl_minssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1426 +#: sssd-ldap.5.xml:1544 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -5271,17 +5460,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1432 +#: sssd-ldap.5.xml:1550 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1439 +#: sssd-ldap.5.xml:1557 msgid "ldap_deref_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1442 +#: sssd-ldap.5.xml:1560 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -5289,13 +5478,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1448 +#: sssd-ldap.5.xml:1566 msgid "" "You can turn off dereference lookups completely by setting the value to 0." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1452 +#: sssd-ldap.5.xml:1570 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -5304,7 +5493,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1460 +#: sssd-ldap.5.xml:1578 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -5312,26 +5501,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1473 +#: sssd-ldap.5.xml:1591 msgid "ldap_tls_reqcert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1476 +#: sssd-ldap.5.xml:1594 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1482 +#: sssd-ldap.5.xml:1600 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1486 +#: sssd-ldap.5.xml:1604 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5339,7 +5528,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1493 +#: sssd-ldap.5.xml:1611 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5347,7 +5536,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1499 +#: sssd-ldap.5.xml:1617 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -5355,41 +5544,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1505 +#: sssd-ldap.5.xml:1623 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1509 +#: sssd-ldap.5.xml:1627 msgid "Default: hard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1515 +#: sssd-ldap.5.xml:1633 msgid "ldap_tls_cacert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1518 +#: sssd-ldap.5.xml:1636 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1523 sssd-ldap.5.xml:1541 sssd-ldap.5.xml:1582 +#: sssd-ldap.5.xml:1641 sssd-ldap.5.xml:1659 sssd-ldap.5.xml:1700 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1530 +#: sssd-ldap.5.xml:1648 msgid "ldap_tls_cacertdir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1533 +#: sssd-ldap.5.xml:1651 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -5398,32 +5587,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1548 +#: sssd-ldap.5.xml:1666 msgid "ldap_tls_cert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1551 +#: sssd-ldap.5.xml:1669 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1561 +#: sssd-ldap.5.xml:1679 msgid "ldap_tls_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1564 +#: sssd-ldap.5.xml:1682 msgid "Specifies the file that contains the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1573 +#: sssd-ldap.5.xml:1691 msgid "ldap_tls_cipher_suite (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1576 +#: sssd-ldap.5.xml:1694 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -5431,24 +5620,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1589 +#: sssd-ldap.5.xml:1707 msgid "ldap_id_use_start_tls (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1592 +#: sssd-ldap.5.xml:1710 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1602 +#: sssd-ldap.5.xml:1720 msgid "ldap_id_mapping (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1605 +#: sssd-ldap.5.xml:1723 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -5456,17 +5645,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1611 +#: sssd-ldap.5.xml:1729 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1621 +#: sssd-ldap.5.xml:1739 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1624 +#: sssd-ldap.5.xml:1742 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -5477,29 +5666,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1636 +#: sssd-ldap.5.xml:1754 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1642 +#: sssd-ldap.5.xml:1760 msgid "ldap_sasl_mech (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1645 +#: sssd-ldap.5.xml:1763 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI is tested and " "supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1655 +#: sssd-ldap.5.xml:1773 msgid "ldap_sasl_authid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1658 +#: sssd-ldap.5.xml:1776 msgid "" "Specify the SASL authorization id to use. When GSSAPI is used, this " "represents the Kerberos principal used for authentication to the directory. " @@ -5508,17 +5697,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1666 +#: sssd-ldap.5.xml:1784 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1672 +#: sssd-ldap.5.xml:1790 msgid "ldap_sasl_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1675 +#: sssd-ldap.5.xml:1793 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -5526,49 +5715,49 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1681 +#: sssd-ldap.5.xml:1799 msgid "Default: the value of krb5_realm." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1687 +#: sssd-ldap.5.xml:1805 msgid "ldap_sasl_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1690 +#: sssd-ldap.5.xml:1808 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1695 +#: sssd-ldap.5.xml:1813 msgid "Default: false;" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1701 +#: sssd-ldap.5.xml:1819 msgid "ldap_krb5_keytab (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1704 +#: sssd-ldap.5.xml:1822 msgid "Specify the keytab to use when using SASL/GSSAPI." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1707 +#: sssd-ldap.5.xml:1825 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1713 +#: sssd-ldap.5.xml:1831 msgid "ldap_krb5_init_creds (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1716 +#: sssd-ldap.5.xml:1834 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -5576,27 +5765,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1728 +#: sssd-ldap.5.xml:1846 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1731 +#: sssd-ldap.5.xml:1849 msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1735 sssd-ad.5.xml:914 +#: sssd-ldap.5.xml:1853 sssd-ad.5.xml:934 msgid "Default: 86400 (24 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1741 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1859 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1744 +#: sssd-ldap.5.xml:1862 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -5608,7 +5797,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1756 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1874 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -5616,7 +5805,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1761 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1879 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -5624,39 +5813,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1770 sssd-ipa.5.xml:432 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1888 sssd-ipa.5.xml:428 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1773 +#: sssd-ldap.5.xml:1891 msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1776 +#: sssd-ldap.5.xml:1894 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1782 sssd-krb5.5.xml:462 +#: sssd-ldap.5.xml:1900 sssd-krb5.5.xml:462 msgid "krb5_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1785 +#: sssd-ldap.5.xml:1903 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1797 sssd-krb5.5.xml:477 +#: sssd-ldap.5.xml:1915 sssd-krb5.5.xml:477 msgid "krb5_use_kdcinfo (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1800 sssd-krb5.5.xml:480 +#: sssd-ldap.5.xml:1918 sssd-krb5.5.xml:480 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -5666,7 +5855,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1811 sssd-krb5.5.xml:491 +#: sssd-ldap.5.xml:1929 sssd-krb5.5.xml:491 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -5674,26 +5863,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1825 +#: sssd-ldap.5.xml:1943 msgid "ldap_pwd_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1828 +#: sssd-ldap.5.xml:1946 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1833 +#: sssd-ldap.5.xml:1951 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1838 +#: sssd-ldap.5.xml:1956 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -5701,7 +5890,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1844 +#: sssd-ldap.5.xml:1962 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -5709,31 +5898,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1853 +#: sssd-ldap.5.xml:1971 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1861 +#: sssd-ldap.5.xml:1979 msgid "ldap_referrals (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1864 +#: sssd-ldap.5.xml:1982 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1868 +#: sssd-ldap.5.xml:1986 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1873 +#: sssd-ldap.5.xml:1991 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -5742,56 +5931,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1887 +#: sssd-ldap.5.xml:2005 msgid "ldap_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1890 +#: sssd-ldap.5.xml:2008 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1894 +#: sssd-ldap.5.xml:2012 msgid "Default: ldap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1900 +#: sssd-ldap.5.xml:2018 msgid "ldap_chpass_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1903 +#: sssd-ldap.5.xml:2021 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1908 +#: sssd-ldap.5.xml:2026 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1914 +#: sssd-ldap.5.xml:2032 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1917 +#: sssd-ldap.5.xml:2035 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1929 +#: sssd-ldap.5.xml:2047 msgid "ldap_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1932 +#: sssd-ldap.5.xml:2050 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -5807,12 +5996,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1952 +#: sssd-ldap.5.xml:2070 msgid "Example:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1955 +#: sssd-ldap.5.xml:2073 #, no-wrap msgid "" "access_provider = ldap\n" @@ -5821,14 +6010,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1959 +#: sssd-ldap.5.xml:2077 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1964 +#: sssd-ldap.5.xml:2082 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -5837,24 +6026,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1972 sssd-ldap.5.xml:2029 +#: sssd-ldap.5.xml:2090 sssd-ldap.5.xml:2147 msgid "Default: Empty" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1978 +#: sssd-ldap.5.xml:2096 msgid "ldap_account_expire_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1981 +#: sssd-ldap.5.xml:2099 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1985 +#: sssd-ldap.5.xml:2103 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -5862,19 +6051,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1992 +#: sssd-ldap.5.xml:2110 msgid "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1995 +#: sssd-ldap.5.xml:2113 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2000 +#: sssd-ldap.5.xml:2118 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -5883,7 +6072,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2007 +#: sssd-ldap.5.xml:2125 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -5891,7 +6080,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2013 +#: sssd-ldap.5.xml:2131 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -5900,7 +6089,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2022 +#: sssd-ldap.5.xml:2140 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -5908,22 +6097,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2035 +#: sssd-ldap.5.xml:2153 msgid "ldap_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2038 +#: sssd-ldap.5.xml:2156 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2042 +#: sssd-ldap.5.xml:2160 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2045 +#: sssd-ldap.5.xml:2163 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -5933,14 +6122,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2055 +#: sssd-ldap.5.xml:2173 msgid "" "<emphasis> Please note that this option is superseded by the <quote>ppolicy</" "quote> option and might be removed in a future release. </emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2062 +#: sssd-ldap.5.xml:2180 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -5953,12 +6142,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2079 +#: sssd-ldap.5.xml:2197 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2083 +#: sssd-ldap.5.xml:2201 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " @@ -5968,7 +6157,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2093 +#: sssd-ldap.5.xml:2211 msgid "" "The difference between these options is the action taken if user password is " "expired: pwd_expire_policy_reject - user is denied to log in, " @@ -5978,63 +6167,63 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2101 +#: sssd-ldap.5.xml:2219 msgid "" "Note If user password is expired no explicit message is prompted by SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2105 +#: sssd-ldap.5.xml:2223 msgid "" "Please note that 'access_provider = ldap' must be set for this feature to " "work. Also 'ldap_pwd_policy' must be set to an appropriate password policy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2110 +#: sssd-ldap.5.xml:2228 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2115 +#: sssd-ldap.5.xml:2233 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2119 +#: sssd-ldap.5.xml:2237 msgid "" "<emphasis>rhost</emphasis>: use the rhost attribute to determine whether " "remote host can access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2123 +#: sssd-ldap.5.xml:2241 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control option" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2128 +#: sssd-ldap.5.xml:2246 msgid "Default: filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2131 +#: sssd-ldap.5.xml:2249 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2138 +#: sssd-ldap.5.xml:2256 msgid "ldap_pwdlockout_dn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2141 +#: sssd-ldap.5.xml:2259 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " @@ -6043,74 +6232,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2149 +#: sssd-ldap.5.xml:2267 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2152 +#: sssd-ldap.5.xml:2270 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2158 +#: sssd-ldap.5.xml:2276 msgid "ldap_deref (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2161 +#: sssd-ldap.5.xml:2279 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2166 +#: sssd-ldap.5.xml:2284 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2170 +#: sssd-ldap.5.xml:2288 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2175 +#: sssd-ldap.5.xml:2293 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2180 +#: sssd-ldap.5.xml:2298 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2185 +#: sssd-ldap.5.xml:2303 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2193 +#: sssd-ldap.5.xml:2311 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2196 +#: sssd-ldap.5.xml:2314 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2200 +#: sssd-ldap.5.xml:2318 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -6121,7 +6310,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2211 +#: sssd-ldap.5.xml:2329 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -6129,24 +6318,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2223 sssd-ifp.5.xml:136 +#: sssd-ldap.5.xml:2341 sssd-ifp.5.xml:136 msgid "wildcard_limit (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2226 +#: sssd-ldap.5.xml:2344 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2230 +#: sssd-ldap.5.xml:2348 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2234 +#: sssd-ldap.5.xml:2352 msgid "Default: 1000 (often the size of one page)" msgstr "" @@ -6161,12 +6350,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2244 +#: sssd-ldap.5.xml:2362 msgid "SUDO OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2246 +#: sssd-ldap.5.xml:2364 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -6174,208 +6363,208 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2257 +#: sssd-ldap.5.xml:2375 msgid "ldap_sudorule_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2260 +#: sssd-ldap.5.xml:2378 msgid "The object class of a sudo rule entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2263 +#: sssd-ldap.5.xml:2381 msgid "Default: sudoRole" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2269 +#: sssd-ldap.5.xml:2387 msgid "ldap_sudorule_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2272 +#: sssd-ldap.5.xml:2390 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2282 +#: sssd-ldap.5.xml:2400 msgid "ldap_sudorule_command (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2285 +#: sssd-ldap.5.xml:2403 msgid "The LDAP attribute that corresponds to the command name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2289 +#: sssd-ldap.5.xml:2407 msgid "Default: sudoCommand" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2295 +#: sssd-ldap.5.xml:2413 msgid "ldap_sudorule_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2298 +#: sssd-ldap.5.xml:2416 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2303 +#: sssd-ldap.5.xml:2421 msgid "Default: sudoHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2309 +#: sssd-ldap.5.xml:2427 msgid "ldap_sudorule_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2312 +#: sssd-ldap.5.xml:2430 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2316 +#: sssd-ldap.5.xml:2434 msgid "Default: sudoUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2322 +#: sssd-ldap.5.xml:2440 msgid "ldap_sudorule_option (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2325 +#: sssd-ldap.5.xml:2443 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2329 +#: sssd-ldap.5.xml:2447 msgid "Default: sudoOption" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2335 +#: sssd-ldap.5.xml:2453 msgid "ldap_sudorule_runasuser (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2338 +#: sssd-ldap.5.xml:2456 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2342 +#: sssd-ldap.5.xml:2460 msgid "Default: sudoRunAsUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2348 +#: sssd-ldap.5.xml:2466 msgid "ldap_sudorule_runasgroup (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2351 +#: sssd-ldap.5.xml:2469 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2355 +#: sssd-ldap.5.xml:2473 msgid "Default: sudoRunAsGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2361 +#: sssd-ldap.5.xml:2479 msgid "ldap_sudorule_notbefore (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2364 +#: sssd-ldap.5.xml:2482 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2368 +#: sssd-ldap.5.xml:2486 msgid "Default: sudoNotBefore" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2374 +#: sssd-ldap.5.xml:2492 msgid "ldap_sudorule_notafter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2377 +#: sssd-ldap.5.xml:2495 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2382 +#: sssd-ldap.5.xml:2500 msgid "Default: sudoNotAfter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2388 +#: sssd-ldap.5.xml:2506 msgid "ldap_sudorule_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2391 +#: sssd-ldap.5.xml:2509 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2395 +#: sssd-ldap.5.xml:2513 msgid "Default: sudoOrder" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2401 +#: sssd-ldap.5.xml:2519 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2404 +#: sssd-ldap.5.xml:2522 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2409 +#: sssd-ldap.5.xml:2527 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2414 +#: sssd-ldap.5.xml:2532 msgid "Default: 21600 (6 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2420 +#: sssd-ldap.5.xml:2538 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2423 +#: sssd-ldap.5.xml:2541 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest USN " @@ -6383,101 +6572,101 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2429 +#: sssd-ldap.5.xml:2547 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2439 +#: sssd-ldap.5.xml:2557 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2442 +#: sssd-ldap.5.xml:2560 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2453 +#: sssd-ldap.5.xml:2571 msgid "ldap_sudo_hostnames (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2456 +#: sssd-ldap.5.xml:2574 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2461 +#: sssd-ldap.5.xml:2579 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2466 sssd-ldap.5.xml:2489 sssd-ldap.5.xml:2507 -#: sssd-ldap.5.xml:2525 +#: sssd-ldap.5.xml:2584 sssd-ldap.5.xml:2607 sssd-ldap.5.xml:2625 +#: sssd-ldap.5.xml:2643 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2471 sssd-ldap.5.xml:2494 +#: sssd-ldap.5.xml:2589 sssd-ldap.5.xml:2612 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2477 +#: sssd-ldap.5.xml:2595 msgid "ldap_sudo_ip (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2480 +#: sssd-ldap.5.xml:2598 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2485 +#: sssd-ldap.5.xml:2603 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2500 +#: sssd-ldap.5.xml:2618 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2503 +#: sssd-ldap.5.xml:2621 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2518 +#: sssd-ldap.5.xml:2636 msgid "ldap_sudo_include_regexp (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2521 +#: sssd-ldap.5.xml:2639 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2537 +#: sssd-ldap.5.xml:2655 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -6486,111 +6675,111 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2547 +#: sssd-ldap.5.xml:2665 msgid "AUTOFS OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2549 +#: sssd-ldap.5.xml:2667 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2555 +#: sssd-ldap.5.xml:2673 msgid "ldap_autofs_map_master_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2558 +#: sssd-ldap.5.xml:2676 msgid "The name of the automount master map in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2561 +#: sssd-ldap.5.xml:2679 msgid "Default: auto.master" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2568 +#: sssd-ldap.5.xml:2686 msgid "ldap_autofs_map_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2571 +#: sssd-ldap.5.xml:2689 msgid "The object class of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2574 +#: sssd-ldap.5.xml:2692 msgid "Default: nisMap (rfc2307, autofs_provider=ad), otherwise automountMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2582 +#: sssd-ldap.5.xml:2700 msgid "ldap_autofs_map_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2585 +#: sssd-ldap.5.xml:2703 msgid "The name of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2588 +#: sssd-ldap.5.xml:2706 msgid "" "Default: nisMapName (rfc2307, autofs_provider=ad), otherwise automountMapName" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2596 +#: sssd-ldap.5.xml:2714 msgid "ldap_autofs_entry_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2599 +#: sssd-ldap.5.xml:2717 msgid "" "The object class of an automount entry in LDAP. The entry usually " "corresponds to a mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2604 +#: sssd-ldap.5.xml:2722 msgid "Default: nisObject (rfc2307, autofs_provider=ad), otherwise automount" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2612 +#: sssd-ldap.5.xml:2730 msgid "ldap_autofs_entry_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2615 sssd-ldap.5.xml:2630 +#: sssd-ldap.5.xml:2733 sssd-ldap.5.xml:2748 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2619 +#: sssd-ldap.5.xml:2737 msgid "Default: cn (rfc2307, autofs_provider=ad), otherwise automountKey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2627 +#: sssd-ldap.5.xml:2745 msgid "ldap_autofs_entry_value (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2634 +#: sssd-ldap.5.xml:2752 msgid "" "Default: nisMapEntry (rfc2307, autofs_provider=ad), otherwise " "automountInformation" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2553 +#: sssd-ldap.5.xml:2671 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " @@ -6599,32 +6788,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2645 +#: sssd-ldap.5.xml:2763 msgid "ADVANCED OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2652 +#: sssd-ldap.5.xml:2770 msgid "ldap_netgroup_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2657 +#: sssd-ldap.5.xml:2775 msgid "ldap_user_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2662 +#: sssd-ldap.5.xml:2780 msgid "ldap_group_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> -#: sssd-ldap.5.xml:2667 +#: sssd-ldap.5.xml:2785 msgid "<note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> -#: sssd-ldap.5.xml:2669 +#: sssd-ldap.5.xml:2787 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " @@ -6633,22 +6822,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist> -#: sssd-ldap.5.xml:2676 +#: sssd-ldap.5.xml:2794 msgid "</note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2678 +#: sssd-ldap.5.xml:2796 msgid "ldap_sudo_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2683 +#: sssd-ldap.5.xml:2801 msgid "ldap_autofs_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2647 +#: sssd-ldap.5.xml:2765 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -6657,14 +6846,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2698 sssd-simple.5.xml:131 sssd-ipa.5.xml:717 -#: sssd-ad.5.xml:1018 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 +#: sssd-ldap.5.xml:2816 sssd-simple.5.xml:131 sssd-ipa.5.xml:736 +#: sssd-ad.5.xml:1038 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 #: sssd-files.5.xml:71 sssd-session-recording.5.xml:144 msgid "EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2700 +#: sssd-ldap.5.xml:2818 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -6672,7 +6861,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2706 +#: sssd-ldap.5.xml:2824 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -6685,27 +6874,27 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2705 sssd-ldap.5.xml:2723 sssd-simple.5.xml:139 -#: sssd-ipa.5.xml:725 sssd-ad.5.xml:1026 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 +#: sssd-ldap.5.xml:2823 sssd-ldap.5.xml:2841 sssd-simple.5.xml:139 +#: sssd-ipa.5.xml:744 sssd-ad.5.xml:1046 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 #: sssd-files.5.xml:78 sssd-session-recording.5.xml:150 #: include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2717 +#: sssd-ldap.5.xml:2835 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2719 +#: sssd-ldap.5.xml:2837 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2724 +#: sssd-ldap.5.xml:2842 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -6721,13 +6910,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2739 sssd_krb5_locator_plugin.8.xml:61 sssd-simple.5.xml:148 -#: sssd-ad.5.xml:1041 sssd.8.xml:195 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2857 sssd_krb5_locator_plugin.8.xml:61 sssd-simple.5.xml:148 +#: sssd-ad.5.xml:1061 sssd.8.xml:230 sss_seed.8.xml:163 msgid "NOTES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2741 +#: sssd-ldap.5.xml:2859 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -7133,7 +7322,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:70 sssd-ipa.5.xml:76 sssd-ad.5.xml:100 +#: sssd-simple.5.xml:70 sssd-ipa.5.xml:82 sssd-ad.5.xml:113 msgid "" "Refer to the section <quote>DOMAIN SECTIONS</quote> of the <citerefentry> " "<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" @@ -7983,7 +8172,7 @@ msgstr "" #: sss-certmap.5.xml:577 msgid "" "This template will add the OID which is stored in the registeredID component " -"of the SAN as as dotted-decimal string." +"of the SAN as a dotted-decimal string." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> @@ -8074,30 +8263,38 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:67 msgid "" +"If <quote>auth_provider=ipa</quote> or <quote>access_provider=ipa</quote> is " +"configured in sssd.conf then the id_provider must also be set to <quote>ipa</" +"quote>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:73 +msgid "" "The IPA provider will use the PAC responder if the Kerberos tickets of users " "from trusted realms contain a PAC. To make configuration easier the PAC " "responder is started automatically if the IPA ID provider is configured." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:83 +#: sssd-ipa.5.xml:89 msgid "ipa_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:86 +#: sssd-ipa.5.xml:92 msgid "" "Specifies the name of the IPA domain. This is optional. If not provided, " "the configuration domain name is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:94 +#: sssd-ipa.5.xml:100 msgid "ipa_server, ipa_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:97 +#: sssd-ipa.5.xml:103 msgid "" "The comma-separated list of IP addresses or hostnames of the IPA servers to " "which SSSD should connect in the order of preference. For more information " @@ -8107,12 +8304,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:110 +#: sssd-ipa.5.xml:116 msgid "ipa_hostname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:113 +#: sssd-ipa.5.xml:119 msgid "" "Optional. May be set on machines where the hostname(5) does not reflect the " "fully qualified name used in the IPA domain to identify this host. The " @@ -8120,12 +8317,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:122 sssd-ad.5.xml:843 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:863 msgid "dyndns_update (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:125 +#: sssd-ipa.5.xml:131 msgid "" "Optional. This option tells SSSD to automatically update the DNS server " "built into FreeIPA with the IP address of this client. The update is secured " @@ -8135,14 +8332,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:134 sssd-ad.5.xml:857 +#: sssd-ipa.5.xml:140 sssd-ad.5.xml:877 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:139 +#: sssd-ipa.5.xml:145 msgid "" "NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_update</" "emphasis> option, users should migrate to using <emphasis>dyndns_update</" @@ -8150,12 +8347,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:151 sssd-ad.5.xml:868 +#: sssd-ipa.5.xml:157 sssd-ad.5.xml:888 msgid "dyndns_ttl (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:154 sssd-ad.5.xml:871 +#: sssd-ipa.5.xml:160 sssd-ad.5.xml:891 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -8163,7 +8360,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:159 +#: sssd-ipa.5.xml:165 msgid "" "NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_ttl</" "emphasis> option, users should migrate to using <emphasis>dyndns_ttl</" @@ -8171,17 +8368,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:165 +#: sssd-ipa.5.xml:171 msgid "Default: 1200 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:171 sssd-ad.5.xml:882 +#: sssd-ipa.5.xml:177 sssd-ad.5.xml:902 msgid "dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:174 sssd-ad.5.xml:885 +#: sssd-ipa.5.xml:180 sssd-ad.5.xml:905 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " @@ -8190,7 +8387,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:181 +#: sssd-ipa.5.xml:187 msgid "" "NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_iface</" "emphasis> option, users should migrate to using <emphasis>dyndns_iface</" @@ -8198,24 +8395,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:187 +#: sssd-ipa.5.xml:193 msgid "" "Default: Use the IP addresses of the interface which is used for IPA LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:191 sssd-ad.5.xml:896 +#: sssd-ipa.5.xml:197 sssd-ad.5.xml:916 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:197 sssd-ad.5.xml:947 +#: sssd-ipa.5.xml:203 sssd-ad.5.xml:967 msgid "dyndns_auth (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:200 sssd-ad.5.xml:950 +#: sssd-ipa.5.xml:206 sssd-ad.5.xml:970 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " @@ -8223,22 +8420,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:206 sssd-ad.5.xml:956 +#: sssd-ipa.5.xml:212 sssd-ad.5.xml:976 msgid "Default: GSS-TSIG" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:212 +#: sssd-ipa.5.xml:218 msgid "ipa_enable_dns_sites (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:215 sssd-ad.5.xml:197 +#: sssd-ipa.5.xml:221 sssd-ad.5.xml:210 msgid "Enables DNS sites - location based service discovery." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:219 +#: sssd-ipa.5.xml:225 msgid "" "If true and service discovery (see Service Discovery paragraph at the bottom " "of the man page) is enabled, then the SSSD will first attempt location " @@ -8250,12 +8447,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:238 sssd-ad.5.xml:902 +#: sssd-ipa.5.xml:244 sssd-ad.5.xml:922 msgid "dyndns_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:241 +#: sssd-ipa.5.xml:247 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -8263,228 +8460,215 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:254 sssd-ad.5.xml:920 +#: sssd-ipa.5.xml:260 sssd-ad.5.xml:940 msgid "dyndns_update_ptr (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:257 sssd-ad.5.xml:923 +#: sssd-ipa.5.xml:263 sssd-ad.5.xml:943 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:262 +#: sssd-ipa.5.xml:268 msgid "" "This option should be False in most IPA deployments as the IPA server " "generates the PTR records automatically when forward records are changed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:268 +#: sssd-ipa.5.xml:274 msgid "Default: False (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:274 sssd-ad.5.xml:934 +#: sssd-ipa.5.xml:280 sssd-ad.5.xml:954 msgid "dyndns_force_tcp (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:277 sssd-ad.5.xml:937 +#: sssd-ipa.5.xml:283 sssd-ad.5.xml:957 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:281 sssd-ad.5.xml:941 +#: sssd-ipa.5.xml:287 sssd-ad.5.xml:961 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:287 sssd-ad.5.xml:962 +#: sssd-ipa.5.xml:293 sssd-ad.5.xml:982 msgid "dyndns_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:290 sssd-ad.5.xml:965 +#: sssd-ipa.5.xml:296 sssd-ad.5.xml:985 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:295 sssd-ad.5.xml:970 +#: sssd-ipa.5.xml:301 sssd-ad.5.xml:990 msgid "" "Setting this option makes sense for environments where the DNS server is " "different from the identity server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:300 sssd-ad.5.xml:975 +#: sssd-ipa.5.xml:306 sssd-ad.5.xml:995 msgid "" "Please note that this option will be only used in fallback attempt when " "previous attempt using autodetected settings failed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:305 sssd-ad.5.xml:980 +#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1000 msgid "Default: None (let nsupdate choose the server)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:311 +#: sssd-ipa.5.xml:317 msgid "ipa_deskprofile_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:314 +#: sssd-ipa.5.xml:320 msgid "" "Optional. Use the given string as search base for Desktop Profile related " "objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:318 sssd-ipa.5.xml:331 +#: sssd-ipa.5.xml:324 sssd-ipa.5.xml:337 msgid "Default: Use base DN" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:324 +#: sssd-ipa.5.xml:330 msgid "ipa_hbac_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:327 +#: sssd-ipa.5.xml:333 msgid "Optional. Use the given string as search base for HBAC related objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:337 +#: sssd-ipa.5.xml:343 msgid "ipa_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:340 -msgid "Optional. Use the given string as search base for host objects." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:344 sssd-ipa.5.xml:363 sssd-ipa.5.xml:382 sssd-ipa.5.xml:401 -#: sssd-ipa.5.xml:420 -msgid "" -"See <quote>ldap_search_base</quote> for information about configuring " -"multiple search bases." -msgstr "" - -#. type: Content of: <listitem><para> -#: sssd-ipa.5.xml:349 sssd-ipa.5.xml:368 include/ldap_search_bases.xml:27 -msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" +#: sssd-ipa.5.xml:346 +msgid "Deprecated. Use ldap_host_search_base instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:356 +#: sssd-ipa.5.xml:352 msgid "ipa_selinux_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:359 +#: sssd-ipa.5.xml:355 msgid "Optional. Use the given string as search base for SELinux user maps." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:375 +#: sssd-ipa.5.xml:371 msgid "ipa_subdomains_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:378 +#: sssd-ipa.5.xml:374 msgid "Optional. Use the given string as search base for trusted domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:387 +#: sssd-ipa.5.xml:383 msgid "Default: the value of <emphasis>cn=trusts,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:394 +#: sssd-ipa.5.xml:390 msgid "ipa_master_domain_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:397 +#: sssd-ipa.5.xml:393 msgid "Optional. Use the given string as search base for master domain object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:406 +#: sssd-ipa.5.xml:402 msgid "Default: the value of <emphasis>cn=ad,cn=etc,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:413 +#: sssd-ipa.5.xml:409 msgid "ipa_views_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:416 +#: sssd-ipa.5.xml:412 msgid "Optional. Use the given string as search base for views containers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:425 +#: sssd-ipa.5.xml:421 msgid "Default: the value of <emphasis>cn=views,cn=accounts,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:435 +#: sssd-ipa.5.xml:431 msgid "" "The name of the Kerberos realm. This is optional and defaults to the value " "of <quote>ipa_domain</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:439 +#: sssd-ipa.5.xml:435 msgid "" "The name of the Kerberos realm has a special meaning in IPA - it is " "converted into the base DN to use for performing LDAP operations." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:447 sssd-ad.5.xml:989 +#: sssd-ipa.5.xml:443 sssd-ad.5.xml:1009 msgid "krb5_confd_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:450 sssd-ad.5.xml:992 +#: sssd-ipa.5.xml:446 sssd-ad.5.xml:1012 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:454 sssd-ad.5.xml:996 +#: sssd-ipa.5.xml:450 sssd-ad.5.xml:1016 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:458 sssd-ad.5.xml:1000 +#: sssd-ipa.5.xml:454 sssd-ad.5.xml:1020 msgid "" "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:465 +#: sssd-ipa.5.xml:461 msgid "ipa_deskprofile_refresh (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:468 +#: sssd-ipa.5.xml:464 msgid "" "The amount of time between lookups of the Desktop Profile rules against the " "IPA server. This will reduce the latency and load on the IPA server if there " @@ -8492,36 +8676,36 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:475 sssd-ipa.5.xml:505 sssd-ipa.5.xml:521 sssd-ad.5.xml:408 +#: sssd-ipa.5.xml:471 sssd-ipa.5.xml:501 sssd-ipa.5.xml:517 sssd-ad.5.xml:428 msgid "Default: 5 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:481 +#: sssd-ipa.5.xml:477 msgid "ipa_deskprofile_request_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:484 +#: sssd-ipa.5.xml:480 msgid "" "The amount of time between lookups of the Desktop Profile rules against the " "IPA server in case the last request did not return any rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:489 +#: sssd-ipa.5.xml:485 #, fuzzy #| msgid "Default: true" msgid "Default: 60 (minutes)" msgstr "Dre ziouer : true" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:495 +#: sssd-ipa.5.xml:491 msgid "ipa_hbac_refresh (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:498 +#: sssd-ipa.5.xml:494 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server. " "This will reduce the latency and load on the IPA server if there are many " @@ -8529,12 +8713,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:511 +#: sssd-ipa.5.xml:507 msgid "ipa_hbac_selinux (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:514 +#: sssd-ipa.5.xml:510 msgid "" "The amount of time between lookups of the SELinux maps against the IPA " "server. This will reduce the latency and load on the IPA server if there are " @@ -8542,192 +8726,214 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:527 +#: sssd-ipa.5.xml:523 msgid "ipa_server_mode (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:530 +#: sssd-ipa.5.xml:526 msgid "" "This option will be set by the IPA installer (ipa-server-install) " "automatically and denotes if SSSD is running on an IPA server or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:535 +#: sssd-ipa.5.xml:531 msgid "" "On an IPA server SSSD will lookup users and groups from trusted domains " "directly while on a client it will ask an IPA server." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:536 +msgid "" +"NOTE: There are currently some assumptions that must be met when SSSD is " +"running on an IPA server." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ipa.5.xml:541 +msgid "" +"The <quote>ipa_server</quote> option must be configured to point to the IPA " +"server itself. This is already the default set by the IPA installer, so no " +"manual change is required." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ipa.5.xml:550 +msgid "" +"The <quote>full_name_format</quote> option must not be tweaked to only print " +"short names for users from trusted domains." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:546 +#: sssd-ipa.5.xml:565 msgid "ipa_automount_location (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:549 +#: sssd-ipa.5.xml:568 msgid "The automounter location this IPA client will be using" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:552 +#: sssd-ipa.5.xml:571 msgid "Default: The location named \"default\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:560 +#: sssd-ipa.5.xml:579 msgid "VIEWS AND OVERRIDES" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:569 +#: sssd-ipa.5.xml:588 msgid "ipa_view_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:572 +#: sssd-ipa.5.xml:591 msgid "Objectclass of the view container." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:575 +#: sssd-ipa.5.xml:594 msgid "Default: nsContainer" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:581 +#: sssd-ipa.5.xml:600 msgid "ipa_view_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:584 +#: sssd-ipa.5.xml:603 msgid "Name of the attribute holding the name of the view." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:594 +#: sssd-ipa.5.xml:613 msgid "ipa_override_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:597 +#: sssd-ipa.5.xml:616 msgid "Objectclass of the override objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:600 +#: sssd-ipa.5.xml:619 msgid "Default: ipaOverrideAnchor" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:606 +#: sssd-ipa.5.xml:625 msgid "ipa_anchor_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:609 +#: sssd-ipa.5.xml:628 msgid "" "Name of the attribute containing the reference to the original object in a " "remote domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:613 +#: sssd-ipa.5.xml:632 msgid "Default: ipaAnchorUUID" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:619 +#: sssd-ipa.5.xml:638 msgid "ipa_user_override_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:622 +#: sssd-ipa.5.xml:641 msgid "" "Name of the objectclass for user overrides. It is used to determine if the " "found override object is related to a user or a group." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:627 +#: sssd-ipa.5.xml:646 msgid "User overrides can contain attributes given by" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:630 +#: sssd-ipa.5.xml:649 msgid "ldap_user_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:633 +#: sssd-ipa.5.xml:652 msgid "ldap_user_uid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:636 +#: sssd-ipa.5.xml:655 msgid "ldap_user_gid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:639 +#: sssd-ipa.5.xml:658 msgid "ldap_user_gecos" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:642 +#: sssd-ipa.5.xml:661 msgid "ldap_user_home_directory" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:645 +#: sssd-ipa.5.xml:664 msgid "ldap_user_shell" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:648 +#: sssd-ipa.5.xml:667 msgid "ldap_user_ssh_public_key" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:653 +#: sssd-ipa.5.xml:672 msgid "Default: ipaUserOverride" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:659 +#: sssd-ipa.5.xml:678 msgid "ipa_group_override_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:662 +#: sssd-ipa.5.xml:681 msgid "" "Name of the objectclass for group overrides. It is used to determine if the " "found override object is related to a user or a group." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:667 +#: sssd-ipa.5.xml:686 msgid "Group overrides can contain attributes given by" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:670 +#: sssd-ipa.5.xml:689 msgid "ldap_group_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:673 +#: sssd-ipa.5.xml:692 msgid "ldap_group_gid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:678 +#: sssd-ipa.5.xml:697 msgid "Default: ipaGroupOverride" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:562 +#: sssd-ipa.5.xml:581 msgid "" "SSSD can handle views and overrides which are offered by FreeIPA 4.1 and " "later version. Since all paths and objectclasses are fixed on the server " @@ -8737,19 +8943,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ipa.5.xml:690 +#: sssd-ipa.5.xml:709 msgid "SUBDOMAINS PROVIDER" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:692 +#: sssd-ipa.5.xml:711 msgid "" "The IPA subdomains provider behaves slightly differently if it is configured " "explicitly or implicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:696 +#: sssd-ipa.5.xml:715 msgid "" "If the option 'subdomains_provider = ipa' is found in the domain section of " "sssd.conf, the IPA subdomains provider is configured explicitly, and all " @@ -8757,7 +8963,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:702 +#: sssd-ipa.5.xml:721 msgid "" "If the option 'subdomains_provider' is not set in the domain section of sssd." "conf but there is the option 'id_provider = ipa', the IPA subdomains " @@ -8769,7 +8975,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:719 +#: sssd-ipa.5.xml:738 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -8777,7 +8983,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:726 +#: sssd-ipa.5.xml:745 #, no-wrap msgid "" "[domain/example.com]\n" @@ -8813,7 +9019,7 @@ msgid "" "This provider requires that the machine be joined to the AD domain and a " "keytab is available. Back end communication occurs over a GSSAPI-encrypted " "channel, SSL/TLS options should not be used with the AD provider and will be " -"superceded by Kerberos usage." +"superseded by Kerberos usage." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> @@ -8861,8 +9067,16 @@ msgid "" "side." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ad.5.xml:79 +msgid "" +"If <quote>auth_provider=ad</quote> or <quote>access_provider=ad</quote> is " +"configured in sssd.conf then the id_provider must also be set to <quote>ad</" +"quote>." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:85 +#: sssd-ad.5.xml:91 #, no-wrap msgid "" "ldap_id_mapping = False\n" @@ -8870,20 +9084,25 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:79 +#: sssd-ad.5.xml:85 msgid "" "By default, the AD provider will map UID and GID values from the objectSID " "parameter in Active Directory. For details on this, see the <quote>ID " "MAPPING</quote> section below. If you want to disable ID mapping and instead " "rely on POSIX attributes defined in Active Directory, you should set " -"<placeholder type=\"programlisting\" id=\"0\"/> In order to retrieve users " -"and groups using POSIX attributes from trusted domains, the AD administrator " -"must make sure that the POSIX attributes are replicated to the Global " -"Catalog." +"<placeholder type=\"programlisting\" id=\"0\"/> If POSIX attributes should " +"be used, it is recommended for performance reasons that the attributes are " +"also replicated to the Global Catalog. If POSIX attributes are replicated, " +"SSSD will attempt to locate the domain of a requested numerical ID with the " +"help of the Global Catalog and only search that domain. In contrast, if " +"POSIX attributes are not replicated to the Global Catalog, SSSD must search " +"all the domains in the forest sequentially. Please note that the " +"<quote>cache_first</quote> option might be also helpful in speeding up " +"domainless searches." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:92 +#: sssd-ad.5.xml:105 msgid "" "Users, groups and other entities served by SSSD are always treated as case-" "insensitive in the AD provider for compatibility with Active Directory's " @@ -8891,38 +9110,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:107 +#: sssd-ad.5.xml:120 msgid "ad_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:110 +#: sssd-ad.5.xml:123 msgid "" "Specifies the name of the Active Directory domain. This is optional. If not " "provided, the configuration domain name is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:115 +#: sssd-ad.5.xml:128 msgid "" "For proper operation, this option should be specified as the lower-case " "version of the long version of the Active Directory domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:120 +#: sssd-ad.5.xml:133 msgid "" "The short domain name (also known as the NetBIOS or the flat name) is " "autodetected by the SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:127 +#: sssd-ad.5.xml:140 msgid "ad_enabled_domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:130 +#: sssd-ad.5.xml:143 msgid "" "A comma-separated list of enabled Active Directory domains. If provided, " "SSSD will ignore any domains not listed in this option. If left unset, all " @@ -8930,7 +9149,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:140 +#: sssd-ad.5.xml:153 #, no-wrap msgid "" "ad_enabled_domains = sales.example.com, eng.example.com\n" @@ -8938,7 +9157,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:136 +#: sssd-ad.5.xml:149 msgid "" "For proper operation, this option must be specified in all lower-case and as " "the fully qualified domain name of the Active Directory domain. For example: " @@ -8946,19 +9165,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:144 +#: sssd-ad.5.xml:157 msgid "" "The short domain name (also known as the NetBIOS or the flat name) will be " "autodetected by SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:154 +#: sssd-ad.5.xml:167 msgid "ad_server, ad_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:157 +#: sssd-ad.5.xml:170 msgid "" "The comma-separated list of hostnames of the AD servers to which SSSD should " "connect in order of preference. For more information on failover and server " @@ -8966,26 +9185,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:164 +#: sssd-ad.5.xml:177 msgid "" "This is optional if autodiscovery is enabled. For more information on " "service discovery, refer to the <quote>SERVICE DISCOVERY</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:169 +#: sssd-ad.5.xml:182 msgid "" "Note: Trusted domains will always auto-discover servers even if the primary " "server is explicitly defined in the ad_server option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:177 +#: sssd-ad.5.xml:190 msgid "ad_hostname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:180 +#: sssd-ad.5.xml:193 msgid "" "Optional. May be set on machines where the hostname(5) does not reflect the " "fully qualified name used in the Active Directory domain to identify this " @@ -8993,19 +9212,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:186 +#: sssd-ad.5.xml:199 msgid "" "This field is used to determine the host principal in use in the keytab. It " "must match the hostname for which the keytab was issued." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:194 +#: sssd-ad.5.xml:207 msgid "ad_enable_dns_sites (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:201 +#: sssd-ad.5.xml:214 msgid "" "If true and service discovery (see Service Discovery paragraph at the bottom " "of the man page) is enabled, the SSSD will first attempt to discover the " @@ -9016,12 +9235,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:217 +#: sssd-ad.5.xml:230 msgid "ad_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:220 +#: sssd-ad.5.xml:233 msgid "" "This option specifies LDAP access control filter that the user must match in " "order to be allowed access. Please note that the <quote>access_provider</" @@ -9030,7 +9249,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:228 +#: sssd-ad.5.xml:241 msgid "" "The option also supports specifying different filters per domain or forest. " "This extended filter would consist of: <quote>KEYWORD:NAME:FILTER</quote>. " @@ -9039,7 +9258,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:236 +#: sssd-ad.5.xml:249 msgid "" "If the keyword equals to <quote>DOM</quote> or is missing, then <quote>NAME</" "quote> specifies the domain or subdomain the filter applies to. If the " @@ -9048,14 +9267,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:244 +#: sssd-ad.5.xml:257 msgid "" "Multiple filters can be separated with the <quote>?</quote> character, " "similarly to how search bases work." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:249 +#: sssd-ad.5.xml:262 msgid "" "Nested group membership must be searched for using a special OID " "<quote>:1.2.840.113556.1.4.1941:</quote> in addition to the full DOM:domain." @@ -9068,7 +9287,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:262 +#: sssd-ad.5.xml:275 msgid "" "The most specific match is always used. For example, if the option specified " "filter for a domain the user is a member of and a global filter, the per-" @@ -9077,7 +9296,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ad.5.xml:273 +#: sssd-ad.5.xml:286 #, no-wrap msgid "" "# apply filter on domain called dom1 only:\n" @@ -9095,24 +9314,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:292 +#: sssd-ad.5.xml:305 msgid "ad_site (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:295 +#: sssd-ad.5.xml:308 msgid "" "Specify AD site to which client should try to connect. If this option is " "not provided, the AD site will be auto-discovered." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:306 +#: sssd-ad.5.xml:319 msgid "ad_enable_gc (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:309 +#: sssd-ad.5.xml:322 msgid "" "By default, the SSSD connects to the Global Catalog first to retrieve users " "from trusted domains and uses the LDAP port to retrieve group memberships or " @@ -9121,7 +9340,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:317 +#: sssd-ad.5.xml:330 msgid "" "Please note that disabling Global Catalog support does not disable " "retrieving users from trusted domains. The SSSD would connect to the LDAP " @@ -9130,12 +9349,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:331 +#: sssd-ad.5.xml:344 msgid "ad_gpo_access_control (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:334 +#: sssd-ad.5.xml:347 msgid "" "This option specifies the operation mode for GPO-based access control " "functionality: whether it operates in disabled mode, enforcing mode, or " @@ -9145,14 +9364,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:343 +#: sssd-ad.5.xml:356 msgid "" "GPO-based access control functionality uses GPO policy settings to determine " "whether or not a particular user is allowed to logon to a particular host." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:349 +#: sssd-ad.5.xml:362 +msgid "" +"NOTE: The current version of SSSD does not support host (computer) entries " +"in the GPO 'Security Filtering' list. Only user and group entries are " +"supported. Host entries in the list have no effect." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:369 msgid "" "NOTE: If the operation mode is set to enforcing, it is possible that users " "that were previously allowed logon access will now be denied logon access " @@ -9165,23 +9392,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:362 +#: sssd-ad.5.xml:382 msgid "There are three supported values for this option:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:366 +#: sssd-ad.5.xml:386 msgid "" "disabled: GPO-based access control rules are neither evaluated nor enforced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:372 +#: sssd-ad.5.xml:392 msgid "enforcing: GPO-based access control rules are evaluated and enforced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:378 +#: sssd-ad.5.xml:398 msgid "" "permissive: GPO-based access control rules are evaluated, but not enforced. " "Instead, a syslog message will be emitted indicating that the user would " @@ -9189,22 +9416,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:389 +#: sssd-ad.5.xml:409 msgid "Default: permissive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:392 +#: sssd-ad.5.xml:412 msgid "Default: enforcing" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:398 +#: sssd-ad.5.xml:418 msgid "ad_gpo_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:401 +#: sssd-ad.5.xml:421 msgid "" "The amount of time between lookups of GPO policy files against the AD " "server. This will reduce the latency and load on the AD server if there are " @@ -9212,12 +9439,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:414 +#: sssd-ad.5.xml:434 msgid "ad_gpo_map_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:417 +#: sssd-ad.5.xml:437 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the InteractiveLogonRight and " @@ -9225,14 +9452,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:423 +#: sssd-ad.5.xml:443 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on locally\" and \"Deny log on locally\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:437 +#: sssd-ad.5.xml:457 #, no-wrap msgid "" "ad_gpo_map_interactive = +my_pam_service, -login\n" @@ -9240,7 +9467,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:428 +#: sssd-ad.5.xml:448 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9252,78 +9479,78 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:441 sssd-ad.5.xml:537 sssd-ad.5.xml:583 sssd-ad.5.xml:628 -#: sssd-ad.5.xml:694 +#: sssd-ad.5.xml:461 sssd-ad.5.xml:557 sssd-ad.5.xml:603 sssd-ad.5.xml:648 +#: sssd-ad.5.xml:714 msgid "Default: the default set of PAM service names includes:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:445 +#: sssd-ad.5.xml:465 msgid "login" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:450 +#: sssd-ad.5.xml:470 msgid "su" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:455 +#: sssd-ad.5.xml:475 msgid "su-l" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:460 +#: sssd-ad.5.xml:480 msgid "gdm-fingerprint" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:465 +#: sssd-ad.5.xml:485 msgid "gdm-password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:470 +#: sssd-ad.5.xml:490 msgid "gdm-smartcard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:475 +#: sssd-ad.5.xml:495 msgid "kdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:480 +#: sssd-ad.5.xml:500 msgid "lightdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:485 +#: sssd-ad.5.xml:505 msgid "lxdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:490 +#: sssd-ad.5.xml:510 msgid "sddm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:495 +#: sssd-ad.5.xml:515 msgid "unity" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:500 +#: sssd-ad.5.xml:520 msgid "xdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:509 +#: sssd-ad.5.xml:529 msgid "ad_gpo_map_remote_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:512 +#: sssd-ad.5.xml:532 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the RemoteInteractiveLogonRight and " @@ -9331,7 +9558,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:518 +#: sssd-ad.5.xml:538 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on through Remote Desktop Services\" and \"Deny log on through Remote " @@ -9339,7 +9566,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:533 +#: sssd-ad.5.xml:553 #, no-wrap msgid "" "ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n" @@ -9347,7 +9574,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:524 +#: sssd-ad.5.xml:544 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9359,22 +9586,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:541 +#: sssd-ad.5.xml:561 msgid "sshd" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:546 +#: sssd-ad.5.xml:566 msgid "cockpit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:555 +#: sssd-ad.5.xml:575 msgid "ad_gpo_map_network (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:558 +#: sssd-ad.5.xml:578 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the NetworkLogonRight and " @@ -9382,7 +9609,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:564 +#: sssd-ad.5.xml:584 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Access " "this computer from the network\" and \"Deny access to this computer from the " @@ -9390,7 +9617,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:579 +#: sssd-ad.5.xml:599 #, no-wrap msgid "" "ad_gpo_map_network = +my_pam_service, -ftp\n" @@ -9398,7 +9625,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:570 +#: sssd-ad.5.xml:590 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9410,22 +9637,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:587 +#: sssd-ad.5.xml:607 msgid "ftp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:592 +#: sssd-ad.5.xml:612 msgid "samba" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:601 +#: sssd-ad.5.xml:621 msgid "ad_gpo_map_batch (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:604 +#: sssd-ad.5.xml:624 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " @@ -9433,14 +9660,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:610 +#: sssd-ad.5.xml:630 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a batch job\" and \"Deny log on as a batch job\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:624 +#: sssd-ad.5.xml:644 #, no-wrap msgid "" "ad_gpo_map_batch = +my_pam_service, -crond\n" @@ -9448,7 +9675,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:615 +#: sssd-ad.5.xml:635 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9460,17 +9687,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:632 +#: sssd-ad.5.xml:652 msgid "crond" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:641 +#: sssd-ad.5.xml:661 msgid "ad_gpo_map_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:644 +#: sssd-ad.5.xml:664 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the ServiceLogonRight and " @@ -9478,14 +9705,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:650 +#: sssd-ad.5.xml:670 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a service\" and \"Deny log on as a service\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:663 +#: sssd-ad.5.xml:683 #, no-wrap msgid "" "ad_gpo_map_service = +my_pam_service\n" @@ -9493,7 +9720,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:655 sssd-ad.5.xml:730 +#: sssd-ad.5.xml:675 sssd-ad.5.xml:750 msgid "" "It is possible to add a PAM service name to the default set by using <quote>" "+service_name</quote>. Since the default set is empty, it is not possible " @@ -9504,19 +9731,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:673 +#: sssd-ad.5.xml:693 msgid "ad_gpo_map_permit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:676 +#: sssd-ad.5.xml:696 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always granted, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:690 +#: sssd-ad.5.xml:710 #, no-wrap msgid "" "ad_gpo_map_permit = +my_pam_service, -sudo\n" @@ -9524,7 +9751,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:681 +#: sssd-ad.5.xml:701 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9536,39 +9763,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:698 +#: sssd-ad.5.xml:718 msgid "polkit-1" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:703 +#: sssd-ad.5.xml:723 msgid "sudo" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:708 +#: sssd-ad.5.xml:728 msgid "sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:713 +#: sssd-ad.5.xml:733 msgid "systemd-user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:722 +#: sssd-ad.5.xml:742 msgid "ad_gpo_map_deny (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:725 +#: sssd-ad.5.xml:745 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always denied, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:738 +#: sssd-ad.5.xml:758 #, no-wrap msgid "" "ad_gpo_map_deny = +my_pam_service\n" @@ -9576,12 +9803,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:748 +#: sssd-ad.5.xml:768 msgid "ad_gpo_default_right (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:751 +#: sssd-ad.5.xml:771 msgid "" "This option defines how access control is evaluated for PAM service names " "that are not explicitly listed in one of the ad_gpo_map_* options. This " @@ -9594,57 +9821,57 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:764 +#: sssd-ad.5.xml:784 msgid "Supported values for this option include:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:768 +#: sssd-ad.5.xml:788 msgid "interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:773 +#: sssd-ad.5.xml:793 msgid "remote_interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:778 +#: sssd-ad.5.xml:798 msgid "network" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:783 +#: sssd-ad.5.xml:803 msgid "batch" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:788 +#: sssd-ad.5.xml:808 msgid "service" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:793 +#: sssd-ad.5.xml:813 msgid "permit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:798 +#: sssd-ad.5.xml:818 msgid "deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:804 +#: sssd-ad.5.xml:824 msgid "Default: deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:810 +#: sssd-ad.5.xml:830 msgid "ad_maximum_machine_account_password_age (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:813 +#: sssd-ad.5.xml:833 msgid "" "SSSD will check once a day if the machine account password is older than the " "given age in days and try to renew it. A value of 0 will disable the renewal " @@ -9652,17 +9879,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:819 +#: sssd-ad.5.xml:839 msgid "Default: 30 days" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:825 +#: sssd-ad.5.xml:845 msgid "ad_machine_account_password_renewal_opts (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:828 +#: sssd-ad.5.xml:848 msgid "" "This option should only be used to test the machine account renewal task. " "The option expects 2 integers separated by a colon (':'). The first integer " @@ -9672,12 +9899,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:837 +#: sssd-ad.5.xml:857 msgid "Default: 86400:750 (24h and 15m)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:846 +#: sssd-ad.5.xml:866 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -9688,19 +9915,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:876 +#: sssd-ad.5.xml:896 msgid "Default: 3600 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:892 +#: sssd-ad.5.xml:912 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:905 +#: sssd-ad.5.xml:925 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -9710,12 +9937,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:928 sss_rpcidmapd.5.xml:76 +#: sssd-ad.5.xml:948 sss_rpcidmapd.5.xml:76 msgid "Default: True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1020 +#: sssd-ad.5.xml:1040 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -9723,7 +9950,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1027 +#: sssd-ad.5.xml:1047 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -9738,7 +9965,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1047 +#: sssd-ad.5.xml:1067 #, no-wrap msgid "" "access_provider = ldap\n" @@ -9747,7 +9974,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1043 +#: sssd-ad.5.xml:1063 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -9755,7 +9982,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1053 +#: sssd-ad.5.xml:1073 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -9765,7 +9992,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1061 +#: sssd-ad.5.xml:1081 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " @@ -10075,33 +10302,79 @@ msgid "" "files for every SSSD service and domain." msgstr "" +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:94 +msgid "" +"This option is deprecated. It is replaced by <option>--logger=files</option>." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:97 +#: sssd.8.xml:101 +#, fuzzy +#| msgid "" +#| "<option>-a</option>,<option>--append-group</option> <replaceable>GROUPS</" +#| "replaceable>" +msgid "<option>--logger=</option><replaceable>value</replaceable>" +msgstr "" +"<option>-a</option>,<option>--append-group</option> <replaceable>GROUPS</" +"replaceable>" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:105 +msgid "" +"Location where SSSD will send log messages. This option overrides the value " +"of the deprecated option <option>--debug-to-files</option>. The deprecated " +"option will still work if the <option>--logger</option> is not used." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:112 +msgid "" +"<emphasis>stderr</emphasis>: Redirect debug messages to standard error " +"output." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:116 +msgid "" +"<emphasis>files</emphasis>: Redirect debug messages to the log files. By " +"default, the log files are stored in <filename>/var/log/sssd</filename> and " +"there are separate log files for every SSSD service and domain." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:122 +msgid "" +"<emphasis>journald</emphasis>: Redirect debug messages to systemd-journald" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sssd.8.xml:132 msgid "<option>-D</option>,<option>--daemon</option>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:101 +#: sssd.8.xml:136 msgid "Become a daemon after starting up." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:107 sss_seed.8.xml:136 +#: sssd.8.xml:142 sss_seed.8.xml:136 msgid "<option>-i</option>,<option>--interactive</option>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:111 +#: sssd.8.xml:146 msgid "Run in the foreground, don't become a daemon." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:117 +#: sssd.8.xml:152 msgid "<option>-c</option>,<option>--config</option>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:121 +#: sssd.8.xml:156 msgid "" "Specify a non-default config file. The default is <filename>/etc/sssd/sssd." "conf</filename>. For reference on the config file syntax and options, " @@ -10110,39 +10383,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:135 +#: sssd.8.xml:170 msgid "<option>--version</option>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:139 +#: sssd.8.xml:174 msgid "Print version number and exit." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.8.xml:147 +#: sssd.8.xml:182 msgid "Signals" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:150 +#: sssd.8.xml:185 msgid "SIGTERM/SIGINT" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:153 +#: sssd.8.xml:188 msgid "" "Informs the SSSD to gracefully terminate all of its child processes and then " "shut down the monitor." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:159 +#: sssd.8.xml:194 msgid "SIGHUP" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:162 +#: sssd.8.xml:197 msgid "" "Tells the SSSD to stop writing to its current debug file descriptors and to " "close and reopen them. This is meant to facilitate log rolling with programs " @@ -10150,12 +10423,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:170 +#: sssd.8.xml:205 msgid "SIGUSR1" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:173 +#: sssd.8.xml:208 msgid "" "Tells the SSSD to simulate offline operation for the duration of the " "<quote>offline_timeout</quote> parameter. This is useful for testing. The " @@ -10164,12 +10437,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:182 +#: sssd.8.xml:217 msgid "SIGUSR2" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:185 +#: sssd.8.xml:220 msgid "" "Tells the SSSD to go online immediately. This is useful for testing. The " "signal can be sent to either the sssd process or any sssd_be process " @@ -10177,7 +10450,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.8.xml:197 +#: sssd.8.xml:232 msgid "" "If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", client " "applications will not use the fast in memory cache." @@ -12535,7 +12808,7 @@ msgid "" "project was born to deal with this problem in cloud like environments, but " "we found the idea compelling even at a single system level. As a security " "service, SSSD is ideal to host this capability while offering the same API " -"via a Unix Socket. This will make it possible to use local calls and have " +"via a UNIX Socket. This will make it possible to use local calls and have " "them transparently routed to a local or a remote key management store like " "IPA Vault for storage, escrow and recovery." msgstr "" diff --git a/src/man/po/ca.po b/src/man/po/ca.po index c3bac849e7b..f11109b9424 100644 --- a/src/man/po/ca.po +++ b/src/man/po/ca.po @@ -14,7 +14,7 @@ msgid "" msgstr "" "Project-Id-Version: sssd-docs 1.15.3\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2017-10-20 16:15+0200\n" +"POT-Creation-Date: 2018-03-09 12:30+0100\n" "PO-Revision-Date: 2015-10-18 04:13-0400\n" "Last-Translator: Robert Antoni Buj Gelonch <rbuj@fedoraproject.org>\n" "Language-Team: Catalan (http://www.transifex.com/projects/p/sssd/language/" @@ -336,9 +336,9 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:133 sssd.conf.5.xml:543 sssd.conf.5.xml:837 -#: sssd.conf.5.xml:1467 sssd-ldap.5.xml:1722 sssd-ldap.5.xml:1819 -#: sssd-ldap.5.xml:1881 sssd-ldap.5.xml:2447 sssd-ldap.5.xml:2512 -#: sssd-ldap.5.xml:2530 sssd-ad.5.xml:211 sssd-ad.5.xml:325 sssd-ad.5.xml:862 +#: sssd.conf.5.xml:1474 sssd-ldap.5.xml:1840 sssd-ldap.5.xml:1937 +#: sssd-ldap.5.xml:1999 sssd-ldap.5.xml:2565 sssd-ldap.5.xml:2630 +#: sssd-ldap.5.xml:2648 sssd-ad.5.xml:224 sssd-ad.5.xml:338 sssd-ad.5.xml:882 #: sssd-krb5.5.xml:499 sssd-secrets.5.xml:351 sssd-secrets.5.xml:364 msgid "Default: true" msgstr "Per defecte: true" @@ -360,16 +360,16 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:146 sssd.conf.5.xml:540 sssd.conf.5.xml:721 -#: sssd.conf.5.xml:1400 sssd.conf.5.xml:2865 sssd-ldap.5.xml:708 -#: sssd-ldap.5.xml:1596 sssd-ldap.5.xml:1615 sssd-ldap.5.xml:1791 -#: sssd-ldap.5.xml:2217 sssd-ipa.5.xml:145 sssd-ipa.5.xml:232 -#: sssd-ipa.5.xml:540 sssd-krb5.5.xml:266 sssd-krb5.5.xml:300 +#: sssd.conf.5.xml:1407 sssd.conf.5.xml:2925 sssd-ldap.5.xml:708 +#: sssd-ldap.5.xml:1714 sssd-ldap.5.xml:1733 sssd-ldap.5.xml:1909 +#: sssd-ldap.5.xml:2335 sssd-ipa.5.xml:151 sssd-ipa.5.xml:238 +#: sssd-ipa.5.xml:559 sssd-krb5.5.xml:266 sssd-krb5.5.xml:300 #: sssd-krb5.5.xml:471 msgid "Default: false" msgstr "Per defecte: false" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2255 +#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2373 #: sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 sssd-systemtap.5.xml:210 #: sssd-systemtap.5.xml:248 sssd-systemtap.5.xml:304 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" @@ -394,8 +394,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:169 sssd.conf.5.xml:1352 sssd.conf.5.xml:2881 -#: sssd-ldap.5.xml:1467 include/ldap_id_mapping.xml:264 +#: sssd.conf.5.xml:169 sssd.conf.5.xml:1359 sssd.conf.5.xml:2941 +#: sssd-ldap.5.xml:1585 include/ldap_id_mapping.xml:264 msgid "Default: 10" msgstr "Per defecte: 10" @@ -410,7 +410,7 @@ msgid "The [sssd] section" msgstr "La secció [sssd]" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:191 sssd.conf.5.xml:2970 +#: sssd.conf.5.xml:191 sssd.conf.5.xml:3030 msgid "Section parameters" msgstr "Paràmetres de la secció" @@ -438,7 +438,7 @@ msgstr "services" msgid "" "Comma separated list of services that are started when sssd itself starts. " "<phrase condition=\"have_systemd\"> The services' list is optional on " -"platforms where systemd is supported, as they will either be socket or dbus " +"platforms where systemd is supported, as they will either be socket or D-Bus " "activated when needed. </phrase>" msgstr "" @@ -499,7 +499,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:259 sssd.conf.5.xml:2508 +#: sssd.conf.5.xml:259 sssd.conf.5.xml:2539 msgid "re_expression (string)" msgstr "re_expression (cadena)" @@ -521,12 +521,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:276 sssd.conf.5.xml:2559 +#: sssd.conf.5.xml:276 sssd.conf.5.xml:2590 msgid "full_name_format (string)" msgstr "full_name_format (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:279 sssd.conf.5.xml:2562 +#: sssd.conf.5.xml:279 sssd.conf.5.xml:2593 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -537,40 +537,40 @@ msgstr "" "compondre un FQN des dels components del nom d'usuari i del nom del domini." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:290 sssd.conf.5.xml:2573 +#: sssd.conf.5.xml:290 sssd.conf.5.xml:2604 msgid "%1$s" msgstr "%1$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:291 sssd.conf.5.xml:2574 +#: sssd.conf.5.xml:291 sssd.conf.5.xml:2605 msgid "user name" msgstr "nom d'usuari" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:294 sssd.conf.5.xml:2577 +#: sssd.conf.5.xml:294 sssd.conf.5.xml:2608 msgid "%2$s" msgstr "%2$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:297 sssd.conf.5.xml:2580 +#: sssd.conf.5.xml:297 sssd.conf.5.xml:2611 msgid "domain name as specified in the SSSD config file." msgstr "" "el nom del domini tal com s'especifica al fitxer de configuració de l'SSSD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:303 sssd.conf.5.xml:2586 +#: sssd.conf.5.xml:303 sssd.conf.5.xml:2617 msgid "%3$s" msgstr "%3$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:306 sssd.conf.5.xml:2589 +#: sssd.conf.5.xml:306 sssd.conf.5.xml:2620 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:287 sssd.conf.5.xml:2570 +#: sssd.conf.5.xml:287 sssd.conf.5.xml:2601 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -728,12 +728,13 @@ msgstr "" "d'aquesta opció juntament amb use_fully_qualified_names establert a False." #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:418 sssd.conf.5.xml:1156 sssd-ldap.5.xml:679 -#: sssd-ldap.5.xml:1555 sssd-ldap.5.xml:1567 sssd-ldap.5.xml:1649 -#: sssd-ad.5.xml:667 sssd-ad.5.xml:742 sssd-krb5.5.xml:410 sssd-krb5.5.xml:556 -#: sssd-secrets.5.xml:339 sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 -#: sssd-secrets.5.xml:404 sssd-secrets.5.xml:415 -#: include/ldap_id_mapping.xml:205 include/ldap_id_mapping.xml:216 +#: sssd.conf.5.xml:418 sssd.conf.5.xml:1163 sssd-ldap.5.xml:679 +#: sssd-ldap.5.xml:1319 sssd-ldap.5.xml:1673 sssd-ldap.5.xml:1685 +#: sssd-ldap.5.xml:1767 sssd-ad.5.xml:687 sssd-ad.5.xml:762 sssd.8.xml:126 +#: sssd-krb5.5.xml:410 sssd-krb5.5.xml:556 sssd-secrets.5.xml:339 +#: sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 sssd-secrets.5.xml:404 +#: sssd-secrets.5.xml:415 include/ldap_id_mapping.xml:205 +#: include/ldap_id_mapping.xml:216 msgid "Default: not set" msgstr "Per defecte: sense establir" @@ -920,8 +921,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:587 sssd.conf.5.xml:1364 sssd.conf.5.xml:2931 -#: sssd-ad.5.xml:148 sssd-ad.5.xml:286 sssd-ad.5.xml:300 +#: sssd.conf.5.xml:587 sssd.conf.5.xml:1371 sssd.conf.5.xml:2991 +#: sssd-ad.5.xml:161 sssd-ad.5.xml:299 sssd-ad.5.xml:313 msgid "Default: Not set" msgstr "Per defecte: Sense establir" @@ -1007,7 +1008,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:655 sssd.conf.5.xml:687 sssd.conf.5.xml:968 -#: sssd.conf.5.xml:1222 sssd-ldap.5.xml:1294 +#: sssd.conf.5.xml:1229 sssd-ldap.5.xml:1412 msgid "Default: 60" msgstr "Per defecte: 60" @@ -1062,12 +1063,12 @@ msgid "" "resource exhaustion on the system. The minimum acceptable value for this " "option is 60 seconds. Setting this option to 0 (zero) means that no timeout " "will be set up to the responder. This option only has effect when SSSD is " -"built with systemd support and when services are either socket or dbus " +"built with systemd support and when services are either socket or D-Bus " "activated." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:709 sssd.conf.5.xml:980 sssd.conf.5.xml:1559 +#: sssd.conf.5.xml:709 sssd.conf.5.xml:981 sssd.conf.5.xml:1566 #: sssd-ldap.5.xml:722 msgid "Default: 300" msgstr "Per defecte: 300" @@ -1162,7 +1163,7 @@ msgstr "" "(0 desactiva aquesta característica)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:775 sssd.conf.5.xml:1421 +#: sssd.conf.5.xml:775 sssd.conf.5.xml:1428 msgid "Default: 50" msgstr "Per defecte: 50" @@ -1184,7 +1185,7 @@ msgstr "" "altra vegada." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:789 sssd.conf.5.xml:1445 +#: sssd.conf.5.xml:789 sssd.conf.5.xml:1452 msgid "Default: 15" msgstr "Per defecte: 15" @@ -1201,7 +1202,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:802 sssd.conf.5.xml:1210 sssd.conf.5.xml:2815 sssd.8.xml:79 +#: sssd.conf.5.xml:802 sssd.conf.5.xml:1217 sssd.conf.5.xml:2846 sssd.8.xml:79 msgid "Default: 0" msgstr "Per defecte: 0" @@ -1279,7 +1280,7 @@ msgstr "" " " #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:856 sssd.conf.5.xml:1289 sssd.conf.5.xml:1308 +#: sssd.conf.5.xml:856 sssd.conf.5.xml:1296 sssd.conf.5.xml:1315 #: sssd-krb5.5.xml:539 include/override_homedir.xml:59 msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "exemple: <placeholder type=\"programlisting\" id=\"0\"/>" @@ -1421,12 +1422,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:961 sssd.conf.5.xml:1215 +#: sssd.conf.5.xml:961 sssd.conf.5.xml:1222 msgid "get_domains_timeout (int)" msgstr "get_domains_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:964 sssd.conf.5.xml:1218 +#: sssd.conf.5.xml:964 sssd.conf.5.xml:1225 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." @@ -1441,23 +1442,30 @@ msgstr "memcache_timeout (enter)" #: sssd.conf.5.xml:976 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " -"valid." +"valid. Setting this option to zero will disable the in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:983 +#: sssd.conf.5.xml:984 +msgid "" +"WARNING: Disabling the in-memory cache will have significant negative impact " +"on SSSD's performance and should only be used for testing." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:990 msgid "" "NOTE: If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", " "client applications will not use the fast in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:991 sssd-ifp.5.xml:74 +#: sssd.conf.5.xml:998 sssd-ifp.5.xml:74 msgid "user_attributes (string)" msgstr "user_attributes (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:994 +#: sssd.conf.5.xml:1001 msgid "" "Some of the additional NSS responder requests can return more attributes " "than just the POSIX ones defined by the NSS interface. The list of " @@ -1468,48 +1476,48 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1007 +#: sssd.conf.5.xml:1014 msgid "" "To make configuration more easy the NSS responder will check the InfoPipe " "option if it is not set for the NSS responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1012 +#: sssd.conf.5.xml:1019 msgid "Default: not set, fallback to InfoPipe option" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1017 +#: sssd.conf.5.xml:1024 msgid "pwfield (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1020 +#: sssd.conf.5.xml:1027 msgid "" "The value that NSS operations that return users or groups will return for " "the <quote>password</quote> field." msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:1025 include/override_homedir.xml:56 +#: sssd.conf.5.xml:1032 include/override_homedir.xml:56 msgid "This option can also be set per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1028 +#: sssd.conf.5.xml:1035 msgid "" "Default: <quote>*</quote> (remote domains) or <quote>x</quote> (the files " "domain)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1036 +#: sssd.conf.5.xml:1043 msgid "PAM configuration options" msgstr "Opcions de configuració del PAM" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1038 +#: sssd.conf.5.xml:1045 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." @@ -1518,12 +1526,12 @@ msgstr "" "(Pluggable Authentication Module)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1043 +#: sssd.conf.5.xml:1050 msgid "offline_credentials_expiration (integer)" msgstr "offline_credentials_expiration (enter)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1046 +#: sssd.conf.5.xml:1053 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." @@ -1533,17 +1541,17 @@ msgstr "" "de sessió)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1051 sssd.conf.5.xml:1064 +#: sssd.conf.5.xml:1058 sssd.conf.5.xml:1071 msgid "Default: 0 (No limit)" msgstr "Per defecte: 0 (sense límit)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1057 +#: sssd.conf.5.xml:1064 msgid "offline_failed_login_attempts (integer)" msgstr "offline_failed_login_attempts (enter)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1060 +#: sssd.conf.5.xml:1067 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." @@ -1552,12 +1560,12 @@ msgstr "" "fallits es permet." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1070 +#: sssd.conf.5.xml:1077 msgid "offline_failed_login_delay (integer)" msgstr "offline_failed_login_delay (enter)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1073 +#: sssd.conf.5.xml:1080 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." @@ -1567,7 +1575,7 @@ msgstr "" "possible." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1078 +#: sssd.conf.5.xml:1085 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -1575,17 +1583,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1084 sssd.conf.5.xml:1182 +#: sssd.conf.5.xml:1091 sssd.conf.5.xml:1189 msgid "Default: 5" msgstr "Per defecte: 5" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1090 +#: sssd.conf.5.xml:1097 msgid "pam_verbosity (integer)" msgstr "pam_verbosity (enter)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1093 +#: sssd.conf.5.xml:1100 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." @@ -1594,43 +1602,43 @@ msgstr "" "l'autenticació. Com més gran sigui el nombre més missatges es mostren." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1098 +#: sssd.conf.5.xml:1105 msgid "Currently sssd supports the following values:" msgstr "L'sssd actualment admet els següents valors:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1101 +#: sssd.conf.5.xml:1108 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "<emphasis>0</emphasis>: no mostris cap missatge" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1104 +#: sssd.conf.5.xml:1111 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "<emphasis>1</emphasis>: Mostra només missatges importants" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1108 +#: sssd.conf.5.xml:1115 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "<emphasis>2</emphasis>: Mostra missatges informatius" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1111 +#: sssd.conf.5.xml:1118 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" "<emphasis>3</emphasis>: Mostra tots els missatges i informació de depuració" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1115 sssd.8.xml:63 +#: sssd.conf.5.xml:1122 sssd.8.xml:63 msgid "Default: 1" msgstr "Per defecte: 1" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1121 +#: sssd.conf.5.xml:1128 msgid "pam_response_filter (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1124 +#: sssd.conf.5.xml:1131 msgid "" "A comma separated list of strings which allows to remove (filter) data sent " "by the PAM responder to pam_sss PAM module. There are different kind of " @@ -1639,61 +1647,61 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1132 +#: sssd.conf.5.xml:1139 msgid "" "While messages already can be controlled with the help of the pam_verbosity " "option this option allows to filter out other kind of responses as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1139 +#: sssd.conf.5.xml:1146 msgid "ENV" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1140 +#: sssd.conf.5.xml:1147 msgid "Do not send any environment variables to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1143 +#: sssd.conf.5.xml:1150 msgid "ENV:var_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1144 +#: sssd.conf.5.xml:1151 msgid "Do not send environment variable var_name to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1148 +#: sssd.conf.5.xml:1155 msgid "ENV:var_name:service" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1149 +#: sssd.conf.5.xml:1156 msgid "Do not send environment variable var_name to service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1137 +#: sssd.conf.5.xml:1144 msgid "" "Currently the following filters are supported: <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1159 +#: sssd.conf.5.xml:1166 msgid "Example: ENV:KRB5CCNAME:sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1165 +#: sssd.conf.5.xml:1172 msgid "pam_id_timeout (integer)" msgstr "pam_id_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1168 +#: sssd.conf.5.xml:1175 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1705,7 +1713,7 @@ msgstr "" "l'última informació." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1174 +#: sssd.conf.5.xml:1181 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -1719,17 +1727,17 @@ msgstr "" "excessives al proveïdor d'identitat." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1188 +#: sssd.conf.5.xml:1195 msgid "pam_pwd_expiration_warning (integer)" msgstr "pam_pwd_expiration_warning (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1191 sssd.conf.5.xml:2010 +#: sssd.conf.5.xml:1198 sssd.conf.5.xml:2028 msgid "Display a warning N days before the password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1194 +#: sssd.conf.5.xml:1201 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1737,26 +1745,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1200 sssd.conf.5.xml:2013 +#: sssd.conf.5.xml:1207 sssd.conf.5.xml:2031 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1205 +#: sssd.conf.5.xml:1212 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:1234 msgid "pam_trusted_users (string)" msgstr "pam_trusted_users (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1230 +#: sssd.conf.5.xml:1237 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to run PAM conversations against trusted domains. Users not " @@ -1766,74 +1774,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1240 +#: sssd.conf.5.xml:1247 msgid "Default: All users are considered trusted by default" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1244 +#: sssd.conf.5.xml:1251 msgid "" "Please note that UID 0 is always allowed to access the PAM responder even in " "case it is not in the pam_trusted_users list." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1251 +#: sssd.conf.5.xml:1258 msgid "pam_public_domains (string)" msgstr "pam_public_domains (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1254 +#: sssd.conf.5.xml:1261 msgid "" "Specifies the comma-separated list of domain names that are accessible even " "to untrusted users." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1258 +#: sssd.conf.5.xml:1265 msgid "Two special values for pam_public_domains option are defined:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1262 +#: sssd.conf.5.xml:1269 msgid "" "all (Untrusted users are allowed to access all domains in PAM responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1266 +#: sssd.conf.5.xml:1273 msgid "" "none (Untrusted users are not allowed to access any domains PAM in " "responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1270 sssd.conf.5.xml:1295 sssd.conf.5.xml:1314 -#: sssd.conf.5.xml:1807 sssd.conf.5.xml:2751 sssd-ldap.5.xml:1850 +#: sssd.conf.5.xml:1277 sssd.conf.5.xml:1302 sssd.conf.5.xml:1321 +#: sssd.conf.5.xml:1825 sssd.conf.5.xml:2782 sssd-ldap.5.xml:1968 msgid "Default: none" msgstr "Per defecte: none" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1275 +#: sssd.conf.5.xml:1282 msgid "pam_account_expired_message (string)" msgstr "pam_account_expired_message (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1278 +#: sssd.conf.5.xml:1285 msgid "" "Allows a custom expiration message to be set, replacing the default " "'Permission denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1283 +#: sssd.conf.5.xml:1290 msgid "" "Note: Please be aware that message is only printed for the SSH service " "unless pam_verbosity is set to 3 (show all messages and debug information)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1291 +#: sssd.conf.5.xml:1298 #, no-wrap msgid "" "pam_account_expired_message = Account expired, please contact help desk.\n" @@ -1841,19 +1849,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1300 +#: sssd.conf.5.xml:1307 msgid "pam_account_locked_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1303 +#: sssd.conf.5.xml:1310 msgid "" "Allows a custom lockout message to be set, replacing the default 'Permission " "denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1310 +#: sssd.conf.5.xml:1317 #, no-wrap msgid "" "pam_account_locked_message = Account locked, please contact help desk.\n" @@ -1861,12 +1869,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1319 +#: sssd.conf.5.xml:1326 msgid "pam_cert_auth (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1322 +#: sssd.conf.5.xml:1329 msgid "" "Enable certificate based Smartcard authentication. Since this requires " "additional communication with the Smartcard which will delay the " @@ -1874,58 +1882,58 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1328 sssd-ldap.5.xml:1078 sssd-ldap.5.xml:1105 -#: sssd-ldap.5.xml:1396 sssd-ldap.5.xml:1417 sssd-ldap.5.xml:1923 -#: include/ldap_id_mapping.xml:244 +#: sssd.conf.5.xml:1335 sssd.conf.5.xml:2875 sssd-ldap.5.xml:1087 +#: sssd-ldap.5.xml:1114 sssd-ldap.5.xml:1514 sssd-ldap.5.xml:1535 +#: sssd-ldap.5.xml:2041 include/ldap_id_mapping.xml:244 msgid "Default: False" msgstr "Per defecte: False" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1333 +#: sssd.conf.5.xml:1340 msgid "pam_cert_db_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1336 +#: sssd.conf.5.xml:1343 msgid "" "The path to the certificate database which contain the PKCS#11 modules to " "access the Smartcard." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1340 +#: sssd.conf.5.xml:1347 msgid "Default: /etc/pki/nssdb (NSS version)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1345 +#: sssd.conf.5.xml:1352 msgid "p11_child_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1348 +#: sssd.conf.5.xml:1355 msgid "How many seconds will pam_sss wait for p11_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1357 +#: sssd.conf.5.xml:1364 msgid "pam_app_services (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1360 +#: sssd.conf.5.xml:1367 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1373 +#: sssd.conf.5.xml:1380 msgid "SUDO configuration options" msgstr "Opcions de configuració de SUDO" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1375 +#: sssd.conf.5.xml:1382 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -1943,26 +1951,26 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1392 +#: sssd.conf.5.xml:1399 msgid "sudo_timed (bool)" msgstr "sudo_timed (booleà)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1395 +#: sssd.conf.5.xml:1402 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1407 +#: sssd.conf.5.xml:1414 #, fuzzy #| msgid "ldap_deref_threshold (integer)" msgid "sudo_threshold (integer)" msgstr "ldap_deref_threshold (enter)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1410 +#: sssd.conf.5.xml:1417 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -1972,23 +1980,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1429 +#: sssd.conf.5.xml:1436 msgid "AUTOFS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1431 +#: sssd.conf.5.xml:1438 msgid "These options can be used to configure the autofs service." msgstr "" "Es poden utilitzar aquestes opcions per configurar el servei de l'autofs." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1435 +#: sssd.conf.5.xml:1442 msgid "autofs_negative_timeout (integer)" msgstr "autofs_negative_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1438 +#: sssd.conf.5.xml:1445 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -1996,68 +2004,68 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1454 +#: sssd.conf.5.xml:1461 msgid "SSH configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1456 +#: sssd.conf.5.xml:1463 msgid "These options can be used to configure the SSH service." msgstr "Es poden utilitzar aquestes opcions per configurar el servei de l'SSH." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1460 +#: sssd.conf.5.xml:1467 msgid "ssh_hash_known_hosts (bool)" msgstr "ssh_hash_known_hosts (booleà)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1463 +#: sssd.conf.5.xml:1470 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1472 +#: sssd.conf.5.xml:1479 msgid "ssh_known_hosts_timeout (integer)" msgstr "ssh_known_hosts_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1475 +#: sssd.conf.5.xml:1482 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1479 +#: sssd.conf.5.xml:1486 msgid "Default: 180" msgstr "Per defecte: 180" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1484 +#: sssd.conf.5.xml:1491 msgid "ca_db (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1487 +#: sssd.conf.5.xml:1494 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1492 +#: sssd.conf.5.xml:1499 msgid "Default: /etc/pki/nssdb" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1500 +#: sssd.conf.5.xml:1507 msgid "PAC responder configuration options" msgstr "Opcions de configuració del contestador del PAC." #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1502 +#: sssd.conf.5.xml:1509 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -2068,7 +2076,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1511 +#: sssd.conf.5.xml:1518 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -2079,25 +2087,25 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1519 +#: sssd.conf.5.xml:1526 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1525 +#: sssd.conf.5.xml:1532 msgid "These options can be used to configure the PAC responder." msgstr "" "Es poden utilitzar aquestes opcions per configurar el contestador del PAC." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1529 sssd-ifp.5.xml:50 +#: sssd.conf.5.xml:1536 sssd-ifp.5.xml:50 msgid "allowed_uids (string)" msgstr "allowed_uids (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1532 +#: sssd.conf.5.xml:1539 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -2105,12 +2113,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1538 +#: sssd.conf.5.xml:1545 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1542 +#: sssd.conf.5.xml:1549 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -2119,26 +2127,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1551 +#: sssd.conf.5.xml:1558 msgid "pac_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1554 +#: sssd.conf.5.xml:1561 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1567 +#: sssd.conf.5.xml:1574 #, fuzzy #| msgid "PAC responder configuration options" msgid "Session recording configuration options" msgstr "Opcions de configuració del contestador del PAC." #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1569 +#: sssd.conf.5.xml:1576 #, fuzzy #| msgid "" #| "This manual page describes the configuration of the IPA provider for " @@ -2162,38 +2170,38 @@ msgstr "" "manvolnum></citerefentry>." #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1582 +#: sssd.conf.5.xml:1589 #, fuzzy #| msgid "These options can be used to configure any service." msgid "These options can be used to configure session recording." msgstr "Es poden utilitzar aquestes opcions per configurar qualsevol servei." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1586 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:1593 sssd-session-recording.5.xml:64 #, fuzzy #| msgid "user (string)" msgid "scope (string)" msgstr "user (cadena)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1593 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:1600 sssd-session-recording.5.xml:71 #, fuzzy #| msgid "none" msgid "\"none\"" msgstr "none" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1596 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:1603 sssd-session-recording.5.xml:74 msgid "No users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1601 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:1608 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1604 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:1611 sssd-session-recording.5.xml:82 #, fuzzy #| msgid "" #| "Append this user to groups specified by the <replaceable>GROUPS</" @@ -2208,17 +2216,17 @@ msgstr "" "replaceable> és una llista delimitada per comes dels noms dels grups." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1613 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:1620 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1616 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:1623 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1589 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:1596 sssd-session-recording.5.xml:67 #, fuzzy #| msgid "" #| "The following expansions are supported: <placeholder type=\"variablelist" @@ -2231,21 +2239,21 @@ msgstr "" "\"0\"/>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1623 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:1630 sssd-session-recording.5.xml:101 #, fuzzy #| msgid "Default: none" msgid "Default: \"none\"" msgstr "Per defecte: none" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1628 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:1635 sssd-session-recording.5.xml:106 #, fuzzy #| msgid "user (string)" msgid "users (string)" msgstr "user (cadena)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1631 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:1638 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording enabled. " "Matches user names as returned by NSS. I.e. after the possible space " @@ -2253,21 +2261,21 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1637 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:1644 sssd-session-recording.5.xml:115 #, fuzzy #| msgid "Default: empty, i.e. ldap_uri is used." msgid "Default: Empty. Matches no users." msgstr "Per defecte: buit, és a dir, s'utilitza ldap_uri." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1642 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:1649 sssd-session-recording.5.xml:120 #, fuzzy #| msgid "user (string)" msgid "groups (string)" msgstr "user (cadena)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1645 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:1652 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " @@ -2275,7 +2283,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1651 sssd-session-recording.5.xml:129 +#: sssd.conf.5.xml:1658 sssd-session-recording.5.xml:129 msgid "" "NOTE: using this option (having it set to anything) has a considerable " "performance cost, because each uncached request for a user requires " @@ -2283,22 +2291,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1658 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:1665 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1668 +#: sssd.conf.5.xml:1675 msgid "DOMAIN SECTIONS" msgstr "SECCIONS DE DOMINI" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1675 +#: sssd.conf.5.xml:1682 msgid "domain_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1678 +#: sssd.conf.5.xml:1685 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " @@ -2307,14 +2315,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1686 +#: sssd.conf.5.xml:1693 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1690 +#: sssd.conf.5.xml:1697 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " @@ -2323,31 +2331,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1698 +#: sssd.conf.5.xml:1705 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1702 +#: sssd.conf.5.xml:1709 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1706 +#: sssd.conf.5.xml:1713 msgid "Default: posix" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1712 +#: sssd.conf.5.xml:1719 msgid "min_id,max_id (integer)" msgstr "min_id, max_id (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1715 +#: sssd.conf.5.xml:1722 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." @@ -2356,7 +2364,7 @@ msgstr "" "fora d'aquests límits, s'ignora." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1720 +#: sssd.conf.5.xml:1727 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -2369,48 +2377,55 @@ msgstr "" "com s'esperava." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1727 +#: sssd.conf.5.xml:1734 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1731 +#: sssd.conf.5.xml:1738 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "Per defecte: 1 per a min_id, 0 (sense límit) per a max_id" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1737 +#: sssd.conf.5.xml:1744 msgid "enumerate (bool)" msgstr "enumerate (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1740 +#: sssd.conf.5.xml:1747 msgid "" -"Determines if a domain can be enumerated. This parameter can have one of the " -"following values:" +"Determines if a domain can be enumerated, that is, whether the domain can " +"list all the users and group it contains. Note that it is not required to " +"enable enumeration in order for secondary groups to be displayed. This " +"parameter can have one of the following values:" msgstr "" -"Determina si un domini pot ser enumerat. Aquest paràmetre pot tenir un dels " -"valors següents:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1744 +#: sssd.conf.5.xml:1755 msgid "TRUE = Users and groups are enumerated" msgstr "TRUE = Els usuaris i grups s'enumeren" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1747 +#: sssd.conf.5.xml:1758 msgid "FALSE = No enumerations for this domain" msgstr "FALSE = Cap enumeració per a aquest domini" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1750 sssd.conf.5.xml:1965 sssd.conf.5.xml:2132 +#: sssd.conf.5.xml:1761 sssd.conf.5.xml:1983 sssd.conf.5.xml:2150 msgid "Default: FALSE" msgstr "Per defecte: FALSE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1753 +#: sssd.conf.5.xml:1764 +msgid "" +"Enumerating a domain requires SSSD to download and store ALL user and group " +"entries from the remote server." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1769 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -2418,11 +2433,13 @@ msgid "" "information will go directly to LDAP, though it may be slow, due to the " "heavy enumeration processing. Saving a large number of entries to cache " "after the enumeration completes might also be CPU intensive as the " -"memberships have to be recomputed." +"memberships have to be recomputed. This can lead to the <quote>sssd_be</" +"quote> process becoming unresponsive or even restarted by the internal " +"watchdog." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1766 +#: sssd.conf.5.xml:1784 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." @@ -2432,7 +2449,7 @@ msgstr "" "finalitzi." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1771 +#: sssd.conf.5.xml:1789 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -2446,39 +2463,39 @@ msgstr "" "ús." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1779 +#: sssd.conf.5.xml:1797 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1787 +#: sssd.conf.5.xml:1805 msgid "subdomain_enumerate (string)" msgstr "subdomain_enumerate (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1794 +#: sssd.conf.5.xml:1812 msgid "all" msgstr "all" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1795 +#: sssd.conf.5.xml:1813 msgid "All discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1798 +#: sssd.conf.5.xml:1816 msgid "none" msgstr "none" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1799 +#: sssd.conf.5.xml:1817 msgid "No discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1790 +#: sssd.conf.5.xml:1808 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -2487,12 +2504,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1813 +#: sssd.conf.5.xml:1831 msgid "entry_cache_timeout (integer)" msgstr "entry_cache_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1816 +#: sssd.conf.5.xml:1834 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" @@ -2501,7 +2518,7 @@ msgstr "" "demanar al rerefons una altra vegada" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1820 +#: sssd.conf.5.xml:1838 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -2512,153 +2529,153 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1833 +#: sssd.conf.5.xml:1851 msgid "Default: 5400" msgstr "Per defecte: 5400" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1839 +#: sssd.conf.5.xml:1857 msgid "entry_cache_user_timeout (integer)" msgstr "entry_cache_user_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1842 +#: sssd.conf.5.xml:1860 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1846 sssd.conf.5.xml:1859 sssd.conf.5.xml:1872 -#: sssd.conf.5.xml:1885 sssd.conf.5.xml:1898 sssd.conf.5.xml:1912 -#: sssd.conf.5.xml:1926 +#: sssd.conf.5.xml:1864 sssd.conf.5.xml:1877 sssd.conf.5.xml:1890 +#: sssd.conf.5.xml:1903 sssd.conf.5.xml:1916 sssd.conf.5.xml:1930 +#: sssd.conf.5.xml:1944 msgid "Default: entry_cache_timeout" msgstr "Per defecte: entry_cache_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1852 +#: sssd.conf.5.xml:1870 msgid "entry_cache_group_timeout (integer)" msgstr "entry_cache_group_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1855 +#: sssd.conf.5.xml:1873 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1865 +#: sssd.conf.5.xml:1883 msgid "entry_cache_netgroup_timeout (integer)" msgstr "entry_cache_netgroup_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1868 +#: sssd.conf.5.xml:1886 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1878 +#: sssd.conf.5.xml:1896 msgid "entry_cache_service_timeout (integer)" msgstr "entry_cache_service_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1881 +#: sssd.conf.5.xml:1899 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1891 +#: sssd.conf.5.xml:1909 msgid "entry_cache_sudo_timeout (integer)" msgstr "entry_cache_sudo_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1894 +#: sssd.conf.5.xml:1912 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1904 +#: sssd.conf.5.xml:1922 msgid "entry_cache_autofs_timeout (integer)" msgstr "entry_cache_autofs_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1907 +#: sssd.conf.5.xml:1925 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1918 +#: sssd.conf.5.xml:1936 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "entry_cache_ssh_host_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1921 +#: sssd.conf.5.xml:1939 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1932 +#: sssd.conf.5.xml:1950 msgid "refresh_expired_interval (integer)" msgstr "refresh_expired_interval (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1935 +#: sssd.conf.5.xml:1953 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1940 +#: sssd.conf.5.xml:1958 msgid "" "The background refresh will process users, groups and netgroups in the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1944 +#: sssd.conf.5.xml:1962 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1948 sssd-ldap.5.xml:746 sssd-ipa.5.xml:248 +#: sssd.conf.5.xml:1966 sssd-ldap.5.xml:746 sssd-ipa.5.xml:254 msgid "Default: 0 (disabled)" msgstr "Per defecte: 0 (inhabilitat)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1954 +#: sssd.conf.5.xml:1972 msgid "cache_credentials (bool)" msgstr "cache_credentials (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1957 +#: sssd.conf.5.xml:1975 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" "Determina si les credencials d'usuari també són emmagatzemades en la memòria " "cau local de LDB" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1961 +#: sssd.conf.5.xml:1979 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1971 +#: sssd.conf.5.xml:1989 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1974 +#: sssd.conf.5.xml:1992 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " @@ -2666,24 +2683,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1981 +#: sssd.conf.5.xml:1999 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1986 +#: sssd.conf.5.xml:2004 msgid "Default: 8" msgstr "Per defecte: 8" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1992 +#: sssd.conf.5.xml:2010 msgid "account_cache_expiration (integer)" msgstr "account_cache_expiration (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1995 +#: sssd.conf.5.xml:2013 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -2696,17 +2713,17 @@ msgstr "" "ha de ser superior o igual que offline_credentials_expiration." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2002 +#: sssd.conf.5.xml:2020 msgid "Default: 0 (unlimited)" msgstr "Per defecte: 0 (sense límit)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2007 +#: sssd.conf.5.xml:2025 msgid "pwd_expiration_warning (integer)" msgstr "pwd_expiration_warning (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2018 +#: sssd.conf.5.xml:2036 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -2715,33 +2732,33 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2025 +#: sssd.conf.5.xml:2043 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "Per defecte: 7 (Kerberos), 0 (LDAP)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2031 +#: sssd.conf.5.xml:2049 msgid "id_provider (string)" msgstr "id_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2034 +#: sssd.conf.5.xml:2052 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2038 +#: sssd.conf.5.xml:2056 msgid "<quote>proxy</quote>: Support a legacy NSS provider" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2041 sssd.conf.5.xml:2178 +#: sssd.conf.5.xml:2059 sssd.conf.5.xml:2196 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2045 +#: sssd.conf.5.xml:2063 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -2749,8 +2766,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2053 sssd.conf.5.xml:2158 sssd.conf.5.xml:2213 -#: sssd.conf.5.xml:2276 +#: sssd.conf.5.xml:2071 sssd.conf.5.xml:2176 sssd.conf.5.xml:2231 +#: sssd.conf.5.xml:2294 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -2759,8 +2776,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2062 sssd.conf.5.xml:2167 sssd.conf.5.xml:2222 -#: sssd.conf.5.xml:2285 +#: sssd.conf.5.xml:2080 sssd.conf.5.xml:2185 sssd.conf.5.xml:2240 +#: sssd.conf.5.xml:2303 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2768,19 +2785,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2073 +#: sssd.conf.5.xml:2091 msgid "use_fully_qualified_names (bool)" msgstr "use_fully_qualified_names (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2076 +#: sssd.conf.5.xml:2094 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2081 +#: sssd.conf.5.xml:2099 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -2793,7 +2810,7 @@ msgstr "" "l'usuari mentre que <command>getent passwd test@LOCAL</command> sí." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2089 +#: sssd.conf.5.xml:2107 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -2801,22 +2818,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2096 +#: sssd.conf.5.xml:2114 msgid "Default: FALSE (TRUE if default_domain_suffix is used)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2102 +#: sssd.conf.5.xml:2120 msgid "ignore_group_members (bool)" msgstr "ignore_group_members (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2105 +#: sssd.conf.5.xml:2123 msgid "Do not return group members for group lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2108 +#: sssd.conf.5.xml:2126 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -2828,7 +2845,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2126 +#: sssd.conf.5.xml:2144 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " @@ -2836,12 +2853,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2137 +#: sssd.conf.5.xml:2155 msgid "auth_provider (string)" msgstr "auth_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2140 +#: sssd.conf.5.xml:2158 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" @@ -2850,7 +2867,7 @@ msgstr "" "d'autenticació suportats són:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2144 sssd.conf.5.xml:2206 +#: sssd.conf.5.xml:2162 sssd.conf.5.xml:2224 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2861,7 +2878,7 @@ msgstr "" "manvolnum></citerefentry> per a més informació sobre configuració d'LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2151 +#: sssd.conf.5.xml:2169 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2872,7 +2889,7 @@ msgstr "" "manvolnum></citerefentry> per a més informació sobre configurar Kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2175 +#: sssd.conf.5.xml:2193 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" @@ -2880,12 +2897,12 @@ msgstr "" "de PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2182 +#: sssd.conf.5.xml:2200 msgid "<quote>none</quote> disables authentication explicitly." msgstr "<quote>none</quote> impossibilita l'autenticació explícitament." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2185 +#: sssd.conf.5.xml:2203 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." @@ -2894,12 +2911,12 @@ msgstr "" "gestionar les sol·licituds d'autenticació." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2191 +#: sssd.conf.5.xml:2209 msgid "access_provider (string)" msgstr "access_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2194 +#: sssd.conf.5.xml:2212 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -2910,19 +2927,19 @@ msgstr "" "instal·lats) Els proveïdors especials interns són:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2200 +#: sssd.conf.5.xml:2218 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2203 +#: sssd.conf.5.xml:2221 msgid "<quote>deny</quote> always deny access." msgstr "<quote>deny</quote> sempre denega l'accés." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2230 +#: sssd.conf.5.xml:2248 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -2935,7 +2952,7 @@ msgstr "" "configuració del mòdul d'accés simple." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2237 +#: sssd.conf.5.xml:2255 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum></" @@ -2943,22 +2960,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2244 +#: sssd.conf.5.xml:2262 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2247 +#: sssd.conf.5.xml:2265 msgid "Default: <quote>permit</quote>" msgstr "Per defecte: <quote>permit</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2252 +#: sssd.conf.5.xml:2270 msgid "chpass_provider (string)" msgstr "chpass_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2255 +#: sssd.conf.5.xml:2273 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" @@ -2967,7 +2984,7 @@ msgstr "" "al domini. Els proveïdors de canvi de contrasenya compatibles són:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2260 +#: sssd.conf.5.xml:2278 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -2975,7 +2992,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2268 +#: sssd.conf.5.xml:2286 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2986,7 +3003,7 @@ msgstr "" "manvolnum></citerefentry> per a més informació sobre configurar Kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2293 +#: sssd.conf.5.xml:2311 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" @@ -2994,12 +3011,12 @@ msgstr "" "objectiu PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2297 +#: sssd.conf.5.xml:2315 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "<quote>none</quote> rebutja els canvis de contrasenya explícitament." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2300 +#: sssd.conf.5.xml:2318 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." @@ -3008,17 +3025,17 @@ msgstr "" "gestionar peticions de canvi de contrasenya." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2307 +#: sssd.conf.5.xml:2325 msgid "sudo_provider (string)" msgstr "sudo_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2310 +#: sssd.conf.5.xml:2328 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2314 +#: sssd.conf.5.xml:2332 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3026,32 +3043,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2322 +#: sssd.conf.5.xml:2340 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2326 +#: sssd.conf.5.xml:2344 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2330 +#: sssd.conf.5.xml:2348 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2333 sssd.conf.5.xml:2411 sssd.conf.5.xml:2476 -#: sssd.conf.5.xml:2501 +#: sssd.conf.5.xml:2351 sssd.conf.5.xml:2437 sssd.conf.5.xml:2507 +#: sssd.conf.5.xml:2532 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2337 +#: sssd.conf.5.xml:2355 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -3061,13 +3078,22 @@ msgid "" "<manvolnum>5</manvolnum> </citerefentry>." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2370 +msgid "" +"<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " +"background unless the sudo provider is explicitly disabled. Set " +"<emphasis>sudo_provider = None</emphasis> to disable all sudo-related " +"activity in SSSD if you do not want to use sudo with SSSD at all." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2354 +#: sssd.conf.5.xml:2380 msgid "selinux_provider (string)" msgstr "selinux_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2357 +#: sssd.conf.5.xml:2383 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -3075,7 +3101,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2363 +#: sssd.conf.5.xml:2389 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3083,31 +3109,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2371 +#: sssd.conf.5.xml:2397 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2374 +#: sssd.conf.5.xml:2400 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2380 +#: sssd.conf.5.xml:2406 msgid "subdomains_provider (string)" msgstr "subdomains_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2383 +#: sssd.conf.5.xml:2409 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2389 +#: sssd.conf.5.xml:2415 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3115,7 +3141,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2398 +#: sssd.conf.5.xml:2424 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -3124,19 +3150,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2407 +#: sssd.conf.5.xml:2433 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2417 +#: sssd.conf.5.xml:2443 #, fuzzy #| msgid "selinux_provider (string)" msgid "session_provider (string)" msgstr "selinux_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2420 +#: sssd.conf.5.xml:2446 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " @@ -3144,18 +3170,18 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2427 +#: sssd.conf.5.xml:2453 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2431 +#: sssd.conf.5.xml:2457 msgid "" "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2435 +#: sssd.conf.5.xml:2461 #, fuzzy #| msgid "" #| "Default: <quote>id_provider</quote> is used if it is set and can handle " @@ -3167,19 +3193,26 @@ msgstr "" "Per defecte: <quote>id_provider</quote> s'utilitza si s'ha establert i pot " "gestionar les sol·licituds d'autenticació." +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2465 +msgid "" +"<emphasis>NOTE:</emphasis> In order to have this feature working as expected " +"SSSD must be running as \"root\" and not as the unprivileged user." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2442 +#: sssd.conf.5.xml:2473 msgid "autofs_provider (string)" msgstr "autofs_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2445 +#: sssd.conf.5.xml:2476 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2449 +#: sssd.conf.5.xml:2480 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3187,7 +3220,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2456 +#: sssd.conf.5.xml:2487 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3195,7 +3228,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2464 +#: sssd.conf.5.xml:2495 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3203,24 +3236,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2473 +#: sssd.conf.5.xml:2504 msgid "<quote>none</quote> disables autofs explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2483 +#: sssd.conf.5.xml:2514 msgid "hostid_provider (string)" msgstr "hostid_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2486 +#: sssd.conf.5.xml:2517 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2490 +#: sssd.conf.5.xml:2521 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3228,12 +3261,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2498 +#: sssd.conf.5.xml:2529 msgid "<quote>none</quote> disables hostid explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2511 +#: sssd.conf.5.xml:2542 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -3243,7 +3276,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2520 +#: sssd.conf.5.xml:2551 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -3252,29 +3285,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2525 +#: sssd.conf.5.xml:2556 msgid "username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2528 +#: sssd.conf.5.xml:2559 msgid "username@domain.name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2531 +#: sssd.conf.5.xml:2562 msgid "domain\\username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2534 +#: sssd.conf.5.xml:2565 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2539 +#: sssd.conf.5.xml:2570 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -3285,7 +3318,7 @@ msgstr "" "quote> , el domini és tot el que hi ha després\"" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2545 +#: sssd.conf.5.xml:2576 msgid "" "PLEASE NOTE: the support for non-unique named subpatterns is not available " "on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre " @@ -3293,7 +3326,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2552 +#: sssd.conf.5.xml:2583 msgid "" "PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?" "P<name>) to label subpatterns." @@ -3302,17 +3335,17 @@ msgstr "" "sintaxi Python (?P <name>) a l'etiqueta subpatterns." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2599 +#: sssd.conf.5.xml:2630 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "Per defecte: <quote>%1$s@%2$s</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2605 +#: sssd.conf.5.xml:2636 msgid "lookup_family_order (string)" msgstr "lookup_family_order (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2608 +#: sssd.conf.5.xml:2639 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." @@ -3321,42 +3354,42 @@ msgstr "" "realitzar cerques de DNS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2612 +#: sssd.conf.5.xml:2643 msgid "Supported values:" msgstr "Valors admesos:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2615 +#: sssd.conf.5.xml:2646 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "ipv4_first: Intenta resoldre l'adreça IPv4, si falla, intenta IPv6" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2618 +#: sssd.conf.5.xml:2649 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "ipv4_only: Intenta resoldre només noms màquina a adreces IPv4." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2621 +#: sssd.conf.5.xml:2652 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "ipv6_first: Intenta resoldre l'adreça IPv6, si falla, intenta IPv4" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2624 +#: sssd.conf.5.xml:2655 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "ipv6_only: Intenta resoldre només noms màquina a adreces IPv6." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2627 +#: sssd.conf.5.xml:2658 msgid "Default: ipv4_first" msgstr "Per defecte: ipv4_first" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2633 +#: sssd.conf.5.xml:2664 msgid "dns_resolver_timeout (integer)" msgstr "dns_resolver_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2636 +#: sssd.conf.5.xml:2667 #, fuzzy #| msgid "" #| "Defines the amount of time (in seconds) to wait for a reply from the DNS " @@ -3373,25 +3406,25 @@ msgstr "" "aquest temps d'espera, el domini seguirà operant en el mode fora de línia." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2643 +#: sssd.conf.5.xml:2674 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2648 sssd-ldap.5.xml:1278 sssd-ldap.5.xml:1320 -#: sssd-ldap.5.xml:1338 sssd-krb5.5.xml:248 +#: sssd.conf.5.xml:2679 sssd-ldap.5.xml:1396 sssd-ldap.5.xml:1438 +#: sssd-ldap.5.xml:1456 sssd-krb5.5.xml:248 msgid "Default: 6" msgstr "Per defecte: 6" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2654 +#: sssd.conf.5.xml:2685 msgid "dns_discovery_domain (string)" msgstr "dns_discovery_domain (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2657 +#: sssd.conf.5.xml:2688 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." @@ -3400,52 +3433,52 @@ msgstr "" "del domini de la consulta DNS del servei de descobriment." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2661 +#: sssd.conf.5.xml:2692 msgid "Default: Use the domain part of machine's hostname" msgstr "Per defecte: Utilitza la part del domini del nom de màquina" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2667 +#: sssd.conf.5.xml:2698 msgid "override_gid (integer)" msgstr "override_gid (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2670 +#: sssd.conf.5.xml:2701 msgid "Override the primary GID value with the one specified." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2676 +#: sssd.conf.5.xml:2707 msgid "case_sensitive (string)" msgstr "case_sensitive (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2684 +#: sssd.conf.5.xml:2715 msgid "True" msgstr "True" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2687 +#: sssd.conf.5.xml:2718 msgid "Case sensitive. This value is invalid for AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2693 +#: sssd.conf.5.xml:2724 msgid "False" msgstr "False" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2695 +#: sssd.conf.5.xml:2726 msgid "Case insensitive." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2699 +#: sssd.conf.5.xml:2730 msgid "Preserving" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2702 +#: sssd.conf.5.xml:2733 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " @@ -3453,7 +3486,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2679 +#: sssd.conf.5.xml:2710 msgid "" "Treat user and group names as case sensitive. At the moment, this option is " "not supported in the local provider. Possible option values are: " @@ -3461,17 +3494,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2714 +#: sssd.conf.5.xml:2745 msgid "Default: True (False for AD provider)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2720 +#: sssd.conf.5.xml:2751 msgid "subdomain_inherit (string)" msgstr "subdomain_inherit (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2723 +#: sssd.conf.5.xml:2754 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " @@ -3479,34 +3512,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2729 +#: sssd.conf.5.xml:2760 msgid "ignore_group_members" msgstr "ignore_group_members" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2732 +#: sssd.conf.5.xml:2763 msgid "ldap_purge_cache_timeout" msgstr "ldap_purge_cache_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2735 sssd-ldap.5.xml:1111 +#: sssd.conf.5.xml:2766 sssd-ldap.5.xml:1120 msgid "ldap_use_tokengroups" msgstr "ldap_use_tokengroups" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2738 +#: sssd.conf.5.xml:2769 msgid "ldap_user_principal" msgstr "ldap_user_principal" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2741 +#: sssd.conf.5.xml:2772 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:2747 +#: sssd.conf.5.xml:2778 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" @@ -3516,32 +3549,32 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2745 sssd-secrets.5.xml:448 +#: sssd.conf.5.xml:2776 sssd-secrets.5.xml:448 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "Exemple: <placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2754 +#: sssd.conf.5.xml:2785 msgid "Note: This option only works with the IPA and AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2761 +#: sssd.conf.5.xml:2792 msgid "subdomain_homedir (string)" msgstr "subdomain_homedir (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2772 +#: sssd.conf.5.xml:2803 msgid "%F" msgstr "%F" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2773 +#: sssd.conf.5.xml:2804 msgid "flat (NetBIOS) name of a subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2764 +#: sssd.conf.5.xml:2795 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -3551,34 +3584,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2778 +#: sssd.conf.5.xml:2809 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2782 +#: sssd.conf.5.xml:2813 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "Per defecte: <filename>/home/%d/%u</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2787 +#: sssd.conf.5.xml:2818 msgid "realmd_tags (string)" msgstr "realmd_tags (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2790 +#: sssd.conf.5.xml:2821 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2796 +#: sssd.conf.5.xml:2827 msgid "cached_auth_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2799 +#: sssd.conf.5.xml:2830 msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " @@ -3586,20 +3619,58 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2805 +#: sssd.conf.5.xml:2836 msgid "Special value 0 implies that this feature is disabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2809 +#: sssd.conf.5.xml:2840 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " "<quote>initgroups.</quote>" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2851 +#, fuzzy +#| msgid "autofs_provider (string)" +msgid "auto_private_groups (string)" +msgstr "autofs_provider (cadena)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2854 +msgid "" +"If this option is enabled, SSSD will automatically create user private " +"groups based on user's UID number. The GID number is ignored in this case." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2859 +msgid "" +"For POSIX subdomains, setting the option in the main domain is inherited in " +"the subdomain." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2863 +msgid "" +"For ID-mapping subdomains, auto_private_groups is already enabled for the " +"subdomains and setting it to false will not have any effect for the " +"subdomain." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2868 +msgid "" +"NOTE: Because the GID number and the user private group are inferred from " +"the UID number, it is not supported to have multiple entries with the same " +"UID or GID number with this option. In other words, enabling this option " +"enforces uniqueness across the ID space." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1670 +#: sssd.conf.5.xml:1677 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -3610,17 +3681,17 @@ msgstr "" "replaceable>]</quote> <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2827 +#: sssd.conf.5.xml:2887 msgid "proxy_pam_target (string)" msgstr "proxy_pam_target (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2830 +#: sssd.conf.5.xml:2890 msgid "The proxy target PAM proxies to." msgstr "El servidor intermediari on reenvia PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2833 +#: sssd.conf.5.xml:2893 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." @@ -3629,12 +3700,12 @@ msgstr "" "de pam existent o crear-ne una de nova i afegir aquí el nom del servei." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2841 +#: sssd.conf.5.xml:2901 msgid "proxy_lib_name (string)" msgstr "proxy_lib_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2844 +#: sssd.conf.5.xml:2904 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -3645,12 +3716,12 @@ msgstr "" "format _nss_$(libName)_$(function), per exemple _nss_files_getpwent." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2854 +#: sssd.conf.5.xml:2914 msgid "proxy_fast_alias (boolean)" msgstr "proxy_fast_alias (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2857 +#: sssd.conf.5.xml:2917 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -3659,12 +3730,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2871 +#: sssd.conf.5.xml:2931 msgid "proxy_max_children (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2874 +#: sssd.conf.5.xml:2934 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " @@ -3672,7 +3743,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:2823 +#: sssd.conf.5.xml:2883 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" @@ -3681,12 +3752,12 @@ msgstr "" "\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2890 +#: sssd.conf.5.xml:2950 msgid "Application domains" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2892 +#: sssd.conf.5.xml:2952 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> <refentrytitle>sssd-ifp</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) is appealing to " @@ -3703,7 +3774,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2912 +#: sssd.conf.5.xml:2972 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " @@ -3711,17 +3782,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:2918 +#: sssd.conf.5.xml:2978 msgid "Application domain parameters" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2920 +#: sssd.conf.5.xml:2980 msgid "inherit_from (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2923 +#: sssd.conf.5.xml:2983 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " @@ -3730,7 +3801,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2937 +#: sssd.conf.5.xml:2997 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " @@ -3740,7 +3811,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:2945 +#: sssd.conf.5.xml:3005 #, no-wrap msgid "" "[sssd]\n" @@ -3760,12 +3831,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2963 +#: sssd.conf.5.xml:3023 msgid "The local domain section" msgstr "La secció del domini local" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2965 +#: sssd.conf.5.xml:3025 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -3776,29 +3847,29 @@ msgstr "" "<replaceable>id_provider = local</replaceable>." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2972 +#: sssd.conf.5.xml:3032 msgid "default_shell (string)" msgstr "default_shell (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2975 +#: sssd.conf.5.xml:3035 msgid "The default shell for users created with SSSD userspace tools." msgstr "" "El shell predeterminat per als usuaris que es creen amb eines de l'espai " "d'usuari de l'SSSD." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2979 +#: sssd.conf.5.xml:3039 msgid "Default: <filename>/bin/bash</filename>" msgstr "Per defecte: <filename>/bin/bash</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2984 +#: sssd.conf.5.xml:3044 msgid "base_directory (string)" msgstr "base_directory (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2987 +#: sssd.conf.5.xml:3047 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." @@ -3807,46 +3878,46 @@ msgstr "" "replaceable> i utilitzen aquest com el directori inicial." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2992 +#: sssd.conf.5.xml:3052 msgid "Default: <filename>/home</filename>" msgstr "Per defecte: <filename>/home</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2997 +#: sssd.conf.5.xml:3057 msgid "create_homedir (bool)" msgstr "create_homedir (booleà)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3000 +#: sssd.conf.5.xml:3060 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3004 sssd.conf.5.xml:3016 +#: sssd.conf.5.xml:3064 sssd.conf.5.xml:3076 msgid "Default: TRUE" msgstr "Per defecte: TRUE" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3009 +#: sssd.conf.5.xml:3069 msgid "remove_homedir (bool)" msgstr "remove_homedir (booleà)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3012 +#: sssd.conf.5.xml:3072 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3021 +#: sssd.conf.5.xml:3081 msgid "homedir_umask (integer)" msgstr "homedir_umask (enter)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3024 +#: sssd.conf.5.xml:3084 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -3857,17 +3928,17 @@ msgstr "" "defecte en un directori inicial acabat de crear." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3032 +#: sssd.conf.5.xml:3092 msgid "Default: 077" msgstr "Per defecte: 077" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3037 +#: sssd.conf.5.xml:3097 msgid "skel_dir (string)" msgstr "skel_dir (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3040 +#: sssd.conf.5.xml:3100 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -3880,17 +3951,17 @@ msgstr "" "manvolnum></citerefentry>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3050 +#: sssd.conf.5.xml:3110 msgid "Default: <filename>/etc/skel</filename>" msgstr "Per defecte: <filename>/etc/skel</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3055 +#: sssd.conf.5.xml:3115 msgid "mail_dir (string)" msgstr "mail_dir (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3058 +#: sssd.conf.5.xml:3118 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -3901,17 +3972,17 @@ msgstr "" "suprimit. Si no s'especifica, s'utilitzarà un valor per defecte." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3065 +#: sssd.conf.5.xml:3125 msgid "Default: <filename>/var/mail</filename>" msgstr "Per defecte: <filename>/var/correu</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3070 +#: sssd.conf.5.xml:3130 msgid "userdel_cmd (string)" msgstr "userdel_cmd (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3073 +#: sssd.conf.5.xml:3133 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -3922,17 +3993,17 @@ msgstr "" "té en compte." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3079 +#: sssd.conf.5.xml:3139 msgid "Default: None, no command is run" msgstr "Per defecte: Cap, no s'executa cap comanda" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3089 +#: sssd.conf.5.xml:3149 msgid "TRUSTED DOMAIN SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3091 +#: sssd.conf.5.xml:3151 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called <quote>[domain/" @@ -3943,64 +4014,64 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3098 +#: sssd.conf.5.xml:3158 msgid "ldap_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3099 +#: sssd.conf.5.xml:3159 msgid "ldap_user_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3100 +#: sssd.conf.5.xml:3160 msgid "ldap_group_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3101 +#: sssd.conf.5.xml:3161 msgid "ldap_netgroup_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3102 +#: sssd.conf.5.xml:3162 msgid "ldap_service_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3103 +#: sssd.conf.5.xml:3163 msgid "ad_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3104 +#: sssd.conf.5.xml:3164 msgid "ad_backup_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3105 +#: sssd.conf.5.xml:3165 msgid "ad_site," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3106 +#: sssd.conf.5.xml:3166 msgid "use_fully_qualified_names" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3108 +#: sssd.conf.5.xml:3168 msgid "" "For more details about these options see their individual description in the " "manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3114 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:3174 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3120 +#: sssd.conf.5.xml:3180 #, no-wrap msgid "" "[sssd]\n" @@ -4054,7 +4125,7 @@ msgstr "" "enumerate = False\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3116 +#: sssd.conf.5.xml:3176 #, fuzzy #| msgid "" #| "The following example shows a typical SSSD config. It does not describe " @@ -4073,7 +4144,7 @@ msgstr "" "<placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3153 +#: sssd.conf.5.xml:3213 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" @@ -4081,7 +4152,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3147 +#: sssd.conf.5.xml:3207 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -4142,7 +4213,7 @@ msgstr "" "informació sobre l'ús d'LDAP com un proveïdor d'accés." #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:75 sssd-ad.5.xml:99 +#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:81 sssd-ad.5.xml:112 #: sssd-krb5.5.xml:63 sssd-ifp.5.xml:44 sssd-files.5.xml:57 #: sssd-secrets.5.xml:120 sssd-session-recording.5.xml:58 sssd-kcm.8.xml:139 msgid "CONFIGURATION OPTIONS" @@ -4246,7 +4317,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:662 sssd-ad.5.xml:270 +#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:662 sssd-ad.5.xml:283 #: sss_override.8.xml:137 sss_override.8.xml:234 msgid "Examples:" msgstr "Exemples:" @@ -4454,7 +4525,7 @@ msgstr "" "L'atribut LDAP que correspon a l'identificador del grup primari de l'usuari." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:297 sssd-ldap.5.xml:920 +#: sssd-ldap.5.xml:297 sssd-ldap.5.xml:929 msgid "Default: gidNumber" msgstr "Per defecte: gidNumber" @@ -4532,7 +4603,7 @@ msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:364 sssd-ldap.5.xml:946 +#: sssd-ldap.5.xml:364 sssd-ldap.5.xml:955 msgid "" "Default: not set in the general case, objectGUID for AD and ipaUniqueID for " "IPA" @@ -4551,7 +4622,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:379 sssd-ldap.5.xml:961 +#: sssd-ldap.5.xml:379 sssd-ldap.5.xml:970 msgid "Default: objectSid for ActiveDirectory, not set for other servers." msgstr "" @@ -4561,7 +4632,7 @@ msgid "ldap_user_modify_timestamp (string)" msgstr "ldap_user_modify_timestamp (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:389 sssd-ldap.5.xml:971 sssd-ldap.5.xml:1194 +#: sssd-ldap.5.xml:389 sssd-ldap.5.xml:980 sssd-ldap.5.xml:1203 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." @@ -4570,7 +4641,7 @@ msgstr "" "pare." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:393 sssd-ldap.5.xml:975 sssd-ldap.5.xml:1201 +#: sssd-ldap.5.xml:393 sssd-ldap.5.xml:984 sssd-ldap.5.xml:1210 msgid "Default: modifyTimestamp" msgstr "Per defecte: modifyTimestamp" @@ -4934,7 +5005,7 @@ msgid "The LDAP attribute that contains the user's SSH public keys." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:692 +#: sssd-ldap.5.xml:692 sssd-ldap.5.xml:1306 msgid "Default: sshPublicKey" msgstr "Per defecte: sshPublicKey" @@ -5004,8 +5075,8 @@ msgid "The LDAP attribute that corresponds to the user's full name." msgstr "L'atribut LDAP que correspon al nom complet de l'usuari." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:759 sssd-ldap.5.xml:1152 sssd-ldap.5.xml:1226 -#: sssd-ldap.5.xml:2276 sssd-ipa.5.xml:588 +#: sssd-ldap.5.xml:759 sssd-ldap.5.xml:1161 sssd-ldap.5.xml:1235 +#: sssd-ldap.5.xml:1344 sssd-ldap.5.xml:2394 sssd-ipa.5.xml:607 msgid "Default: cn" msgstr "Per defecte: cn" @@ -5020,7 +5091,7 @@ msgid "The LDAP attribute that lists the user's group memberships." msgstr "L'atribut LDAP que llista la pertanença a grups de l'usuari." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:772 +#: sssd-ldap.5.xml:772 sssd-ldap.5.xml:1274 msgid "Default: memberOf" msgstr "Per defecte: memberOf" @@ -5175,105 +5246,115 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:881 +msgid "" +"Note: If an email address of a user conflicts with an email address or fully " +"qualified name of another user, then SSSD will not be able to serve those " +"users properly. If for some reason several users need to share the same " +"email address then set this option to a nonexistent attribute name in order " +"to disable user lookup/login by email." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:890 msgid "Default: mail" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:887 +#: sssd-ldap.5.xml:896 msgid "ldap_group_object_class (string)" msgstr "ldap_group_object_class (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:890 +#: sssd-ldap.5.xml:899 msgid "The object class of a group entry in LDAP." msgstr "La classe d'objecte d'una entrada de grup a LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:893 +#: sssd-ldap.5.xml:902 msgid "Default: posixGroup" msgstr "Per defecte: posixGroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:899 +#: sssd-ldap.5.xml:908 msgid "ldap_group_name (string)" msgstr "ldap_group_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:902 +#: sssd-ldap.5.xml:911 msgid "The LDAP attribute that corresponds to the group name." msgstr "L'atribut LDAP que es correspon amb el nom del grup." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:906 +#: sssd-ldap.5.xml:915 msgid "Default: cn (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:913 +#: sssd-ldap.5.xml:922 msgid "ldap_group_gid_number (string)" msgstr "ldap_group_gid_number (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:916 +#: sssd-ldap.5.xml:925 msgid "The LDAP attribute that corresponds to the group's id." msgstr "L'atribut LDAP que correspon a l'identificador del grup." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:926 +#: sssd-ldap.5.xml:935 msgid "ldap_group_member (string)" msgstr "ldap_group_member (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:929 +#: sssd-ldap.5.xml:938 msgid "The LDAP attribute that contains the names of the group's members." msgstr "L'atribut LDAP que conté els noms dels membres del grup." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:933 +#: sssd-ldap.5.xml:942 msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" msgstr "Per defecte: memberuid (rfc2307) / member (rfc2307bis)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:939 +#: sssd-ldap.5.xml:948 msgid "ldap_group_uuid (string)" msgstr "ldap_group_uuid (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:942 +#: sssd-ldap.5.xml:951 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:953 +#: sssd-ldap.5.xml:962 msgid "ldap_group_objectsid (string)" msgstr "ldap_group_objectsid (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:956 +#: sssd-ldap.5.xml:965 msgid "" "The LDAP attribute that contains the objectSID of an LDAP group object. This " "is usually only necessary for ActiveDirectory servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:968 +#: sssd-ldap.5.xml:977 msgid "ldap_group_modify_timestamp (string)" msgstr "ldap_group_modify_timestamp (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:981 +#: sssd-ldap.5.xml:990 msgid "ldap_group_type (integer)" msgstr "ldap_group_type (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:984 +#: sssd-ldap.5.xml:993 msgid "" "The LDAP attribute that contains an integer value indicating the type of the " "group and maybe other flags." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:989 +#: sssd-ldap.5.xml:998 msgid "" "This attribute is currently only used by the AD provider to determine if a " "group is a domain local groups and has to be filtered out for trusted " @@ -5281,34 +5362,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:995 +#: sssd-ldap.5.xml:1004 msgid "Default: groupType in the AD provider, otherwise not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1002 +#: sssd-ldap.5.xml:1011 msgid "ldap_group_external_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1005 +#: sssd-ldap.5.xml:1014 msgid "" "The LDAP attribute that references group members that are defined in an " "external domain. At the moment, only IPA's external members are supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1011 +#: sssd-ldap.5.xml:1020 msgid "Default: ipaExternalMember in the IPA provider, otherwise unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1018 +#: sssd-ldap.5.xml:1027 msgid "ldap_group_nesting_level (integer)" msgstr "ldap_group_nesting_level (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1021 +#: sssd-ldap.5.xml:1030 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -5320,7 +5401,7 @@ msgstr "" "RFC2307." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1028 +#: sssd-ldap.5.xml:1037 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -5330,7 +5411,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1037 +#: sssd-ldap.5.xml:1046 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " @@ -5340,17 +5421,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1046 +#: sssd-ldap.5.xml:1055 msgid "Default: 2" msgstr "Per defecte: 2" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1052 +#: sssd-ldap.5.xml:1061 msgid "ldap_groups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1055 +#: sssd-ldap.5.xml:1064 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which may speed up group lookup operations on deployments with " @@ -5358,14 +5439,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1061 +#: sssd-ldap.5.xml:1070 msgid "" "In most common cases, it is best to leave this option disabled. It generally " "only provides a performance increase on very complex nestings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1066 sssd-ldap.5.xml:1093 +#: sssd-ldap.5.xml:1075 sssd-ldap.5.xml:1102 msgid "" "If this option is enabled, SSSD will use it if it detects that the server " "supports it during initial connection. So \"True\" here essentially means " @@ -5373,7 +5454,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1072 sssd-ldap.5.xml:1099 +#: sssd-ldap.5.xml:1081 sssd-ldap.5.xml:1108 msgid "" "Note: This feature is currently known to work only with Active Directory " "2008 R1 and later. See <ulink url=\"http://msdn.microsoft.com/en-us/library/" @@ -5382,12 +5463,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1084 +#: sssd-ldap.5.xml:1093 msgid "ldap_initgroups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1087 +#: sssd-ldap.5.xml:1096 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which might speed up initgroups operations (most notably when " @@ -5395,169 +5476,303 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1114 +#: sssd-ldap.5.xml:1123 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1119 +#: sssd-ldap.5.xml:1128 msgid "Default: True for AD and IPA otherwise False." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1125 +#: sssd-ldap.5.xml:1134 msgid "ldap_netgroup_object_class (string)" msgstr "ldap_netgroup_object_class (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1128 +#: sssd-ldap.5.xml:1137 msgid "The object class of a netgroup entry in LDAP." msgstr "La classe d'objecte d'una entrada de netgroup a LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1131 +#: sssd-ldap.5.xml:1140 msgid "In IPA provider, ipa_netgroup_object_class should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1135 +#: sssd-ldap.5.xml:1144 msgid "Default: nisNetgroup" msgstr "Per defecte: nisNetgroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1141 +#: sssd-ldap.5.xml:1150 msgid "ldap_netgroup_name (string)" msgstr "ldap_netgroup_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1144 +#: sssd-ldap.5.xml:1153 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "L'atribut LDAP que es correspon amb el nom del netgroup." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1148 +#: sssd-ldap.5.xml:1157 msgid "In IPA provider, ipa_netgroup_name should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1158 +#: sssd-ldap.5.xml:1167 msgid "ldap_netgroup_member (string)" msgstr "ldap_netgroup_member (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1161 +#: sssd-ldap.5.xml:1170 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "L'atribut LDAP que conté els noms dels membres del netgroup." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1165 +#: sssd-ldap.5.xml:1174 msgid "In IPA provider, ipa_netgroup_member should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1169 +#: sssd-ldap.5.xml:1178 msgid "Default: memberNisNetgroup" msgstr "Per defecte: memberNisNetgroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1175 +#: sssd-ldap.5.xml:1184 msgid "ldap_netgroup_triple (string)" msgstr "ldap_netgroup_triple (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1178 +#: sssd-ldap.5.xml:1187 msgid "" "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" "L'atribut LDAP que conté les tripletes netgroup (maquina, usuari, domini)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1182 sssd-ldap.5.xml:1198 +#: sssd-ldap.5.xml:1191 sssd-ldap.5.xml:1207 msgid "This option is not available in IPA provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1185 +#: sssd-ldap.5.xml:1194 msgid "Default: nisNetgroupTriple" msgstr "Per defecte: nisNetgroupTriple" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1191 +#: sssd-ldap.5.xml:1200 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "ldap_netgroup_modify_timestamp (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1207 -msgid "ldap_service_object_class (string)" -msgstr "ldap_service_object_class (cadena)" +#: sssd-ldap.5.xml:1216 +#, fuzzy +#| msgid "ldap_user_object_class (string)" +msgid "ldap_host_object_class (string)" +msgstr "ldap_user_object_class (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1210 -msgid "The object class of a service entry in LDAP." -msgstr "" +#: sssd-ldap.5.xml:1219 +#, fuzzy +#| msgid "The object class of a user entry in LDAP." +msgid "The object class of a host entry in LDAP." +msgstr "La classe d'objecte d'una entrada d'usuari a LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1213 +#: sssd-ldap.5.xml:1222 sssd-ldap.5.xml:1331 msgid "Default: ipService" msgstr "Per defecte: ipService" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1219 +#: sssd-ldap.5.xml:1228 +#, fuzzy +#| msgid "ad_hostname (string)" +msgid "ldap_host_name (string)" +msgstr "ad_hostname (cadena)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1231 sssd-ldap.5.xml:1257 +#, fuzzy +#| msgid "The LDAP attribute that corresponds to the group name." +msgid "The LDAP attribute that corresponds to the host's name." +msgstr "L'atribut LDAP que es correspon amb el nom del grup." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1241 +#, fuzzy +#| msgid "ldap_pwdlockout_dn (string)" +msgid "ldap_host_fqdn (string)" +msgstr "ldap_pwdlockout_dn (cadena)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1244 +#, fuzzy +#| msgid "The LDAP attribute that corresponds to the user's full name." +msgid "" +"The LDAP attribute that corresponds to the host's fully-qualified domain " +"name." +msgstr "L'atribut LDAP que correspon al nom complet de l'usuari." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1248 +#, fuzzy +#| msgid "Default: cn" +msgid "Default: fqdn" +msgstr "Per defecte: cn" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1254 +#, fuzzy +#| msgid "ldap_dns_service_name (string)" +msgid "ldap_host_serverhostname (string)" +msgstr "ldap_dns_service_name (cadena)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1261 +#, fuzzy +#| msgid "Default: sudoHost" +msgid "Default: serverHostname" +msgstr "Per defecte: sudoHost" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1267 +#, fuzzy +#| msgid "ldap_user_member_of (string)" +msgid "ldap_host_member_of (string)" +msgstr "ldap_user_member_of (cadena)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1270 +#, fuzzy +#| msgid "The LDAP attribute that lists the user's group memberships." +msgid "The LDAP attribute that lists the host's group memberships." +msgstr "L'atribut LDAP que llista la pertanença a grups de l'usuari." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1280 +#, fuzzy +#| msgid "ipa_host_search_base (string)" +msgid "ldap_host_search_base (string)" +msgstr "ipa_host_search_base (cadena)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1283 +msgid "Optional. Use the given string as search base for host objects." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1287 sssd-ipa.5.xml:359 sssd-ipa.5.xml:378 +#: sssd-ipa.5.xml:397 sssd-ipa.5.xml:416 +msgid "" +"See <quote>ldap_search_base</quote> for information about configuring " +"multiple search bases." +msgstr "" + +#. type: Content of: <listitem><para> +#: sssd-ldap.5.xml:1292 sssd-ipa.5.xml:364 include/ldap_search_bases.xml:27 +msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" +msgstr "Per defecte: el valor de <emphasis>ldap_search_base</emphasis>" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1299 +#, fuzzy +#| msgid "ldap_user_ssh_public_key (string)" +msgid "ldap_host_ssh_public_key (string)" +msgstr "ldap_user_ssh_public_key (cadena)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1302 +#, fuzzy +#| msgid "" +#| "The LDAP attribute that contains the path to the user's default shell." +msgid "The LDAP attribute that contains the host's SSH public keys." +msgstr "L'atribut LDAP que conté el camí al shell per defecte de l'usuari." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1312 +#, fuzzy +#| msgid "ldap_user_uuid (string)" +msgid "ldap_host_uuid (string)" +msgstr "ldap_user_uuid (cadena)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1315 +#, fuzzy +#| msgid "" +#| "The LDAP attribute that contains the name of the user's home directory." +msgid "The LDAP attribute that contains the UUID/GUID of an LDAP host object." +msgstr "L'atribut LDAP que conté el nom del directori inicial de l'usuari." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1325 +msgid "ldap_service_object_class (string)" +msgstr "ldap_service_object_class (cadena)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1328 +msgid "The object class of a service entry in LDAP." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1337 msgid "ldap_service_name (string)" msgstr "ldap_service_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1222 +#: sssd-ldap.5.xml:1340 msgid "" "The LDAP attribute that contains the name of service attributes and their " "aliases." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1232 +#: sssd-ldap.5.xml:1350 msgid "ldap_service_port (string)" msgstr "ldap_service_port (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1235 +#: sssd-ldap.5.xml:1353 msgid "The LDAP attribute that contains the port managed by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1239 +#: sssd-ldap.5.xml:1357 msgid "Default: ipServicePort" msgstr "Per defecte: ipServicePort" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1245 +#: sssd-ldap.5.xml:1363 msgid "ldap_service_proto (string)" msgstr "ldap_service_proto (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1248 +#: sssd-ldap.5.xml:1366 msgid "" "The LDAP attribute that contains the protocols understood by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1252 +#: sssd-ldap.5.xml:1370 msgid "Default: ipServiceProtocol" msgstr "Per defecte: ipServiceProtocol" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1258 +#: sssd-ldap.5.xml:1376 msgid "ldap_service_search_base (string)" msgstr "ldap_service_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1263 +#: sssd-ldap.5.xml:1381 msgid "ldap_search_timeout (integer)" msgstr "ldap_search_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1266 +#: sssd-ldap.5.xml:1384 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -5565,7 +5780,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1272 +#: sssd-ldap.5.xml:1390 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -5573,12 +5788,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1284 +#: sssd-ldap.5.xml:1402 msgid "ldap_enumeration_search_timeout (integer)" msgstr "ldap_enumeration_search_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1287 +#: sssd-ldap.5.xml:1405 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -5586,12 +5801,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1300 +#: sssd-ldap.5.xml:1418 msgid "ldap_network_timeout (integer)" msgstr "ldap_network_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1303 +#: sssd-ldap.5.xml:1421 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -5608,12 +5823,12 @@ msgstr "" "manvolnum></citerefentry> retorna en cas de cap activitat." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1326 +#: sssd-ldap.5.xml:1444 msgid "ldap_opt_timeout (integer)" msgstr "ldap_opt_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1329 +#: sssd-ldap.5.xml:1447 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -5622,12 +5837,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1344 +#: sssd-ldap.5.xml:1462 msgid "ldap_connection_expire_timeout (integer)" msgstr "ldap_connection_expire_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1347 +#: sssd-ldap.5.xml:1465 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -5636,34 +5851,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1355 sssd-ldap.5.xml:2433 +#: sssd-ldap.5.xml:1473 sssd-ldap.5.xml:2551 msgid "Default: 900 (15 minutes)" msgstr "Per defecte: 900 (15 minuts)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1361 +#: sssd-ldap.5.xml:1479 msgid "ldap_page_size (integer)" msgstr "ldap_page_size (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1364 +#: sssd-ldap.5.xml:1482 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1369 +#: sssd-ldap.5.xml:1487 msgid "Default: 1000" msgstr "Per defecte: 1000" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1375 +#: sssd-ldap.5.xml:1493 msgid "ldap_disable_paging (boolean)" msgstr "ldap_disable_paging (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1378 +#: sssd-ldap.5.xml:1496 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -5671,14 +5886,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1384 +#: sssd-ldap.5.xml:1502 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1390 +#: sssd-ldap.5.xml:1508 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -5686,17 +5901,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1402 +#: sssd-ldap.5.xml:1520 msgid "ldap_disable_range_retrieval (boolean)" msgstr "ldap_disable_range_retrieval (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1405 +#: sssd-ldap.5.xml:1523 msgid "Disable Active Directory range retrieval." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1408 +#: sssd-ldap.5.xml:1526 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -5706,12 +5921,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1423 +#: sssd-ldap.5.xml:1541 msgid "ldap_sasl_minssf (integer)" msgstr "ldap_sasl_minssf (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1426 +#: sssd-ldap.5.xml:1544 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -5719,17 +5934,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1432 +#: sssd-ldap.5.xml:1550 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1439 +#: sssd-ldap.5.xml:1557 msgid "ldap_deref_threshold (integer)" msgstr "ldap_deref_threshold (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1442 +#: sssd-ldap.5.xml:1560 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -5737,13 +5952,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1448 +#: sssd-ldap.5.xml:1566 msgid "" "You can turn off dereference lookups completely by setting the value to 0." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1452 +#: sssd-ldap.5.xml:1570 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -5752,7 +5967,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1460 +#: sssd-ldap.5.xml:1578 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -5760,12 +5975,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1473 +#: sssd-ldap.5.xml:1591 msgid "ldap_tls_reqcert (string)" msgstr "ldap_tls_reqcert (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1476 +#: sssd-ldap.5.xml:1594 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" @@ -5775,7 +5990,7 @@ msgstr "" "valors següents:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1482 +#: sssd-ldap.5.xml:1600 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." @@ -5784,7 +5999,7 @@ msgstr "" "certificat del servidor." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1486 +#: sssd-ldap.5.xml:1604 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5796,7 +6011,7 @@ msgstr "" "normalment." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1493 +#: sssd-ldap.5.xml:1611 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5807,7 +6022,7 @@ msgstr "" "proporciona un certificat dolent, immediatament s'acaba la sessió." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1499 +#: sssd-ldap.5.xml:1617 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -5818,22 +6033,22 @@ msgstr "" "immediatament s'acaba la sessió." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1505 +#: sssd-ldap.5.xml:1623 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "<emphasis>hard</emphasis> = Igual que <quote>demand</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1509 +#: sssd-ldap.5.xml:1627 msgid "Default: hard" msgstr "Per defecte: hard" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1515 +#: sssd-ldap.5.xml:1633 msgid "ldap_tls_cacert (string)" msgstr "ldap_tls_cacert (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1518 +#: sssd-ldap.5.xml:1636 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." @@ -5842,7 +6057,7 @@ msgstr "" "Certificació que reconeixerà l'<command>sssd</command>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1523 sssd-ldap.5.xml:1541 sssd-ldap.5.xml:1582 +#: sssd-ldap.5.xml:1641 sssd-ldap.5.xml:1659 sssd-ldap.5.xml:1700 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" @@ -5851,12 +6066,12 @@ msgstr "" "<filename>/etc/openldap/ldap.conf</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1530 +#: sssd-ldap.5.xml:1648 msgid "ldap_tls_cacertdir (string)" msgstr "ldap_tls_cacertdir (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1533 +#: sssd-ldap.5.xml:1651 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -5870,32 +6085,32 @@ msgstr "" "correctes." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1548 +#: sssd-ldap.5.xml:1666 msgid "ldap_tls_cert (string)" msgstr "ldap_tls_cert (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1551 +#: sssd-ldap.5.xml:1669 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1561 +#: sssd-ldap.5.xml:1679 msgid "ldap_tls_key (string)" msgstr "ldap_tls_key (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1564 +#: sssd-ldap.5.xml:1682 msgid "Specifies the file that contains the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1573 +#: sssd-ldap.5.xml:1691 msgid "ldap_tls_cipher_suite (string)" msgstr "ldap_tls_cipher_suite (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1576 +#: sssd-ldap.5.xml:1694 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -5903,12 +6118,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1589 +#: sssd-ldap.5.xml:1707 msgid "ldap_id_use_start_tls (boolean)" msgstr "ldap_id_use_start_tls (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1592 +#: sssd-ldap.5.xml:1710 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." @@ -5917,12 +6132,12 @@ msgstr "" "class=\"protocol\">tls</systemitem> per a protegir el canal." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1602 +#: sssd-ldap.5.xml:1720 msgid "ldap_id_mapping (boolean)" msgstr "ldap_id_mapping (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1605 +#: sssd-ldap.5.xml:1723 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -5930,17 +6145,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1611 +#: sssd-ldap.5.xml:1729 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1621 +#: sssd-ldap.5.xml:1739 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1624 +#: sssd-ldap.5.xml:1742 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -5951,17 +6166,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1636 +#: sssd-ldap.5.xml:1754 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1642 +#: sssd-ldap.5.xml:1760 msgid "ldap_sasl_mech (string)" msgstr "ldap_sasl_mech (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1645 +#: sssd-ldap.5.xml:1763 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI is tested and " "supported." @@ -5970,12 +6185,12 @@ msgstr "" "i suportat." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1655 +#: sssd-ldap.5.xml:1773 msgid "ldap_sasl_authid (string)" msgstr "ldap_sasl_authid (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1658 +#: sssd-ldap.5.xml:1776 msgid "" "Specify the SASL authorization id to use. When GSSAPI is used, this " "represents the Kerberos principal used for authentication to the directory. " @@ -5984,17 +6199,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1666 +#: sssd-ldap.5.xml:1784 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1672 +#: sssd-ldap.5.xml:1790 msgid "ldap_sasl_realm (string)" msgstr "ldap_sasl_realm (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1675 +#: sssd-ldap.5.xml:1793 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -6002,51 +6217,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1681 +#: sssd-ldap.5.xml:1799 msgid "Default: the value of krb5_realm." msgstr "Per defecte: el valor de krb5_realm." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1687 +#: sssd-ldap.5.xml:1805 msgid "ldap_sasl_canonicalize (boolean)" msgstr "ldap_sasl_canonicalize (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1690 +#: sssd-ldap.5.xml:1808 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1695 +#: sssd-ldap.5.xml:1813 msgid "Default: false;" msgstr "Per defecte: false;" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1701 +#: sssd-ldap.5.xml:1819 msgid "ldap_krb5_keytab (string)" msgstr "ldap_krb5_keytab (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1704 +#: sssd-ldap.5.xml:1822 msgid "Specify the keytab to use when using SASL/GSSAPI." msgstr "Especifica el fitxer keytab a utilitzar quan s'utilitza SASL/GSSAPI." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1707 +#: sssd-ldap.5.xml:1825 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" "Per defecte: Fitxer keytab de sistema, normalment <filename>/etc/krb5." "keytab</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1713 +#: sssd-ldap.5.xml:1831 msgid "ldap_krb5_init_creds (boolean)" msgstr "ldap_krb5_init_creds (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1716 +#: sssd-ldap.5.xml:1834 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -6057,27 +6272,27 @@ msgstr "" "seleccionat és GSSAPI." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1728 +#: sssd-ldap.5.xml:1846 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "ldap_krb5_ticket_lifetime (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1731 +#: sssd-ldap.5.xml:1849 msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." msgstr "Especifica el temps de vida en segons de la TGT si s'utilitza GSSAPI." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1735 sssd-ad.5.xml:914 +#: sssd-ldap.5.xml:1853 sssd-ad.5.xml:934 msgid "Default: 86400 (24 hours)" msgstr "Per defecte: 86400 (24 hores)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1741 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1859 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "krb5_server, krb5_backup_server (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1744 +#: sssd-ldap.5.xml:1862 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -6089,7 +6304,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1756 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1874 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -6100,7 +6315,7 @@ msgstr "" "retorna a _tcp si no se'n troba cap." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1761 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1879 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -6112,41 +6327,41 @@ msgstr "" "<quote>krb5_server</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1770 sssd-ipa.5.xml:432 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1888 sssd-ipa.5.xml:428 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "krb5_realm (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1773 +#: sssd-ldap.5.xml:1891 msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." msgstr "Especifica l'àmbit KERBEROS (per a l'autenticació SASL/GSSAPI)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1776 +#: sssd-ldap.5.xml:1894 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" "Per defecte: Paràmetres predeterminats del sistema, vegeu <filename>/etc/" "krb5.conf</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1782 sssd-krb5.5.xml:462 +#: sssd-ldap.5.xml:1900 sssd-krb5.5.xml:462 msgid "krb5_canonicalize (boolean)" msgstr "krb5_canonicalize (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1785 +#: sssd-ldap.5.xml:1903 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1797 sssd-krb5.5.xml:477 +#: sssd-ldap.5.xml:1915 sssd-krb5.5.xml:477 msgid "krb5_use_kdcinfo (boolean)" msgstr "krb5_use_kdcinfo (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1800 sssd-krb5.5.xml:480 +#: sssd-ldap.5.xml:1918 sssd-krb5.5.xml:480 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -6156,7 +6371,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1811 sssd-krb5.5.xml:491 +#: sssd-ldap.5.xml:1929 sssd-krb5.5.xml:491 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -6164,12 +6379,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1825 +#: sssd-ldap.5.xml:1943 msgid "ldap_pwd_policy (string)" msgstr "ldap_pwd_policy (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1828 +#: sssd-ldap.5.xml:1946 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" @@ -6178,7 +6393,7 @@ msgstr "" "costat del client. S'admeten els valors següents:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1833 +#: sssd-ldap.5.xml:1951 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." @@ -6187,7 +6402,7 @@ msgstr "" "opció no inhabilita les polítiques de contrasenya de servidor." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1838 +#: sssd-ldap.5.xml:1956 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -6195,7 +6410,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1844 +#: sssd-ldap.5.xml:1962 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -6207,25 +6422,25 @@ msgstr "" "contrasenya." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1853 +#: sssd-ldap.5.xml:1971 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1861 +#: sssd-ldap.5.xml:1979 msgid "ldap_referrals (boolean)" msgstr "ldap_referrals (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1864 +#: sssd-ldap.5.xml:1982 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" "Especifica si el seguiment automàtic del referenciador s'hauria d'habilitar." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1868 +#: sssd-ldap.5.xml:1986 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." @@ -6234,7 +6449,7 @@ msgstr "" "quan es compila amb la versió 2.4.13 o superiors d'OpenLDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1873 +#: sssd-ldap.5.xml:1991 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -6243,29 +6458,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1887 +#: sssd-ldap.5.xml:2005 msgid "ldap_dns_service_name (string)" msgstr "ldap_dns_service_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1890 +#: sssd-ldap.5.xml:2008 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" "Especifica el nom de servei per utilitzar quan està habilitada la detecció " "de serveis." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1894 +#: sssd-ldap.5.xml:2012 msgid "Default: ldap" msgstr "Per defecte: ldap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1900 +#: sssd-ldap.5.xml:2018 msgid "ldap_chpass_dns_service_name (string)" msgstr "ldap_chpass_dns_service_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1903 +#: sssd-ldap.5.xml:2021 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." @@ -6275,30 +6490,30 @@ msgstr "" "dels serveis." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1908 +#: sssd-ldap.5.xml:2026 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" "Defecte: no definit, és a dir, el descobriment de serveis està inhabilitat" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1914 +#: sssd-ldap.5.xml:2032 msgid "ldap_chpass_update_last_change (bool)" msgstr "ldap_chpass_update_last_change (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1917 +#: sssd-ldap.5.xml:2035 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1929 +#: sssd-ldap.5.xml:2047 msgid "ldap_access_filter (string)" msgstr "ldap_access_filter (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1932 +#: sssd-ldap.5.xml:2050 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -6314,12 +6529,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1952 +#: sssd-ldap.5.xml:2070 msgid "Example:" msgstr "Exemple:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1955 +#: sssd-ldap.5.xml:2073 #, no-wrap msgid "" "access_provider = ldap\n" @@ -6328,14 +6543,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1959 +#: sssd-ldap.5.xml:2077 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1964 +#: sssd-ldap.5.xml:2082 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -6344,17 +6559,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1972 sssd-ldap.5.xml:2029 +#: sssd-ldap.5.xml:2090 sssd-ldap.5.xml:2147 msgid "Default: Empty" msgstr "Per defecte: Buit" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1978 +#: sssd-ldap.5.xml:2096 msgid "ldap_account_expire_policy (string)" msgstr "ldap_account_expire_policy (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1981 +#: sssd-ldap.5.xml:2099 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." @@ -6363,7 +6578,7 @@ msgstr "" "d'atributs de control d'accés." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1985 +#: sssd-ldap.5.xml:2103 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -6375,12 +6590,12 @@ msgstr "" "contrasenya és correcta." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1992 +#: sssd-ldap.5.xml:2110 msgid "The following values are allowed:" msgstr "S'admeten els valors següents:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1995 +#: sssd-ldap.5.xml:2113 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." @@ -6389,7 +6604,7 @@ msgstr "" "determinar si el compte ha caducat." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2000 +#: sssd-ldap.5.xml:2118 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -6398,7 +6613,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2007 +#: sssd-ldap.5.xml:2125 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -6406,7 +6621,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2013 +#: sssd-ldap.5.xml:2131 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -6415,7 +6630,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2022 +#: sssd-ldap.5.xml:2140 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -6423,24 +6638,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2035 +#: sssd-ldap.5.xml:2153 msgid "ldap_access_order (string)" msgstr "ldap_access_order (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2038 +#: sssd-ldap.5.xml:2156 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" "Llista separada per comes d'opcions de control d'accés. Els valors permesos " "són:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2042 +#: sssd-ldap.5.xml:2160 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "<emphasis>filter</emphasis>: utilitza ldap_access_filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2045 +#: sssd-ldap.5.xml:2163 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6450,14 +6665,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2055 +#: sssd-ldap.5.xml:2173 msgid "" "<emphasis> Please note that this option is superseded by the <quote>ppolicy</" "quote> option and might be removed in a future release. </emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2062 +#: sssd-ldap.5.xml:2180 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6470,12 +6685,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2079 +#: sssd-ldap.5.xml:2197 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "<emphasis>expire</emphasis>: utilitza ldap_account_expire_policy" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2083 +#: sssd-ldap.5.xml:2201 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " @@ -6485,7 +6700,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2093 +#: sssd-ldap.5.xml:2211 msgid "" "The difference between these options is the action taken if user password is " "expired: pwd_expire_policy_reject - user is denied to log in, " @@ -6495,20 +6710,20 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2101 +#: sssd-ldap.5.xml:2219 msgid "" "Note If user password is expired no explicit message is prompted by SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2105 +#: sssd-ldap.5.xml:2223 msgid "" "Please note that 'access_provider = ldap' must be set for this feature to " "work. Also 'ldap_pwd_policy' must be set to an appropriate password policy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2110 +#: sssd-ldap.5.xml:2228 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" @@ -6517,12 +6732,12 @@ msgstr "" "authorizedService per determinar l'accés" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2115 +#: sssd-ldap.5.xml:2233 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2119 +#: sssd-ldap.5.xml:2237 #, fuzzy #| msgid "" #| "<emphasis>authorized_service</emphasis>: use the authorizedService " @@ -6535,19 +6750,19 @@ msgstr "" "authorizedService per determinar l'accés" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2123 +#: sssd-ldap.5.xml:2241 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control option" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2128 +#: sssd-ldap.5.xml:2246 msgid "Default: filter" msgstr "Per defecte: filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2131 +#: sssd-ldap.5.xml:2249 msgid "" "Please note that it is a configuration error if a value is used more than " "once." @@ -6556,12 +6771,12 @@ msgstr "" "s'utilitza més d'una vegada." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2138 +#: sssd-ldap.5.xml:2256 msgid "ldap_pwdlockout_dn (string)" msgstr "ldap_pwdlockout_dn (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2141 +#: sssd-ldap.5.xml:2259 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " @@ -6570,22 +6785,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2149 +#: sssd-ldap.5.xml:2267 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "Exemple: cn=ppolicy,ou=policies,dc=exemple,dc=com" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2152 +#: sssd-ldap.5.xml:2270 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "Per defecte: cn=ppolicy,ou=policies,$ldap_search_base" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2158 +#: sssd-ldap.5.xml:2276 msgid "ldap_deref (string)" msgstr "ldap_deref (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2161 +#: sssd-ldap.5.xml:2279 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" @@ -6594,13 +6809,13 @@ msgstr "" "es fa una cerca. S'admeten les opcions següents:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2166 +#: sssd-ldap.5.xml:2284 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" "<emphasis>never</emphasis>: les referències dels àlies mai són eliminades." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2170 +#: sssd-ldap.5.xml:2288 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." @@ -6610,7 +6825,7 @@ msgstr "" "de la cerca." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2175 +#: sssd-ldap.5.xml:2293 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." @@ -6619,7 +6834,7 @@ msgstr "" "només en localitzar l'objecte base de la cerca." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2180 +#: sssd-ldap.5.xml:2298 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." @@ -6628,7 +6843,7 @@ msgstr "" "en la recerca i en la localització de l'objecte base de la cerca." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2185 +#: sssd-ldap.5.xml:2303 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" @@ -6637,19 +6852,19 @@ msgstr "" "biblioteques de client LDAP)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2193 +#: sssd-ldap.5.xml:2311 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "ldap_rfc2307_fallback_to_local_users (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2196 +#: sssd-ldap.5.xml:2314 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2200 +#: sssd-ldap.5.xml:2318 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -6660,7 +6875,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2211 +#: sssd-ldap.5.xml:2329 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -6668,26 +6883,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2223 sssd-ifp.5.xml:136 +#: sssd-ldap.5.xml:2341 sssd-ifp.5.xml:136 #, fuzzy #| msgid "ldap_opt_timeout (integer)" msgid "wildcard_limit (integer)" msgstr "ldap_opt_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2226 +#: sssd-ldap.5.xml:2344 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2230 +#: sssd-ldap.5.xml:2348 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2234 +#: sssd-ldap.5.xml:2352 msgid "Default: 1000 (often the size of one page)" msgstr "" @@ -6708,12 +6923,12 @@ msgstr "" "\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2244 +#: sssd-ldap.5.xml:2362 msgid "SUDO OPTIONS" msgstr "OPCIONS DE SUDO" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2246 +#: sssd-ldap.5.xml:2364 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -6721,208 +6936,208 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2257 +#: sssd-ldap.5.xml:2375 msgid "ldap_sudorule_object_class (string)" msgstr "ldap_sudorule_object_class (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2260 +#: sssd-ldap.5.xml:2378 msgid "The object class of a sudo rule entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2263 +#: sssd-ldap.5.xml:2381 msgid "Default: sudoRole" msgstr "Per defecte: sudoRole" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2269 +#: sssd-ldap.5.xml:2387 msgid "ldap_sudorule_name (string)" msgstr "ldap_sudorule_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2272 +#: sssd-ldap.5.xml:2390 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2282 +#: sssd-ldap.5.xml:2400 msgid "ldap_sudorule_command (string)" msgstr "ldap_sudorule_command (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2285 +#: sssd-ldap.5.xml:2403 msgid "The LDAP attribute that corresponds to the command name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2289 +#: sssd-ldap.5.xml:2407 msgid "Default: sudoCommand" msgstr "Per defecte: sudoCommand" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2295 +#: sssd-ldap.5.xml:2413 msgid "ldap_sudorule_host (string)" msgstr "ldap_sudorule_host (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2298 +#: sssd-ldap.5.xml:2416 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2303 +#: sssd-ldap.5.xml:2421 msgid "Default: sudoHost" msgstr "Per defecte: sudoHost" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2309 +#: sssd-ldap.5.xml:2427 msgid "ldap_sudorule_user (string)" msgstr "ldap_sudorule_user (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2312 +#: sssd-ldap.5.xml:2430 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2316 +#: sssd-ldap.5.xml:2434 msgid "Default: sudoUser" msgstr "Per defecte: sudoUser" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2322 +#: sssd-ldap.5.xml:2440 msgid "ldap_sudorule_option (string)" msgstr "ldap_sudorule_option (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2325 +#: sssd-ldap.5.xml:2443 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2329 +#: sssd-ldap.5.xml:2447 msgid "Default: sudoOption" msgstr "Per defecte: sudoOption" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2335 +#: sssd-ldap.5.xml:2453 msgid "ldap_sudorule_runasuser (string)" msgstr "ldap_sudorule_runasuser (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2338 +#: sssd-ldap.5.xml:2456 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2342 +#: sssd-ldap.5.xml:2460 msgid "Default: sudoRunAsUser" msgstr "Per defecte: sudoRunAsUser" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2348 +#: sssd-ldap.5.xml:2466 msgid "ldap_sudorule_runasgroup (string)" msgstr "ldap_sudorule_runasgroup (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2351 +#: sssd-ldap.5.xml:2469 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2355 +#: sssd-ldap.5.xml:2473 msgid "Default: sudoRunAsGroup" msgstr "Per defecte: sudoRunAsGroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2361 +#: sssd-ldap.5.xml:2479 msgid "ldap_sudorule_notbefore (string)" msgstr "ldap_sudorule_notbefore (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2364 +#: sssd-ldap.5.xml:2482 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2368 +#: sssd-ldap.5.xml:2486 msgid "Default: sudoNotBefore" msgstr "Per defecte: sudoNotBefore" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2374 +#: sssd-ldap.5.xml:2492 msgid "ldap_sudorule_notafter (string)" msgstr "ldap_sudorule_notafter (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2377 +#: sssd-ldap.5.xml:2495 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2382 +#: sssd-ldap.5.xml:2500 msgid "Default: sudoNotAfter" msgstr "Per defecte: sudoNotAfter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2388 +#: sssd-ldap.5.xml:2506 msgid "ldap_sudorule_order (string)" msgstr "ldap_sudorule_order (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2391 +#: sssd-ldap.5.xml:2509 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2395 +#: sssd-ldap.5.xml:2513 msgid "Default: sudoOrder" msgstr "Per defecte: sudoOrder" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2401 +#: sssd-ldap.5.xml:2519 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "ldap_sudo_full_refresh_interval (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2404 +#: sssd-ldap.5.xml:2522 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2409 +#: sssd-ldap.5.xml:2527 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2414 +#: sssd-ldap.5.xml:2532 msgid "Default: 21600 (6 hours)" msgstr "Per defecte: 21600 (6 hores)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2420 +#: sssd-ldap.5.xml:2538 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "ldap_sudo_smart_refresh_interval (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2423 +#: sssd-ldap.5.xml:2541 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest USN " @@ -6930,101 +7145,101 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2429 +#: sssd-ldap.5.xml:2547 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2439 +#: sssd-ldap.5.xml:2557 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "ldap_sudo_use_host_filter (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2442 +#: sssd-ldap.5.xml:2560 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2453 +#: sssd-ldap.5.xml:2571 msgid "ldap_sudo_hostnames (string)" msgstr "ldap_sudo_hostnames (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2456 +#: sssd-ldap.5.xml:2574 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2461 +#: sssd-ldap.5.xml:2579 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2466 sssd-ldap.5.xml:2489 sssd-ldap.5.xml:2507 -#: sssd-ldap.5.xml:2525 +#: sssd-ldap.5.xml:2584 sssd-ldap.5.xml:2607 sssd-ldap.5.xml:2625 +#: sssd-ldap.5.xml:2643 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2471 sssd-ldap.5.xml:2494 +#: sssd-ldap.5.xml:2589 sssd-ldap.5.xml:2612 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2477 +#: sssd-ldap.5.xml:2595 msgid "ldap_sudo_ip (string)" msgstr "ldap_sudo_ip (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2480 +#: sssd-ldap.5.xml:2598 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2485 +#: sssd-ldap.5.xml:2603 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2500 +#: sssd-ldap.5.xml:2618 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "ldap_sudo_include_netgroups (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2503 +#: sssd-ldap.5.xml:2621 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2518 +#: sssd-ldap.5.xml:2636 msgid "ldap_sudo_include_regexp (boolean)" msgstr "ldap_sudo_include_regexp (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2521 +#: sssd-ldap.5.xml:2639 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2537 +#: sssd-ldap.5.xml:2655 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -7033,111 +7248,111 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2547 +#: sssd-ldap.5.xml:2665 msgid "AUTOFS OPTIONS" msgstr "OPCIONS D'AUTOFS" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2549 +#: sssd-ldap.5.xml:2667 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2555 +#: sssd-ldap.5.xml:2673 msgid "ldap_autofs_map_master_name (string)" msgstr "ldap_autofs_map_master_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2558 +#: sssd-ldap.5.xml:2676 msgid "The name of the automount master map in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2561 +#: sssd-ldap.5.xml:2679 msgid "Default: auto.master" msgstr "Per defecte: auto.master" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2568 +#: sssd-ldap.5.xml:2686 msgid "ldap_autofs_map_object_class (string)" msgstr "ldap_autofs_map_object_class (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2571 +#: sssd-ldap.5.xml:2689 msgid "The object class of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2574 +#: sssd-ldap.5.xml:2692 msgid "Default: nisMap (rfc2307, autofs_provider=ad), otherwise automountMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2582 +#: sssd-ldap.5.xml:2700 msgid "ldap_autofs_map_name (string)" msgstr "ldap_autofs_map_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2585 +#: sssd-ldap.5.xml:2703 msgid "The name of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2588 +#: sssd-ldap.5.xml:2706 msgid "" "Default: nisMapName (rfc2307, autofs_provider=ad), otherwise automountMapName" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2596 +#: sssd-ldap.5.xml:2714 msgid "ldap_autofs_entry_object_class (string)" msgstr "ldap_autofs_entry_object_class (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2599 +#: sssd-ldap.5.xml:2717 msgid "" "The object class of an automount entry in LDAP. The entry usually " "corresponds to a mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2604 +#: sssd-ldap.5.xml:2722 msgid "Default: nisObject (rfc2307, autofs_provider=ad), otherwise automount" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2612 +#: sssd-ldap.5.xml:2730 msgid "ldap_autofs_entry_key (string)" msgstr "ldap_autofs_entry_key (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2615 sssd-ldap.5.xml:2630 +#: sssd-ldap.5.xml:2733 sssd-ldap.5.xml:2748 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2619 +#: sssd-ldap.5.xml:2737 msgid "Default: cn (rfc2307, autofs_provider=ad), otherwise automountKey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2627 +#: sssd-ldap.5.xml:2745 msgid "ldap_autofs_entry_value (string)" msgstr "ldap_autofs_entry_value (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2634 +#: sssd-ldap.5.xml:2752 msgid "" "Default: nisMapEntry (rfc2307, autofs_provider=ad), otherwise " "automountInformation" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2553 +#: sssd-ldap.5.xml:2671 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " @@ -7146,32 +7361,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2645 +#: sssd-ldap.5.xml:2763 msgid "ADVANCED OPTIONS" msgstr "OPCIONS AVANÇADES" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2652 +#: sssd-ldap.5.xml:2770 msgid "ldap_netgroup_search_base (string)" msgstr "ldap_netgroup_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2657 +#: sssd-ldap.5.xml:2775 msgid "ldap_user_search_base (string)" msgstr "ldap_user_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2662 +#: sssd-ldap.5.xml:2780 msgid "ldap_group_search_base (string)" msgstr "ldap_group_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> -#: sssd-ldap.5.xml:2667 +#: sssd-ldap.5.xml:2785 msgid "<note>" msgstr "<note>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> -#: sssd-ldap.5.xml:2669 +#: sssd-ldap.5.xml:2787 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " @@ -7180,22 +7395,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist> -#: sssd-ldap.5.xml:2676 +#: sssd-ldap.5.xml:2794 msgid "</note>" msgstr "</note>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2678 +#: sssd-ldap.5.xml:2796 msgid "ldap_sudo_search_base (string)" msgstr "ldap_sudo_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2683 +#: sssd-ldap.5.xml:2801 msgid "ldap_autofs_search_base (string)" msgstr "ldap_autofs_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2647 +#: sssd-ldap.5.xml:2765 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -7204,14 +7419,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2698 sssd-simple.5.xml:131 sssd-ipa.5.xml:717 -#: sssd-ad.5.xml:1018 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 +#: sssd-ldap.5.xml:2816 sssd-simple.5.xml:131 sssd-ipa.5.xml:736 +#: sssd-ad.5.xml:1038 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 #: sssd-files.5.xml:71 sssd-session-recording.5.xml:144 msgid "EXAMPLE" msgstr "EXEMPLE" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2700 +#: sssd-ldap.5.xml:2818 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -7222,7 +7437,7 @@ msgstr "" "replaceable>." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2706 +#: sssd-ldap.5.xml:2824 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -7235,27 +7450,27 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2705 sssd-ldap.5.xml:2723 sssd-simple.5.xml:139 -#: sssd-ipa.5.xml:725 sssd-ad.5.xml:1026 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 +#: sssd-ldap.5.xml:2823 sssd-ldap.5.xml:2841 sssd-simple.5.xml:139 +#: sssd-ipa.5.xml:744 sssd-ad.5.xml:1046 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 #: sssd-files.5.xml:78 sssd-session-recording.5.xml:150 #: include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "<placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2717 +#: sssd-ldap.5.xml:2835 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2719 +#: sssd-ldap.5.xml:2837 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2724 +#: sssd-ldap.5.xml:2842 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -7271,13 +7486,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2739 sssd_krb5_locator_plugin.8.xml:61 sssd-simple.5.xml:148 -#: sssd-ad.5.xml:1041 sssd.8.xml:195 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2857 sssd_krb5_locator_plugin.8.xml:61 sssd-simple.5.xml:148 +#: sssd-ad.5.xml:1061 sssd.8.xml:230 sss_seed.8.xml:163 msgid "NOTES" msgstr "NOTES" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2741 +#: sssd-ldap.5.xml:2859 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -7764,7 +7979,7 @@ msgstr "" "s'avaluen els grups locals." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:70 sssd-ipa.5.xml:76 sssd-ad.5.xml:100 +#: sssd-simple.5.xml:70 sssd-ipa.5.xml:82 sssd-ad.5.xml:113 msgid "" "Refer to the section <quote>DOMAIN SECTIONS</quote> of the <citerefentry> " "<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" @@ -8634,7 +8849,7 @@ msgstr "" #: sss-certmap.5.xml:577 msgid "" "This template will add the OID which is stored in the registeredID component " -"of the SAN as as dotted-decimal string." +"of the SAN as a dotted-decimal string." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> @@ -8736,18 +8951,26 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:67 msgid "" +"If <quote>auth_provider=ipa</quote> or <quote>access_provider=ipa</quote> is " +"configured in sssd.conf then the id_provider must also be set to <quote>ipa</" +"quote>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:73 +msgid "" "The IPA provider will use the PAC responder if the Kerberos tickets of users " "from trusted realms contain a PAC. To make configuration easier the PAC " "responder is started automatically if the IPA ID provider is configured." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:83 +#: sssd-ipa.5.xml:89 msgid "ipa_domain (string)" msgstr "ipa_domain (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:86 +#: sssd-ipa.5.xml:92 msgid "" "Specifies the name of the IPA domain. This is optional. If not provided, " "the configuration domain name is used." @@ -8756,12 +8979,12 @@ msgstr "" "s'utilitza el nom de domini de la configuració." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:94 +#: sssd-ipa.5.xml:100 msgid "ipa_server, ipa_backup_server (string)" msgstr "ipa_server, ipa_backup_server (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:97 +#: sssd-ipa.5.xml:103 msgid "" "The comma-separated list of IP addresses or hostnames of the IPA servers to " "which SSSD should connect in the order of preference. For more information " @@ -8771,12 +8994,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:110 +#: sssd-ipa.5.xml:116 msgid "ipa_hostname (string)" msgstr "ipa_hostname (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:113 +#: sssd-ipa.5.xml:119 #, fuzzy #| msgid "" #| "Optional. May be set on machines where the hostname(5) does not reflect " @@ -8790,12 +9013,12 @@ msgstr "" "complet utilitzat en el domini d'IPA per identificar aquest amfitrió." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:122 sssd-ad.5.xml:843 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:863 msgid "dyndns_update (boolean)" msgstr "dyndns_update (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:125 +#: sssd-ipa.5.xml:131 msgid "" "Optional. This option tells SSSD to automatically update the DNS server " "built into FreeIPA with the IP address of this client. The update is secured " @@ -8805,14 +9028,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:134 sssd-ad.5.xml:857 +#: sssd-ipa.5.xml:140 sssd-ad.5.xml:877 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:139 +#: sssd-ipa.5.xml:145 msgid "" "NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_update</" "emphasis> option, users should migrate to using <emphasis>dyndns_update</" @@ -8820,12 +9043,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:151 sssd-ad.5.xml:868 +#: sssd-ipa.5.xml:157 sssd-ad.5.xml:888 msgid "dyndns_ttl (integer)" msgstr "dyndns_ttl (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:154 sssd-ad.5.xml:871 +#: sssd-ipa.5.xml:160 sssd-ad.5.xml:891 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -8833,7 +9056,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:159 +#: sssd-ipa.5.xml:165 msgid "" "NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_ttl</" "emphasis> option, users should migrate to using <emphasis>dyndns_ttl</" @@ -8841,17 +9064,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:165 +#: sssd-ipa.5.xml:171 msgid "Default: 1200 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:171 sssd-ad.5.xml:882 +#: sssd-ipa.5.xml:177 sssd-ad.5.xml:902 msgid "dyndns_iface (string)" msgstr "dyndns_iface (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:174 sssd-ad.5.xml:885 +#: sssd-ipa.5.xml:180 sssd-ad.5.xml:905 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " @@ -8860,7 +9083,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:181 +#: sssd-ipa.5.xml:187 msgid "" "NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_iface</" "emphasis> option, users should migrate to using <emphasis>dyndns_iface</" @@ -8868,24 +9091,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:187 +#: sssd-ipa.5.xml:193 msgid "" "Default: Use the IP addresses of the interface which is used for IPA LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:191 sssd-ad.5.xml:896 +#: sssd-ipa.5.xml:197 sssd-ad.5.xml:916 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:197 sssd-ad.5.xml:947 +#: sssd-ipa.5.xml:203 sssd-ad.5.xml:967 msgid "dyndns_auth (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:200 sssd-ad.5.xml:950 +#: sssd-ipa.5.xml:206 sssd-ad.5.xml:970 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " @@ -8893,22 +9116,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:206 sssd-ad.5.xml:956 +#: sssd-ipa.5.xml:212 sssd-ad.5.xml:976 msgid "Default: GSS-TSIG" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:212 +#: sssd-ipa.5.xml:218 msgid "ipa_enable_dns_sites (boolean)" msgstr "ipa_enable_dns_sites (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:215 sssd-ad.5.xml:197 +#: sssd-ipa.5.xml:221 sssd-ad.5.xml:210 msgid "Enables DNS sites - location based service discovery." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:219 +#: sssd-ipa.5.xml:225 msgid "" "If true and service discovery (see Service Discovery paragraph at the bottom " "of the man page) is enabled, then the SSSD will first attempt location " @@ -8920,12 +9143,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:238 sssd-ad.5.xml:902 +#: sssd-ipa.5.xml:244 sssd-ad.5.xml:922 msgid "dyndns_refresh_interval (integer)" msgstr "dyndns_refresh_interval (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:241 +#: sssd-ipa.5.xml:247 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -8933,232 +9156,219 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:254 sssd-ad.5.xml:920 +#: sssd-ipa.5.xml:260 sssd-ad.5.xml:940 msgid "dyndns_update_ptr (bool)" msgstr "dyndns_update_ptr (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:257 sssd-ad.5.xml:923 +#: sssd-ipa.5.xml:263 sssd-ad.5.xml:943 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:262 +#: sssd-ipa.5.xml:268 msgid "" "This option should be False in most IPA deployments as the IPA server " "generates the PTR records automatically when forward records are changed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:268 +#: sssd-ipa.5.xml:274 msgid "Default: False (disabled)" msgstr "Per defecte: False (inhabilitat)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:274 sssd-ad.5.xml:934 +#: sssd-ipa.5.xml:280 sssd-ad.5.xml:954 msgid "dyndns_force_tcp (bool)" msgstr "dyndns_force_tcp (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:277 sssd-ad.5.xml:937 +#: sssd-ipa.5.xml:283 sssd-ad.5.xml:957 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:281 sssd-ad.5.xml:941 +#: sssd-ipa.5.xml:287 sssd-ad.5.xml:961 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:287 sssd-ad.5.xml:962 +#: sssd-ipa.5.xml:293 sssd-ad.5.xml:982 msgid "dyndns_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:290 sssd-ad.5.xml:965 +#: sssd-ipa.5.xml:296 sssd-ad.5.xml:985 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:295 sssd-ad.5.xml:970 +#: sssd-ipa.5.xml:301 sssd-ad.5.xml:990 msgid "" "Setting this option makes sense for environments where the DNS server is " "different from the identity server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:300 sssd-ad.5.xml:975 +#: sssd-ipa.5.xml:306 sssd-ad.5.xml:995 msgid "" "Please note that this option will be only used in fallback attempt when " "previous attempt using autodetected settings failed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:305 sssd-ad.5.xml:980 +#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1000 msgid "Default: None (let nsupdate choose the server)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:311 +#: sssd-ipa.5.xml:317 #, fuzzy #| msgid "ipa_views_search_base (string)" msgid "ipa_deskprofile_search_base (string)" msgstr "ipa_views_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:314 +#: sssd-ipa.5.xml:320 msgid "" "Optional. Use the given string as search base for Desktop Profile related " "objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:318 sssd-ipa.5.xml:331 +#: sssd-ipa.5.xml:324 sssd-ipa.5.xml:337 msgid "Default: Use base DN" msgstr "Per defecte: Utilitza el DN base" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:324 +#: sssd-ipa.5.xml:330 msgid "ipa_hbac_search_base (string)" msgstr "ipa_hbac_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:327 +#: sssd-ipa.5.xml:333 msgid "Optional. Use the given string as search base for HBAC related objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:337 +#: sssd-ipa.5.xml:343 msgid "ipa_host_search_base (string)" msgstr "ipa_host_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:340 -msgid "Optional. Use the given string as search base for host objects." +#: sssd-ipa.5.xml:346 +msgid "Deprecated. Use ldap_host_search_base instead." msgstr "" -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:344 sssd-ipa.5.xml:363 sssd-ipa.5.xml:382 sssd-ipa.5.xml:401 -#: sssd-ipa.5.xml:420 -msgid "" -"See <quote>ldap_search_base</quote> for information about configuring " -"multiple search bases." -msgstr "" - -#. type: Content of: <listitem><para> -#: sssd-ipa.5.xml:349 sssd-ipa.5.xml:368 include/ldap_search_bases.xml:27 -msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" -msgstr "Per defecte: el valor de <emphasis>ldap_search_base</emphasis>" - #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:356 +#: sssd-ipa.5.xml:352 msgid "ipa_selinux_search_base (string)" msgstr "ipa_selinux_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:359 +#: sssd-ipa.5.xml:355 msgid "Optional. Use the given string as search base for SELinux user maps." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:375 +#: sssd-ipa.5.xml:371 msgid "ipa_subdomains_search_base (string)" msgstr "ipa_subdomains_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:378 +#: sssd-ipa.5.xml:374 msgid "Optional. Use the given string as search base for trusted domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:387 +#: sssd-ipa.5.xml:383 msgid "Default: the value of <emphasis>cn=trusts,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:394 +#: sssd-ipa.5.xml:390 msgid "ipa_master_domain_search_base (string)" msgstr "ipa_master_domain_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:397 +#: sssd-ipa.5.xml:393 msgid "Optional. Use the given string as search base for master domain object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:406 +#: sssd-ipa.5.xml:402 msgid "Default: the value of <emphasis>cn=ad,cn=etc,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:413 +#: sssd-ipa.5.xml:409 msgid "ipa_views_search_base (string)" msgstr "ipa_views_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:416 +#: sssd-ipa.5.xml:412 msgid "Optional. Use the given string as search base for views containers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:425 +#: sssd-ipa.5.xml:421 msgid "Default: the value of <emphasis>cn=views,cn=accounts,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:435 +#: sssd-ipa.5.xml:431 msgid "" "The name of the Kerberos realm. This is optional and defaults to the value " "of <quote>ipa_domain</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:439 +#: sssd-ipa.5.xml:435 msgid "" "The name of the Kerberos realm has a special meaning in IPA - it is " "converted into the base DN to use for performing LDAP operations." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:447 sssd-ad.5.xml:989 +#: sssd-ipa.5.xml:443 sssd-ad.5.xml:1009 msgid "krb5_confd_path (string)" msgstr "krb5_confd_path (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:450 sssd-ad.5.xml:992 +#: sssd-ipa.5.xml:446 sssd-ad.5.xml:1012 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:454 sssd-ad.5.xml:996 +#: sssd-ipa.5.xml:450 sssd-ad.5.xml:1016 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:458 sssd-ad.5.xml:1000 +#: sssd-ipa.5.xml:454 sssd-ad.5.xml:1020 msgid "" "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:465 +#: sssd-ipa.5.xml:461 #, fuzzy #| msgid "ipa_hbac_refresh (integer)" msgid "ipa_deskprofile_refresh (integer)" msgstr "ipa_hbac_refresh (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:468 +#: sssd-ipa.5.xml:464 msgid "" "The amount of time between lookups of the Desktop Profile rules against the " "IPA server. This will reduce the latency and load on the IPA server if there " @@ -9166,38 +9376,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:475 sssd-ipa.5.xml:505 sssd-ipa.5.xml:521 sssd-ad.5.xml:408 +#: sssd-ipa.5.xml:471 sssd-ipa.5.xml:501 sssd-ipa.5.xml:517 sssd-ad.5.xml:428 msgid "Default: 5 (seconds)" msgstr "Per defecte: 5 (segons)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:481 +#: sssd-ipa.5.xml:477 #, fuzzy #| msgid "ldap_sudo_full_refresh_interval (integer)" msgid "ipa_deskprofile_request_interval (integer)" msgstr "ldap_sudo_full_refresh_interval (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:484 +#: sssd-ipa.5.xml:480 msgid "" "The amount of time between lookups of the Desktop Profile rules against the " "IPA server in case the last request did not return any rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:489 +#: sssd-ipa.5.xml:485 #, fuzzy #| msgid "Default: 900 (15 minutes)" msgid "Default: 60 (minutes)" msgstr "Per defecte: 900 (15 minuts)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:495 +#: sssd-ipa.5.xml:491 msgid "ipa_hbac_refresh (integer)" msgstr "ipa_hbac_refresh (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:498 +#: sssd-ipa.5.xml:494 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server. " "This will reduce the latency and load on the IPA server if there are many " @@ -9205,12 +9415,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:511 +#: sssd-ipa.5.xml:507 msgid "ipa_hbac_selinux (integer)" msgstr "ipa_hbac_selinux (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:514 +#: sssd-ipa.5.xml:510 msgid "" "The amount of time between lookups of the SELinux maps against the IPA " "server. This will reduce the latency and load on the IPA server if there are " @@ -9218,192 +9428,214 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:527 +#: sssd-ipa.5.xml:523 msgid "ipa_server_mode (boolean)" msgstr "ipa_server_mode (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:530 +#: sssd-ipa.5.xml:526 msgid "" "This option will be set by the IPA installer (ipa-server-install) " "automatically and denotes if SSSD is running on an IPA server or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:535 +#: sssd-ipa.5.xml:531 msgid "" "On an IPA server SSSD will lookup users and groups from trusted domains " "directly while on a client it will ask an IPA server." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:536 +msgid "" +"NOTE: There are currently some assumptions that must be met when SSSD is " +"running on an IPA server." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ipa.5.xml:541 +msgid "" +"The <quote>ipa_server</quote> option must be configured to point to the IPA " +"server itself. This is already the default set by the IPA installer, so no " +"manual change is required." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ipa.5.xml:550 +msgid "" +"The <quote>full_name_format</quote> option must not be tweaked to only print " +"short names for users from trusted domains." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:546 +#: sssd-ipa.5.xml:565 msgid "ipa_automount_location (string)" msgstr "ipa_automount_location (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:549 +#: sssd-ipa.5.xml:568 msgid "The automounter location this IPA client will be using" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:552 +#: sssd-ipa.5.xml:571 msgid "Default: The location named \"default\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:560 +#: sssd-ipa.5.xml:579 msgid "VIEWS AND OVERRIDES" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:569 +#: sssd-ipa.5.xml:588 msgid "ipa_view_class (string)" msgstr "ipa_view_class (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:572 +#: sssd-ipa.5.xml:591 msgid "Objectclass of the view container." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:575 +#: sssd-ipa.5.xml:594 msgid "Default: nsContainer" msgstr "Per defecte: nsContainer" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:581 +#: sssd-ipa.5.xml:600 msgid "ipa_view_name (string)" msgstr "ipa_view_name (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:584 +#: sssd-ipa.5.xml:603 msgid "Name of the attribute holding the name of the view." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:594 +#: sssd-ipa.5.xml:613 msgid "ipa_override_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:597 +#: sssd-ipa.5.xml:616 msgid "Objectclass of the override objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:600 +#: sssd-ipa.5.xml:619 msgid "Default: ipaOverrideAnchor" msgstr "Per defecte: ipaOverrideAnchor" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:606 +#: sssd-ipa.5.xml:625 msgid "ipa_anchor_uuid (string)" msgstr "ipa_anchor_uuid (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:609 +#: sssd-ipa.5.xml:628 msgid "" "Name of the attribute containing the reference to the original object in a " "remote domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:613 +#: sssd-ipa.5.xml:632 msgid "Default: ipaAnchorUUID" msgstr "Per defecte: ipaAnchorUUID" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:619 +#: sssd-ipa.5.xml:638 msgid "ipa_user_override_object_class (string)" msgstr "ipa_user_override_object_class (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:622 +#: sssd-ipa.5.xml:641 msgid "" "Name of the objectclass for user overrides. It is used to determine if the " "found override object is related to a user or a group." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:627 +#: sssd-ipa.5.xml:646 msgid "User overrides can contain attributes given by" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:630 +#: sssd-ipa.5.xml:649 msgid "ldap_user_name" msgstr "ldap_user_name" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:633 +#: sssd-ipa.5.xml:652 msgid "ldap_user_uid_number" msgstr "ldap_user_uid_number" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:636 +#: sssd-ipa.5.xml:655 msgid "ldap_user_gid_number" msgstr "ldap_user_gid_number" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:639 +#: sssd-ipa.5.xml:658 msgid "ldap_user_gecos" msgstr "ldap_user_gecos" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:642 +#: sssd-ipa.5.xml:661 msgid "ldap_user_home_directory" msgstr "ldap_user_home_directory" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:645 +#: sssd-ipa.5.xml:664 msgid "ldap_user_shell" msgstr "ldap_user_shell" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:648 +#: sssd-ipa.5.xml:667 msgid "ldap_user_ssh_public_key" msgstr "ldap_user_ssh_public_key" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:653 +#: sssd-ipa.5.xml:672 msgid "Default: ipaUserOverride" msgstr "Per defecte: ipaUserOverride" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:659 +#: sssd-ipa.5.xml:678 msgid "ipa_group_override_object_class (string)" msgstr "ipa_group_override_object_class (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:662 +#: sssd-ipa.5.xml:681 msgid "" "Name of the objectclass for group overrides. It is used to determine if the " "found override object is related to a user or a group." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:667 +#: sssd-ipa.5.xml:686 msgid "Group overrides can contain attributes given by" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:670 +#: sssd-ipa.5.xml:689 msgid "ldap_group_name" msgstr "ldap_group_name" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:673 +#: sssd-ipa.5.xml:692 msgid "ldap_group_gid_number" msgstr "ldap_group_gid_number" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:678 +#: sssd-ipa.5.xml:697 msgid "Default: ipaGroupOverride" msgstr "Per defecte: ipaGroupOverride" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:562 +#: sssd-ipa.5.xml:581 msgid "" "SSSD can handle views and overrides which are offered by FreeIPA 4.1 and " "later version. Since all paths and objectclasses are fixed on the server " @@ -9413,19 +9645,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ipa.5.xml:690 +#: sssd-ipa.5.xml:709 msgid "SUBDOMAINS PROVIDER" msgstr "PROVEÏDOR DELS SUBDOMINIS" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:692 +#: sssd-ipa.5.xml:711 msgid "" "The IPA subdomains provider behaves slightly differently if it is configured " "explicitly or implicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:696 +#: sssd-ipa.5.xml:715 msgid "" "If the option 'subdomains_provider = ipa' is found in the domain section of " "sssd.conf, the IPA subdomains provider is configured explicitly, and all " @@ -9433,7 +9665,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:702 +#: sssd-ipa.5.xml:721 msgid "" "If the option 'subdomains_provider' is not set in the domain section of sssd." "conf but there is the option 'id_provider = ipa', the IPA subdomains " @@ -9445,7 +9677,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:719 +#: sssd-ipa.5.xml:738 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -9457,7 +9689,7 @@ msgstr "" "específiques del proveïdor IPA." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:726 +#: sssd-ipa.5.xml:745 #, no-wrap msgid "" "[domain/example.com]\n" @@ -9497,7 +9729,7 @@ msgid "" "This provider requires that the machine be joined to the AD domain and a " "keytab is available. Back end communication occurs over a GSSAPI-encrypted " "channel, SSL/TLS options should not be used with the AD provider and will be " -"superceded by Kerberos usage." +"superseded by Kerberos usage." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> @@ -9545,8 +9777,16 @@ msgid "" "side." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ad.5.xml:79 +msgid "" +"If <quote>auth_provider=ad</quote> or <quote>access_provider=ad</quote> is " +"configured in sssd.conf then the id_provider must also be set to <quote>ad</" +"quote>." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:85 +#: sssd-ad.5.xml:91 #, no-wrap msgid "" "ldap_id_mapping = False\n" @@ -9556,20 +9796,25 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:79 +#: sssd-ad.5.xml:85 msgid "" "By default, the AD provider will map UID and GID values from the objectSID " "parameter in Active Directory. For details on this, see the <quote>ID " "MAPPING</quote> section below. If you want to disable ID mapping and instead " "rely on POSIX attributes defined in Active Directory, you should set " -"<placeholder type=\"programlisting\" id=\"0\"/> In order to retrieve users " -"and groups using POSIX attributes from trusted domains, the AD administrator " -"must make sure that the POSIX attributes are replicated to the Global " -"Catalog." +"<placeholder type=\"programlisting\" id=\"0\"/> If POSIX attributes should " +"be used, it is recommended for performance reasons that the attributes are " +"also replicated to the Global Catalog. If POSIX attributes are replicated, " +"SSSD will attempt to locate the domain of a requested numerical ID with the " +"help of the Global Catalog and only search that domain. In contrast, if " +"POSIX attributes are not replicated to the Global Catalog, SSSD must search " +"all the domains in the forest sequentially. Please note that the " +"<quote>cache_first</quote> option might be also helpful in speeding up " +"domainless searches." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:92 +#: sssd-ad.5.xml:105 msgid "" "Users, groups and other entities served by SSSD are always treated as case-" "insensitive in the AD provider for compatibility with Active Directory's " @@ -9577,38 +9822,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:107 +#: sssd-ad.5.xml:120 msgid "ad_domain (string)" msgstr "ad_domain (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:110 +#: sssd-ad.5.xml:123 msgid "" "Specifies the name of the Active Directory domain. This is optional. If not " "provided, the configuration domain name is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:115 +#: sssd-ad.5.xml:128 msgid "" "For proper operation, this option should be specified as the lower-case " "version of the long version of the Active Directory domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:120 +#: sssd-ad.5.xml:133 msgid "" "The short domain name (also known as the NetBIOS or the flat name) is " "autodetected by the SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:127 +#: sssd-ad.5.xml:140 msgid "ad_enabled_domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:130 +#: sssd-ad.5.xml:143 msgid "" "A comma-separated list of enabled Active Directory domains. If provided, " "SSSD will ignore any domains not listed in this option. If left unset, all " @@ -9616,7 +9861,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:140 +#: sssd-ad.5.xml:153 #, no-wrap msgid "" "ad_enabled_domains = sales.example.com, eng.example.com\n" @@ -9624,7 +9869,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:136 +#: sssd-ad.5.xml:149 msgid "" "For proper operation, this option must be specified in all lower-case and as " "the fully qualified domain name of the Active Directory domain. For example: " @@ -9632,19 +9877,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:144 +#: sssd-ad.5.xml:157 msgid "" "The short domain name (also known as the NetBIOS or the flat name) will be " "autodetected by SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:154 +#: sssd-ad.5.xml:167 msgid "ad_server, ad_backup_server (string)" msgstr "ad_server, ad_backup_server (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:157 +#: sssd-ad.5.xml:170 msgid "" "The comma-separated list of hostnames of the AD servers to which SSSD should " "connect in order of preference. For more information on failover and server " @@ -9652,26 +9897,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:164 +#: sssd-ad.5.xml:177 msgid "" "This is optional if autodiscovery is enabled. For more information on " "service discovery, refer to the <quote>SERVICE DISCOVERY</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:169 +#: sssd-ad.5.xml:182 msgid "" "Note: Trusted domains will always auto-discover servers even if the primary " "server is explicitly defined in the ad_server option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:177 +#: sssd-ad.5.xml:190 msgid "ad_hostname (string)" msgstr "ad_hostname (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:180 +#: sssd-ad.5.xml:193 msgid "" "Optional. May be set on machines where the hostname(5) does not reflect the " "fully qualified name used in the Active Directory domain to identify this " @@ -9679,19 +9924,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:186 +#: sssd-ad.5.xml:199 msgid "" "This field is used to determine the host principal in use in the keytab. It " "must match the hostname for which the keytab was issued." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:194 +#: sssd-ad.5.xml:207 msgid "ad_enable_dns_sites (boolean)" msgstr "ad_enable_dns_sites (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:201 +#: sssd-ad.5.xml:214 msgid "" "If true and service discovery (see Service Discovery paragraph at the bottom " "of the man page) is enabled, the SSSD will first attempt to discover the " @@ -9702,12 +9947,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:217 +#: sssd-ad.5.xml:230 msgid "ad_access_filter (string)" msgstr "ad_access_filter (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:220 +#: sssd-ad.5.xml:233 msgid "" "This option specifies LDAP access control filter that the user must match in " "order to be allowed access. Please note that the <quote>access_provider</" @@ -9716,7 +9961,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:228 +#: sssd-ad.5.xml:241 msgid "" "The option also supports specifying different filters per domain or forest. " "This extended filter would consist of: <quote>KEYWORD:NAME:FILTER</quote>. " @@ -9725,7 +9970,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:236 +#: sssd-ad.5.xml:249 msgid "" "If the keyword equals to <quote>DOM</quote> or is missing, then <quote>NAME</" "quote> specifies the domain or subdomain the filter applies to. If the " @@ -9734,14 +9979,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:244 +#: sssd-ad.5.xml:257 msgid "" "Multiple filters can be separated with the <quote>?</quote> character, " "similarly to how search bases work." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:249 +#: sssd-ad.5.xml:262 msgid "" "Nested group membership must be searched for using a special OID " "<quote>:1.2.840.113556.1.4.1941:</quote> in addition to the full DOM:domain." @@ -9754,7 +9999,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:262 +#: sssd-ad.5.xml:275 msgid "" "The most specific match is always used. For example, if the option specified " "filter for a domain the user is a member of and a global filter, the per-" @@ -9763,7 +10008,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ad.5.xml:273 +#: sssd-ad.5.xml:286 #, no-wrap msgid "" "# apply filter on domain called dom1 only:\n" @@ -9781,24 +10026,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:292 +#: sssd-ad.5.xml:305 msgid "ad_site (string)" msgstr "ad_site (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:295 +#: sssd-ad.5.xml:308 msgid "" "Specify AD site to which client should try to connect. If this option is " "not provided, the AD site will be auto-discovered." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:306 +#: sssd-ad.5.xml:319 msgid "ad_enable_gc (boolean)" msgstr "ad_enable_gc (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:309 +#: sssd-ad.5.xml:322 msgid "" "By default, the SSSD connects to the Global Catalog first to retrieve users " "from trusted domains and uses the LDAP port to retrieve group memberships or " @@ -9807,7 +10052,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:317 +#: sssd-ad.5.xml:330 msgid "" "Please note that disabling Global Catalog support does not disable " "retrieving users from trusted domains. The SSSD would connect to the LDAP " @@ -9816,12 +10061,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:331 +#: sssd-ad.5.xml:344 msgid "ad_gpo_access_control (string)" msgstr "ad_gpo_access_control (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:334 +#: sssd-ad.5.xml:347 msgid "" "This option specifies the operation mode for GPO-based access control " "functionality: whether it operates in disabled mode, enforcing mode, or " @@ -9831,14 +10076,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:343 +#: sssd-ad.5.xml:356 msgid "" "GPO-based access control functionality uses GPO policy settings to determine " "whether or not a particular user is allowed to logon to a particular host." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:349 +#: sssd-ad.5.xml:362 +msgid "" +"NOTE: The current version of SSSD does not support host (computer) entries " +"in the GPO 'Security Filtering' list. Only user and group entries are " +"supported. Host entries in the list have no effect." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:369 msgid "" "NOTE: If the operation mode is set to enforcing, it is possible that users " "that were previously allowed logon access will now be denied logon access " @@ -9851,23 +10104,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:362 +#: sssd-ad.5.xml:382 msgid "There are three supported values for this option:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:366 +#: sssd-ad.5.xml:386 msgid "" "disabled: GPO-based access control rules are neither evaluated nor enforced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:372 +#: sssd-ad.5.xml:392 msgid "enforcing: GPO-based access control rules are evaluated and enforced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:378 +#: sssd-ad.5.xml:398 msgid "" "permissive: GPO-based access control rules are evaluated, but not enforced. " "Instead, a syslog message will be emitted indicating that the user would " @@ -9875,22 +10128,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:389 +#: sssd-ad.5.xml:409 msgid "Default: permissive" msgstr "Per defecte: permissive" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:392 +#: sssd-ad.5.xml:412 msgid "Default: enforcing" msgstr "Per defecte: enforcing" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:398 +#: sssd-ad.5.xml:418 msgid "ad_gpo_cache_timeout (integer)" msgstr "ad_gpo_cache_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:401 +#: sssd-ad.5.xml:421 msgid "" "The amount of time between lookups of GPO policy files against the AD " "server. This will reduce the latency and load on the AD server if there are " @@ -9898,12 +10151,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:414 +#: sssd-ad.5.xml:434 msgid "ad_gpo_map_interactive (string)" msgstr "ad_gpo_map_interactive (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:417 +#: sssd-ad.5.xml:437 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the InteractiveLogonRight and " @@ -9911,14 +10164,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:423 +#: sssd-ad.5.xml:443 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on locally\" and \"Deny log on locally\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:437 +#: sssd-ad.5.xml:457 #, no-wrap msgid "" "ad_gpo_map_interactive = +my_pam_service, -login\n" @@ -9928,7 +10181,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:428 +#: sssd-ad.5.xml:448 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9940,78 +10193,78 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:441 sssd-ad.5.xml:537 sssd-ad.5.xml:583 sssd-ad.5.xml:628 -#: sssd-ad.5.xml:694 +#: sssd-ad.5.xml:461 sssd-ad.5.xml:557 sssd-ad.5.xml:603 sssd-ad.5.xml:648 +#: sssd-ad.5.xml:714 msgid "Default: the default set of PAM service names includes:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:445 +#: sssd-ad.5.xml:465 msgid "login" msgstr "login" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:450 +#: sssd-ad.5.xml:470 msgid "su" msgstr "su" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:455 +#: sssd-ad.5.xml:475 msgid "su-l" msgstr "su-l" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:460 +#: sssd-ad.5.xml:480 msgid "gdm-fingerprint" msgstr "gdm-fingerprint" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:465 +#: sssd-ad.5.xml:485 msgid "gdm-password" msgstr "gdm-password" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:470 +#: sssd-ad.5.xml:490 msgid "gdm-smartcard" msgstr "gdm-smartcard" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:475 +#: sssd-ad.5.xml:495 msgid "kdm" msgstr "kdm" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:480 +#: sssd-ad.5.xml:500 msgid "lightdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:485 +#: sssd-ad.5.xml:505 msgid "lxdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:490 +#: sssd-ad.5.xml:510 msgid "sddm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:495 +#: sssd-ad.5.xml:515 msgid "unity" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:500 +#: sssd-ad.5.xml:520 msgid "xdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:509 +#: sssd-ad.5.xml:529 msgid "ad_gpo_map_remote_interactive (string)" msgstr "ad_gpo_map_remote_interactive (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:512 +#: sssd-ad.5.xml:532 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the RemoteInteractiveLogonRight and " @@ -10019,7 +10272,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:518 +#: sssd-ad.5.xml:538 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on through Remote Desktop Services\" and \"Deny log on through Remote " @@ -10027,7 +10280,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:533 +#: sssd-ad.5.xml:553 #, no-wrap msgid "" "ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n" @@ -10037,7 +10290,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:524 +#: sssd-ad.5.xml:544 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10049,22 +10302,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:541 +#: sssd-ad.5.xml:561 msgid "sshd" msgstr "sshd" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:546 +#: sssd-ad.5.xml:566 msgid "cockpit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:555 +#: sssd-ad.5.xml:575 msgid "ad_gpo_map_network (string)" msgstr "ad_gpo_map_network (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:558 +#: sssd-ad.5.xml:578 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the NetworkLogonRight and " @@ -10072,7 +10325,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:564 +#: sssd-ad.5.xml:584 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Access " "this computer from the network\" and \"Deny access to this computer from the " @@ -10080,7 +10333,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:579 +#: sssd-ad.5.xml:599 #, no-wrap msgid "" "ad_gpo_map_network = +my_pam_service, -ftp\n" @@ -10090,7 +10343,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:570 +#: sssd-ad.5.xml:590 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10102,22 +10355,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:587 +#: sssd-ad.5.xml:607 msgid "ftp" msgstr "ftp" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:592 +#: sssd-ad.5.xml:612 msgid "samba" msgstr "samba" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:601 +#: sssd-ad.5.xml:621 msgid "ad_gpo_map_batch (string)" msgstr "ad_gpo_map_batch (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:604 +#: sssd-ad.5.xml:624 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " @@ -10125,14 +10378,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:610 +#: sssd-ad.5.xml:630 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a batch job\" and \"Deny log on as a batch job\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:624 +#: sssd-ad.5.xml:644 #, no-wrap msgid "" "ad_gpo_map_batch = +my_pam_service, -crond\n" @@ -10142,7 +10395,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:615 +#: sssd-ad.5.xml:635 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10154,17 +10407,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:632 +#: sssd-ad.5.xml:652 msgid "crond" msgstr "crond" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:641 +#: sssd-ad.5.xml:661 msgid "ad_gpo_map_service (string)" msgstr "ad_gpo_map_service (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:644 +#: sssd-ad.5.xml:664 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the ServiceLogonRight and " @@ -10172,14 +10425,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:650 +#: sssd-ad.5.xml:670 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a service\" and \"Deny log on as a service\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:663 +#: sssd-ad.5.xml:683 #, no-wrap msgid "" "ad_gpo_map_service = +my_pam_service\n" @@ -10189,7 +10442,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:655 sssd-ad.5.xml:730 +#: sssd-ad.5.xml:675 sssd-ad.5.xml:750 msgid "" "It is possible to add a PAM service name to the default set by using <quote>" "+service_name</quote>. Since the default set is empty, it is not possible " @@ -10200,19 +10453,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:673 +#: sssd-ad.5.xml:693 msgid "ad_gpo_map_permit (string)" msgstr "ad_gpo_map_permit (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:676 +#: sssd-ad.5.xml:696 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always granted, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:690 +#: sssd-ad.5.xml:710 #, no-wrap msgid "" "ad_gpo_map_permit = +my_pam_service, -sudo\n" @@ -10222,7 +10475,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:681 +#: sssd-ad.5.xml:701 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10234,39 +10487,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:698 +#: sssd-ad.5.xml:718 msgid "polkit-1" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:703 +#: sssd-ad.5.xml:723 msgid "sudo" msgstr "sudo" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:708 +#: sssd-ad.5.xml:728 msgid "sudo-i" msgstr "sudo-i" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:713 +#: sssd-ad.5.xml:733 msgid "systemd-user" msgstr "systemd-user" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:722 +#: sssd-ad.5.xml:742 msgid "ad_gpo_map_deny (string)" msgstr "ad_gpo_map_deny (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:725 +#: sssd-ad.5.xml:745 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always denied, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:738 +#: sssd-ad.5.xml:758 #, no-wrap msgid "" "ad_gpo_map_deny = +my_pam_service\n" @@ -10276,12 +10529,12 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:748 +#: sssd-ad.5.xml:768 msgid "ad_gpo_default_right (string)" msgstr "ad_gpo_default_right (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:751 +#: sssd-ad.5.xml:771 msgid "" "This option defines how access control is evaluated for PAM service names " "that are not explicitly listed in one of the ad_gpo_map_* options. This " @@ -10294,57 +10547,57 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:764 +#: sssd-ad.5.xml:784 msgid "Supported values for this option include:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:768 +#: sssd-ad.5.xml:788 msgid "interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:773 +#: sssd-ad.5.xml:793 msgid "remote_interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:778 +#: sssd-ad.5.xml:798 msgid "network" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:783 +#: sssd-ad.5.xml:803 msgid "batch" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:788 +#: sssd-ad.5.xml:808 msgid "service" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:793 +#: sssd-ad.5.xml:813 msgid "permit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:798 +#: sssd-ad.5.xml:818 msgid "deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:804 +#: sssd-ad.5.xml:824 msgid "Default: deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:810 +#: sssd-ad.5.xml:830 msgid "ad_maximum_machine_account_password_age (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:813 +#: sssd-ad.5.xml:833 msgid "" "SSSD will check once a day if the machine account password is older than the " "given age in days and try to renew it. A value of 0 will disable the renewal " @@ -10352,17 +10605,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:819 +#: sssd-ad.5.xml:839 msgid "Default: 30 days" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:825 +#: sssd-ad.5.xml:845 msgid "ad_machine_account_password_renewal_opts (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:828 +#: sssd-ad.5.xml:848 msgid "" "This option should only be used to test the machine account renewal task. " "The option expects 2 integers separated by a colon (':'). The first integer " @@ -10372,12 +10625,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:837 +#: sssd-ad.5.xml:857 msgid "Default: 86400:750 (24h and 15m)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:846 +#: sssd-ad.5.xml:866 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -10388,19 +10641,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:876 +#: sssd-ad.5.xml:896 msgid "Default: 3600 (seconds)" msgstr "Per defecte: 3600 (segons)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:892 +#: sssd-ad.5.xml:912 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:905 +#: sssd-ad.5.xml:925 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -10410,12 +10663,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:928 sss_rpcidmapd.5.xml:76 +#: sssd-ad.5.xml:948 sss_rpcidmapd.5.xml:76 msgid "Default: True" msgstr "Per defecte: True" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1020 +#: sssd-ad.5.xml:1040 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -10423,7 +10676,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1027 +#: sssd-ad.5.xml:1047 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -10447,7 +10700,7 @@ msgstr "" "ad_domain = exemple.com\n" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1047 +#: sssd-ad.5.xml:1067 #, no-wrap msgid "" "access_provider = ldap\n" @@ -10459,7 +10712,7 @@ msgstr "" "ldap_account_expire_policy = ad\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1043 +#: sssd-ad.5.xml:1063 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -10467,7 +10720,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1053 +#: sssd-ad.5.xml:1073 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -10477,7 +10730,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1061 +#: sssd-ad.5.xml:1081 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " @@ -10821,33 +11074,90 @@ msgstr "" "sssd</filename> i hi ha fitxers dels registres que se separen per a cadascun " "dels serveis i dels dominis de l'SSSD." +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:94 +msgid "" +"This option is deprecated. It is replaced by <option>--logger=files</option>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sssd.8.xml:101 +#, fuzzy +#| msgid "<option>--debug-timestamps=</option><replaceable>mode</replaceable>" +msgid "<option>--logger=</option><replaceable>value</replaceable>" +msgstr "<option>--debug-timestamps=</option><replaceable>mode</replaceable>" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:105 +msgid "" +"Location where SSSD will send log messages. This option overrides the value " +"of the deprecated option <option>--debug-to-files</option>. The deprecated " +"option will still work if the <option>--logger</option> is not used." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:112 +#, fuzzy +#| msgid "<emphasis>1</emphasis>: Add a timestamp to the debug messages" +msgid "" +"<emphasis>stderr</emphasis>: Redirect debug messages to standard error " +"output." +msgstr "" +"<emphasis>1</emphasis>: Afegeix una marca temporal als registres de depuració" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:116 +#, fuzzy +#| msgid "" +#| "Send the debug output to files instead of stderr. By default, the log " +#| "files are stored in <filename>/var/log/sssd</filename> and there are " +#| "separate log files for every SSSD service and domain." +msgid "" +"<emphasis>files</emphasis>: Redirect debug messages to the log files. By " +"default, the log files are stored in <filename>/var/log/sssd</filename> and " +"there are separate log files for every SSSD service and domain." +msgstr "" +"Envia la sortida de depuració als fitxers en comptes de l'stderr. Per " +"defecte, els fitxers dels registres s'emmagatzemen a <filename>/var/log/" +"sssd</filename> i hi ha fitxers dels registres que se separen per a cadascun " +"dels serveis i dels dominis de l'SSSD." + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:122 +#, fuzzy +#| msgid "<emphasis>1</emphasis>: Add a timestamp to the debug messages" +msgid "" +"<emphasis>journald</emphasis>: Redirect debug messages to systemd-journald" +msgstr "" +"<emphasis>1</emphasis>: Afegeix una marca temporal als registres de depuració" + #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:97 +#: sssd.8.xml:132 msgid "<option>-D</option>,<option>--daemon</option>" msgstr "<option>-D</option>,<option>--daemon</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:101 +#: sssd.8.xml:136 msgid "Become a daemon after starting up." msgstr "Esdevé un dimoni després de la posada en marxa." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:107 sss_seed.8.xml:136 +#: sssd.8.xml:142 sss_seed.8.xml:136 msgid "<option>-i</option>,<option>--interactive</option>" msgstr "<option>-i</option>,<option>--interactive</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:111 +#: sssd.8.xml:146 msgid "Run in the foreground, don't become a daemon." msgstr "Executa en primer pla, no esdevinguis un dimoni." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:117 +#: sssd.8.xml:152 msgid "<option>-c</option>,<option>--config</option>" msgstr "<option>-c</option>,<option>--config</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:121 +#: sssd.8.xml:156 msgid "" "Specify a non-default config file. The default is <filename>/etc/sssd/sssd." "conf</filename>. For reference on the config file syntax and options, " @@ -10861,27 +11171,27 @@ msgstr "" "manvolnum></citerefentry>." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:135 +#: sssd.8.xml:170 msgid "<option>--version</option>" msgstr "<option>--version</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:139 +#: sssd.8.xml:174 msgid "Print version number and exit." msgstr "Imprimeix el número de la versió i surt." #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.8.xml:147 +#: sssd.8.xml:182 msgid "Signals" msgstr "Senyals" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:150 +#: sssd.8.xml:185 msgid "SIGTERM/SIGINT" msgstr "SIGTERM/SIGINT" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:153 +#: sssd.8.xml:188 msgid "" "Informs the SSSD to gracefully terminate all of its child processes and then " "shut down the monitor." @@ -10890,12 +11200,12 @@ msgstr "" "després atura el monitor." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:159 +#: sssd.8.xml:194 msgid "SIGHUP" msgstr "SIGHUP" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:162 +#: sssd.8.xml:197 msgid "" "Tells the SSSD to stop writing to its current debug file descriptors and to " "close and reopen them. This is meant to facilitate log rolling with programs " @@ -10906,12 +11216,12 @@ msgstr "" "dels registres amb programes com logrotate." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:170 +#: sssd.8.xml:205 msgid "SIGUSR1" msgstr "SIGUSR1" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:173 +#: sssd.8.xml:208 msgid "" "Tells the SSSD to simulate offline operation for the duration of the " "<quote>offline_timeout</quote> parameter. This is useful for testing. The " @@ -10923,12 +11233,12 @@ msgstr "" "pot enviar directament al procés sssd o sssd_be." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:182 +#: sssd.8.xml:217 msgid "SIGUSR2" msgstr "SIGUSR2" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:185 +#: sssd.8.xml:220 msgid "" "Tells the SSSD to go online immediately. This is useful for testing. The " "signal can be sent to either the sssd process or any sssd_be process " @@ -10938,7 +11248,7 @@ msgstr "" "El senyal es pot enviar directament al procés sssd o sssd_be." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.8.xml:197 +#: sssd.8.xml:232 msgid "" "If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", client " "applications will not use the fast in memory cache." @@ -13563,7 +13873,7 @@ msgid "" "project was born to deal with this problem in cloud like environments, but " "we found the idea compelling even at a single system level. As a security " "service, SSSD is ideal to host this capability while offering the same API " -"via a Unix Socket. This will make it possible to use local calls and have " +"via a UNIX Socket. This will make it possible to use local calls and have " "them transparently routed to a local or a remote key management store like " "IPA Vault for storage, escrow and recovery." msgstr "" @@ -16199,6 +16509,13 @@ msgstr "" msgid "ldap_group_external_member = ipaExternalMember" msgstr "" +#~ msgid "" +#~ "Determines if a domain can be enumerated. This parameter can have one of " +#~ "the following values:" +#~ msgstr "" +#~ "Determina si un domini pot ser enumerat. Aquest paràmetre pot tenir un " +#~ "dels valors següents:" + #~ msgid "" #~ "<command>sss_debuglevel</command> changes debug level of SSSD monitor and " #~ "providers to <replaceable>NEW_DEBUG_LEVEL</replaceable> while SSSD is " diff --git a/src/man/po/cs.po b/src/man/po/cs.po index 43ac0c14ae9..7029a1161d8 100644 --- a/src/man/po/cs.po +++ b/src/man/po/cs.po @@ -9,7 +9,7 @@ msgid "" msgstr "" "Project-Id-Version: sssd-docs 1.15.3\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2017-10-20 16:15+0200\n" +"POT-Creation-Date: 2018-03-09 12:30+0100\n" "PO-Revision-Date: 2017-09-11 08:53-0400\n" "Last-Translator: Zdenek <chmelarz@gmail.com>\n" "Language-Team: Czech (http://www.transifex.com/projects/p/sssd/language/" @@ -296,9 +296,9 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:133 sssd.conf.5.xml:543 sssd.conf.5.xml:837 -#: sssd.conf.5.xml:1467 sssd-ldap.5.xml:1722 sssd-ldap.5.xml:1819 -#: sssd-ldap.5.xml:1881 sssd-ldap.5.xml:2447 sssd-ldap.5.xml:2512 -#: sssd-ldap.5.xml:2530 sssd-ad.5.xml:211 sssd-ad.5.xml:325 sssd-ad.5.xml:862 +#: sssd.conf.5.xml:1474 sssd-ldap.5.xml:1840 sssd-ldap.5.xml:1937 +#: sssd-ldap.5.xml:1999 sssd-ldap.5.xml:2565 sssd-ldap.5.xml:2630 +#: sssd-ldap.5.xml:2648 sssd-ad.5.xml:224 sssd-ad.5.xml:338 sssd-ad.5.xml:882 #: sssd-krb5.5.xml:499 sssd-secrets.5.xml:351 sssd-secrets.5.xml:364 msgid "Default: true" msgstr "" @@ -317,16 +317,16 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:146 sssd.conf.5.xml:540 sssd.conf.5.xml:721 -#: sssd.conf.5.xml:1400 sssd.conf.5.xml:2865 sssd-ldap.5.xml:708 -#: sssd-ldap.5.xml:1596 sssd-ldap.5.xml:1615 sssd-ldap.5.xml:1791 -#: sssd-ldap.5.xml:2217 sssd-ipa.5.xml:145 sssd-ipa.5.xml:232 -#: sssd-ipa.5.xml:540 sssd-krb5.5.xml:266 sssd-krb5.5.xml:300 +#: sssd.conf.5.xml:1407 sssd.conf.5.xml:2925 sssd-ldap.5.xml:708 +#: sssd-ldap.5.xml:1714 sssd-ldap.5.xml:1733 sssd-ldap.5.xml:1909 +#: sssd-ldap.5.xml:2335 sssd-ipa.5.xml:151 sssd-ipa.5.xml:238 +#: sssd-ipa.5.xml:559 sssd-krb5.5.xml:266 sssd-krb5.5.xml:300 #: sssd-krb5.5.xml:471 msgid "Default: false" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2255 +#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2373 #: sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 sssd-systemtap.5.xml:210 #: sssd-systemtap.5.xml:248 sssd-systemtap.5.xml:304 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" @@ -351,8 +351,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:169 sssd.conf.5.xml:1352 sssd.conf.5.xml:2881 -#: sssd-ldap.5.xml:1467 include/ldap_id_mapping.xml:264 +#: sssd.conf.5.xml:169 sssd.conf.5.xml:1359 sssd.conf.5.xml:2941 +#: sssd-ldap.5.xml:1585 include/ldap_id_mapping.xml:264 msgid "Default: 10" msgstr "" @@ -367,7 +367,7 @@ msgid "The [sssd] section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:191 sssd.conf.5.xml:2970 +#: sssd.conf.5.xml:191 sssd.conf.5.xml:3030 msgid "Section parameters" msgstr "" @@ -393,7 +393,7 @@ msgstr "" msgid "" "Comma separated list of services that are started when sssd itself starts. " "<phrase condition=\"have_systemd\"> The services' list is optional on " -"platforms where systemd is supported, as they will either be socket or dbus " +"platforms where systemd is supported, as they will either be socket or D-Bus " "activated when needed. </phrase>" msgstr "" @@ -447,7 +447,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:259 sssd.conf.5.xml:2508 +#: sssd.conf.5.xml:259 sssd.conf.5.xml:2539 msgid "re_expression (string)" msgstr "" @@ -467,12 +467,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:276 sssd.conf.5.xml:2559 +#: sssd.conf.5.xml:276 sssd.conf.5.xml:2590 msgid "full_name_format (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:279 sssd.conf.5.xml:2562 +#: sssd.conf.5.xml:279 sssd.conf.5.xml:2593 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -480,39 +480,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:290 sssd.conf.5.xml:2573 +#: sssd.conf.5.xml:290 sssd.conf.5.xml:2604 msgid "%1$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:291 sssd.conf.5.xml:2574 +#: sssd.conf.5.xml:291 sssd.conf.5.xml:2605 msgid "user name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:294 sssd.conf.5.xml:2577 +#: sssd.conf.5.xml:294 sssd.conf.5.xml:2608 msgid "%2$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:297 sssd.conf.5.xml:2580 +#: sssd.conf.5.xml:297 sssd.conf.5.xml:2611 msgid "domain name as specified in the SSSD config file." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:303 sssd.conf.5.xml:2586 +#: sssd.conf.5.xml:303 sssd.conf.5.xml:2617 msgid "%3$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:306 sssd.conf.5.xml:2589 +#: sssd.conf.5.xml:306 sssd.conf.5.xml:2620 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:287 sssd.conf.5.xml:2570 +#: sssd.conf.5.xml:287 sssd.conf.5.xml:2601 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -636,12 +636,13 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:418 sssd.conf.5.xml:1156 sssd-ldap.5.xml:679 -#: sssd-ldap.5.xml:1555 sssd-ldap.5.xml:1567 sssd-ldap.5.xml:1649 -#: sssd-ad.5.xml:667 sssd-ad.5.xml:742 sssd-krb5.5.xml:410 sssd-krb5.5.xml:556 -#: sssd-secrets.5.xml:339 sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 -#: sssd-secrets.5.xml:404 sssd-secrets.5.xml:415 -#: include/ldap_id_mapping.xml:205 include/ldap_id_mapping.xml:216 +#: sssd.conf.5.xml:418 sssd.conf.5.xml:1163 sssd-ldap.5.xml:679 +#: sssd-ldap.5.xml:1319 sssd-ldap.5.xml:1673 sssd-ldap.5.xml:1685 +#: sssd-ldap.5.xml:1767 sssd-ad.5.xml:687 sssd-ad.5.xml:762 sssd.8.xml:126 +#: sssd-krb5.5.xml:410 sssd-krb5.5.xml:556 sssd-secrets.5.xml:339 +#: sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 sssd-secrets.5.xml:404 +#: sssd-secrets.5.xml:415 include/ldap_id_mapping.xml:205 +#: include/ldap_id_mapping.xml:216 msgid "Default: not set" msgstr "" @@ -828,8 +829,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:587 sssd.conf.5.xml:1364 sssd.conf.5.xml:2931 -#: sssd-ad.5.xml:148 sssd-ad.5.xml:286 sssd-ad.5.xml:300 +#: sssd.conf.5.xml:587 sssd.conf.5.xml:1371 sssd.conf.5.xml:2991 +#: sssd-ad.5.xml:161 sssd-ad.5.xml:299 sssd-ad.5.xml:313 msgid "Default: Not set" msgstr "" @@ -905,7 +906,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:655 sssd.conf.5.xml:687 sssd.conf.5.xml:968 -#: sssd.conf.5.xml:1222 sssd-ldap.5.xml:1294 +#: sssd.conf.5.xml:1229 sssd-ldap.5.xml:1412 msgid "Default: 60" msgstr "" @@ -960,12 +961,12 @@ msgid "" "resource exhaustion on the system. The minimum acceptable value for this " "option is 60 seconds. Setting this option to 0 (zero) means that no timeout " "will be set up to the responder. This option only has effect when SSSD is " -"built with systemd support and when services are either socket or dbus " +"built with systemd support and when services are either socket or D-Bus " "activated." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:709 sssd.conf.5.xml:980 sssd.conf.5.xml:1559 +#: sssd.conf.5.xml:709 sssd.conf.5.xml:981 sssd.conf.5.xml:1566 #: sssd-ldap.5.xml:722 msgid "Default: 300" msgstr "" @@ -1043,7 +1044,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:775 sssd.conf.5.xml:1421 +#: sssd.conf.5.xml:775 sssd.conf.5.xml:1428 msgid "Default: 50" msgstr "" @@ -1061,7 +1062,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:789 sssd.conf.5.xml:1445 +#: sssd.conf.5.xml:789 sssd.conf.5.xml:1452 msgid "Default: 15" msgstr "" @@ -1078,7 +1079,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:802 sssd.conf.5.xml:1210 sssd.conf.5.xml:2815 sssd.8.xml:79 +#: sssd.conf.5.xml:802 sssd.conf.5.xml:1217 sssd.conf.5.xml:2846 sssd.8.xml:79 msgid "Default: 0" msgstr "" @@ -1148,7 +1149,7 @@ msgid "" msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:856 sssd.conf.5.xml:1289 sssd.conf.5.xml:1308 +#: sssd.conf.5.xml:856 sssd.conf.5.xml:1296 sssd.conf.5.xml:1315 #: sssd-krb5.5.xml:539 include/override_homedir.xml:59 msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" @@ -1282,12 +1283,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:961 sssd.conf.5.xml:1215 +#: sssd.conf.5.xml:961 sssd.conf.5.xml:1222 msgid "get_domains_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:964 sssd.conf.5.xml:1218 +#: sssd.conf.5.xml:964 sssd.conf.5.xml:1225 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." @@ -1302,23 +1303,30 @@ msgstr "" #: sssd.conf.5.xml:976 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " -"valid." +"valid. Setting this option to zero will disable the in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:983 +#: sssd.conf.5.xml:984 +msgid "" +"WARNING: Disabling the in-memory cache will have significant negative impact " +"on SSSD's performance and should only be used for testing." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:990 msgid "" "NOTE: If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", " "client applications will not use the fast in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:991 sssd-ifp.5.xml:74 +#: sssd.conf.5.xml:998 sssd-ifp.5.xml:74 msgid "user_attributes (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:994 +#: sssd.conf.5.xml:1001 msgid "" "Some of the additional NSS responder requests can return more attributes " "than just the POSIX ones defined by the NSS interface. The list of " @@ -1329,96 +1337,96 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1007 +#: sssd.conf.5.xml:1014 msgid "" "To make configuration more easy the NSS responder will check the InfoPipe " "option if it is not set for the NSS responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1012 +#: sssd.conf.5.xml:1019 msgid "Default: not set, fallback to InfoPipe option" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1017 +#: sssd.conf.5.xml:1024 msgid "pwfield (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1020 +#: sssd.conf.5.xml:1027 msgid "" "The value that NSS operations that return users or groups will return for " "the <quote>password</quote> field." msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:1025 include/override_homedir.xml:56 +#: sssd.conf.5.xml:1032 include/override_homedir.xml:56 msgid "This option can also be set per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1028 +#: sssd.conf.5.xml:1035 msgid "" "Default: <quote>*</quote> (remote domains) or <quote>x</quote> (the files " "domain)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1036 +#: sssd.conf.5.xml:1043 msgid "PAM configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1038 +#: sssd.conf.5.xml:1045 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1043 +#: sssd.conf.5.xml:1050 msgid "offline_credentials_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1046 +#: sssd.conf.5.xml:1053 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1051 sssd.conf.5.xml:1064 +#: sssd.conf.5.xml:1058 sssd.conf.5.xml:1071 msgid "Default: 0 (No limit)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1057 +#: sssd.conf.5.xml:1064 msgid "offline_failed_login_attempts (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1060 +#: sssd.conf.5.xml:1067 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1070 +#: sssd.conf.5.xml:1077 msgid "offline_failed_login_delay (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1073 +#: sssd.conf.5.xml:1080 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1078 +#: sssd.conf.5.xml:1085 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -1426,59 +1434,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1084 sssd.conf.5.xml:1182 +#: sssd.conf.5.xml:1091 sssd.conf.5.xml:1189 msgid "Default: 5" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1090 +#: sssd.conf.5.xml:1097 msgid "pam_verbosity (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1093 +#: sssd.conf.5.xml:1100 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1098 +#: sssd.conf.5.xml:1105 msgid "Currently sssd supports the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1101 +#: sssd.conf.5.xml:1108 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1104 +#: sssd.conf.5.xml:1111 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1108 +#: sssd.conf.5.xml:1115 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1111 +#: sssd.conf.5.xml:1118 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1115 sssd.8.xml:63 +#: sssd.conf.5.xml:1122 sssd.8.xml:63 msgid "Default: 1" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1121 +#: sssd.conf.5.xml:1128 msgid "pam_response_filter (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1124 +#: sssd.conf.5.xml:1131 msgid "" "A comma separated list of strings which allows to remove (filter) data sent " "by the PAM responder to pam_sss PAM module. There are different kind of " @@ -1487,61 +1495,61 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1132 +#: sssd.conf.5.xml:1139 msgid "" "While messages already can be controlled with the help of the pam_verbosity " "option this option allows to filter out other kind of responses as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1139 +#: sssd.conf.5.xml:1146 msgid "ENV" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1140 +#: sssd.conf.5.xml:1147 msgid "Do not send any environment variables to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1143 +#: sssd.conf.5.xml:1150 msgid "ENV:var_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1144 +#: sssd.conf.5.xml:1151 msgid "Do not send environment variable var_name to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1148 +#: sssd.conf.5.xml:1155 msgid "ENV:var_name:service" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1149 +#: sssd.conf.5.xml:1156 msgid "Do not send environment variable var_name to service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1137 +#: sssd.conf.5.xml:1144 msgid "" "Currently the following filters are supported: <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1159 +#: sssd.conf.5.xml:1166 msgid "Example: ENV:KRB5CCNAME:sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1165 +#: sssd.conf.5.xml:1172 msgid "pam_id_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1168 +#: sssd.conf.5.xml:1175 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1549,7 +1557,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1174 +#: sssd.conf.5.xml:1181 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -1558,17 +1566,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1188 +#: sssd.conf.5.xml:1195 msgid "pam_pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1191 sssd.conf.5.xml:2010 +#: sssd.conf.5.xml:1198 sssd.conf.5.xml:2028 msgid "Display a warning N days before the password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1194 +#: sssd.conf.5.xml:1201 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1576,26 +1584,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1200 sssd.conf.5.xml:2013 +#: sssd.conf.5.xml:1207 sssd.conf.5.xml:2031 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1205 +#: sssd.conf.5.xml:1212 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:1234 msgid "pam_trusted_users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1230 +#: sssd.conf.5.xml:1237 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to run PAM conversations against trusted domains. Users not " @@ -1605,74 +1613,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1240 +#: sssd.conf.5.xml:1247 msgid "Default: All users are considered trusted by default" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1244 +#: sssd.conf.5.xml:1251 msgid "" "Please note that UID 0 is always allowed to access the PAM responder even in " "case it is not in the pam_trusted_users list." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1251 +#: sssd.conf.5.xml:1258 msgid "pam_public_domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1254 +#: sssd.conf.5.xml:1261 msgid "" "Specifies the comma-separated list of domain names that are accessible even " "to untrusted users." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1258 +#: sssd.conf.5.xml:1265 msgid "Two special values for pam_public_domains option are defined:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1262 +#: sssd.conf.5.xml:1269 msgid "" "all (Untrusted users are allowed to access all domains in PAM responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1266 +#: sssd.conf.5.xml:1273 msgid "" "none (Untrusted users are not allowed to access any domains PAM in " "responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1270 sssd.conf.5.xml:1295 sssd.conf.5.xml:1314 -#: sssd.conf.5.xml:1807 sssd.conf.5.xml:2751 sssd-ldap.5.xml:1850 +#: sssd.conf.5.xml:1277 sssd.conf.5.xml:1302 sssd.conf.5.xml:1321 +#: sssd.conf.5.xml:1825 sssd.conf.5.xml:2782 sssd-ldap.5.xml:1968 msgid "Default: none" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1275 +#: sssd.conf.5.xml:1282 msgid "pam_account_expired_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1278 +#: sssd.conf.5.xml:1285 msgid "" "Allows a custom expiration message to be set, replacing the default " "'Permission denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1283 +#: sssd.conf.5.xml:1290 msgid "" "Note: Please be aware that message is only printed for the SSH service " "unless pam_verbosity is set to 3 (show all messages and debug information)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1291 +#: sssd.conf.5.xml:1298 #, no-wrap msgid "" "pam_account_expired_message = Account expired, please contact help desk.\n" @@ -1680,19 +1688,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1300 +#: sssd.conf.5.xml:1307 msgid "pam_account_locked_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1303 +#: sssd.conf.5.xml:1310 msgid "" "Allows a custom lockout message to be set, replacing the default 'Permission " "denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1310 +#: sssd.conf.5.xml:1317 #, no-wrap msgid "" "pam_account_locked_message = Account locked, please contact help desk.\n" @@ -1700,12 +1708,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1319 +#: sssd.conf.5.xml:1326 msgid "pam_cert_auth (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1322 +#: sssd.conf.5.xml:1329 msgid "" "Enable certificate based Smartcard authentication. Since this requires " "additional communication with the Smartcard which will delay the " @@ -1713,58 +1721,58 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1328 sssd-ldap.5.xml:1078 sssd-ldap.5.xml:1105 -#: sssd-ldap.5.xml:1396 sssd-ldap.5.xml:1417 sssd-ldap.5.xml:1923 -#: include/ldap_id_mapping.xml:244 +#: sssd.conf.5.xml:1335 sssd.conf.5.xml:2875 sssd-ldap.5.xml:1087 +#: sssd-ldap.5.xml:1114 sssd-ldap.5.xml:1514 sssd-ldap.5.xml:1535 +#: sssd-ldap.5.xml:2041 include/ldap_id_mapping.xml:244 msgid "Default: False" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1333 +#: sssd.conf.5.xml:1340 msgid "pam_cert_db_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1336 +#: sssd.conf.5.xml:1343 msgid "" "The path to the certificate database which contain the PKCS#11 modules to " "access the Smartcard." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1340 +#: sssd.conf.5.xml:1347 msgid "Default: /etc/pki/nssdb (NSS version)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1345 +#: sssd.conf.5.xml:1352 msgid "p11_child_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1348 +#: sssd.conf.5.xml:1355 msgid "How many seconds will pam_sss wait for p11_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1357 +#: sssd.conf.5.xml:1364 msgid "pam_app_services (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1360 +#: sssd.conf.5.xml:1367 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1373 +#: sssd.conf.5.xml:1380 msgid "SUDO configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1375 +#: sssd.conf.5.xml:1382 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -1775,24 +1783,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1392 +#: sssd.conf.5.xml:1399 msgid "sudo_timed (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1395 +#: sssd.conf.5.xml:1402 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1407 +#: sssd.conf.5.xml:1414 msgid "sudo_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1410 +#: sssd.conf.5.xml:1417 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -1802,22 +1810,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1429 +#: sssd.conf.5.xml:1436 msgid "AUTOFS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1431 +#: sssd.conf.5.xml:1438 msgid "These options can be used to configure the autofs service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1435 +#: sssd.conf.5.xml:1442 msgid "autofs_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1438 +#: sssd.conf.5.xml:1445 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -1825,68 +1833,68 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1454 +#: sssd.conf.5.xml:1461 msgid "SSH configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1456 +#: sssd.conf.5.xml:1463 msgid "These options can be used to configure the SSH service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1460 +#: sssd.conf.5.xml:1467 msgid "ssh_hash_known_hosts (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1463 +#: sssd.conf.5.xml:1470 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1472 +#: sssd.conf.5.xml:1479 msgid "ssh_known_hosts_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1475 +#: sssd.conf.5.xml:1482 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1479 +#: sssd.conf.5.xml:1486 msgid "Default: 180" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1484 +#: sssd.conf.5.xml:1491 msgid "ca_db (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1487 +#: sssd.conf.5.xml:1494 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1492 +#: sssd.conf.5.xml:1499 msgid "Default: /etc/pki/nssdb" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1500 +#: sssd.conf.5.xml:1507 msgid "PAC responder configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1502 +#: sssd.conf.5.xml:1509 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -1897,7 +1905,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1511 +#: sssd.conf.5.xml:1518 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -1908,24 +1916,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1519 +#: sssd.conf.5.xml:1526 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1525 +#: sssd.conf.5.xml:1532 msgid "These options can be used to configure the PAC responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1529 sssd-ifp.5.xml:50 +#: sssd.conf.5.xml:1536 sssd-ifp.5.xml:50 msgid "allowed_uids (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1532 +#: sssd.conf.5.xml:1539 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -1933,12 +1941,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1538 +#: sssd.conf.5.xml:1545 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1542 +#: sssd.conf.5.xml:1549 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -1947,24 +1955,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1551 +#: sssd.conf.5.xml:1558 msgid "pac_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1554 +#: sssd.conf.5.xml:1561 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1567 +#: sssd.conf.5.xml:1574 msgid "Session recording configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1569 +#: sssd.conf.5.xml:1576 msgid "" "Session recording works in conjunction with <citerefentry> " "<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> </" @@ -1974,66 +1982,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1582 +#: sssd.conf.5.xml:1589 msgid "These options can be used to configure session recording." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1586 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:1593 sssd-session-recording.5.xml:64 msgid "scope (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1593 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:1600 sssd-session-recording.5.xml:71 msgid "\"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1596 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:1603 sssd-session-recording.5.xml:74 msgid "No users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1601 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:1608 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1604 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:1611 sssd-session-recording.5.xml:82 msgid "" "Users/groups specified by <replaceable>users</replaceable> and " "<replaceable>groups</replaceable> options are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1613 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:1620 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1616 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:1623 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1589 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:1596 sssd-session-recording.5.xml:67 msgid "" "One of the following strings specifying the scope of session recording: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1623 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:1630 sssd-session-recording.5.xml:101 msgid "Default: \"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1628 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:1635 sssd-session-recording.5.xml:106 msgid "users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1631 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:1638 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording enabled. " "Matches user names as returned by NSS. I.e. after the possible space " @@ -2041,17 +2049,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1637 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:1644 sssd-session-recording.5.xml:115 msgid "Default: Empty. Matches no users." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1642 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:1649 sssd-session-recording.5.xml:120 msgid "groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1645 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:1652 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " @@ -2059,7 +2067,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1651 sssd-session-recording.5.xml:129 +#: sssd.conf.5.xml:1658 sssd-session-recording.5.xml:129 msgid "" "NOTE: using this option (having it set to anything) has a considerable " "performance cost, because each uncached request for a user requires " @@ -2067,22 +2075,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1658 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:1665 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1668 +#: sssd.conf.5.xml:1675 msgid "DOMAIN SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1675 +#: sssd.conf.5.xml:1682 msgid "domain_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1678 +#: sssd.conf.5.xml:1685 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " @@ -2091,14 +2099,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1686 +#: sssd.conf.5.xml:1693 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1690 +#: sssd.conf.5.xml:1697 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " @@ -2107,38 +2115,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1698 +#: sssd.conf.5.xml:1705 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1702 +#: sssd.conf.5.xml:1709 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1706 +#: sssd.conf.5.xml:1713 msgid "Default: posix" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1712 +#: sssd.conf.5.xml:1719 msgid "min_id,max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1715 +#: sssd.conf.5.xml:1722 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1720 +#: sssd.conf.5.xml:1727 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -2147,46 +2155,55 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1727 +#: sssd.conf.5.xml:1734 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1731 +#: sssd.conf.5.xml:1738 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1737 +#: sssd.conf.5.xml:1744 msgid "enumerate (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1740 +#: sssd.conf.5.xml:1747 msgid "" -"Determines if a domain can be enumerated. This parameter can have one of the " -"following values:" +"Determines if a domain can be enumerated, that is, whether the domain can " +"list all the users and group it contains. Note that it is not required to " +"enable enumeration in order for secondary groups to be displayed. This " +"parameter can have one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1744 +#: sssd.conf.5.xml:1755 msgid "TRUE = Users and groups are enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1747 +#: sssd.conf.5.xml:1758 msgid "FALSE = No enumerations for this domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1750 sssd.conf.5.xml:1965 sssd.conf.5.xml:2132 +#: sssd.conf.5.xml:1761 sssd.conf.5.xml:1983 sssd.conf.5.xml:2150 msgid "Default: FALSE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1753 +#: sssd.conf.5.xml:1764 +msgid "" +"Enumerating a domain requires SSSD to download and store ALL user and group " +"entries from the remote server." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1769 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -2194,18 +2211,20 @@ msgid "" "information will go directly to LDAP, though it may be slow, due to the " "heavy enumeration processing. Saving a large number of entries to cache " "after the enumeration completes might also be CPU intensive as the " -"memberships have to be recomputed." +"memberships have to be recomputed. This can lead to the <quote>sssd_be</" +"quote> process becoming unresponsive or even restarted by the internal " +"watchdog." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1766 +#: sssd.conf.5.xml:1784 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1771 +#: sssd.conf.5.xml:1789 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -2214,39 +2233,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1779 +#: sssd.conf.5.xml:1797 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1787 +#: sssd.conf.5.xml:1805 msgid "subdomain_enumerate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1794 +#: sssd.conf.5.xml:1812 msgid "all" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1795 +#: sssd.conf.5.xml:1813 msgid "All discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1798 +#: sssd.conf.5.xml:1816 msgid "none" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1799 +#: sssd.conf.5.xml:1817 msgid "No discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1790 +#: sssd.conf.5.xml:1808 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -2255,19 +2274,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1813 +#: sssd.conf.5.xml:1831 msgid "entry_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1816 +#: sssd.conf.5.xml:1834 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1820 +#: sssd.conf.5.xml:1838 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -2278,151 +2297,151 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1833 +#: sssd.conf.5.xml:1851 msgid "Default: 5400" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1839 +#: sssd.conf.5.xml:1857 msgid "entry_cache_user_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1842 +#: sssd.conf.5.xml:1860 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1846 sssd.conf.5.xml:1859 sssd.conf.5.xml:1872 -#: sssd.conf.5.xml:1885 sssd.conf.5.xml:1898 sssd.conf.5.xml:1912 -#: sssd.conf.5.xml:1926 +#: sssd.conf.5.xml:1864 sssd.conf.5.xml:1877 sssd.conf.5.xml:1890 +#: sssd.conf.5.xml:1903 sssd.conf.5.xml:1916 sssd.conf.5.xml:1930 +#: sssd.conf.5.xml:1944 msgid "Default: entry_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1852 +#: sssd.conf.5.xml:1870 msgid "entry_cache_group_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1855 +#: sssd.conf.5.xml:1873 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1865 +#: sssd.conf.5.xml:1883 msgid "entry_cache_netgroup_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1868 +#: sssd.conf.5.xml:1886 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1878 +#: sssd.conf.5.xml:1896 msgid "entry_cache_service_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1881 +#: sssd.conf.5.xml:1899 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1891 +#: sssd.conf.5.xml:1909 msgid "entry_cache_sudo_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1894 +#: sssd.conf.5.xml:1912 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1904 +#: sssd.conf.5.xml:1922 msgid "entry_cache_autofs_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1907 +#: sssd.conf.5.xml:1925 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1918 +#: sssd.conf.5.xml:1936 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1921 +#: sssd.conf.5.xml:1939 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1932 +#: sssd.conf.5.xml:1950 msgid "refresh_expired_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1935 +#: sssd.conf.5.xml:1953 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1940 +#: sssd.conf.5.xml:1958 msgid "" "The background refresh will process users, groups and netgroups in the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1944 +#: sssd.conf.5.xml:1962 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1948 sssd-ldap.5.xml:746 sssd-ipa.5.xml:248 +#: sssd.conf.5.xml:1966 sssd-ldap.5.xml:746 sssd-ipa.5.xml:254 msgid "Default: 0 (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1954 +#: sssd.conf.5.xml:1972 msgid "cache_credentials (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1957 +#: sssd.conf.5.xml:1975 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1961 +#: sssd.conf.5.xml:1979 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1971 +#: sssd.conf.5.xml:1989 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1974 +#: sssd.conf.5.xml:1992 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " @@ -2430,24 +2449,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1981 +#: sssd.conf.5.xml:1999 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1986 +#: sssd.conf.5.xml:2004 msgid "Default: 8" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1992 +#: sssd.conf.5.xml:2010 msgid "account_cache_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1995 +#: sssd.conf.5.xml:2013 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -2456,17 +2475,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2002 +#: sssd.conf.5.xml:2020 msgid "Default: 0 (unlimited)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2007 +#: sssd.conf.5.xml:2025 msgid "pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2018 +#: sssd.conf.5.xml:2036 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -2475,33 +2494,33 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2025 +#: sssd.conf.5.xml:2043 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2031 +#: sssd.conf.5.xml:2049 msgid "id_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2034 +#: sssd.conf.5.xml:2052 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2038 +#: sssd.conf.5.xml:2056 msgid "<quote>proxy</quote>: Support a legacy NSS provider" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2041 sssd.conf.5.xml:2178 +#: sssd.conf.5.xml:2059 sssd.conf.5.xml:2196 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2045 +#: sssd.conf.5.xml:2063 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -2509,8 +2528,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2053 sssd.conf.5.xml:2158 sssd.conf.5.xml:2213 -#: sssd.conf.5.xml:2276 +#: sssd.conf.5.xml:2071 sssd.conf.5.xml:2176 sssd.conf.5.xml:2231 +#: sssd.conf.5.xml:2294 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -2519,8 +2538,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2062 sssd.conf.5.xml:2167 sssd.conf.5.xml:2222 -#: sssd.conf.5.xml:2285 +#: sssd.conf.5.xml:2080 sssd.conf.5.xml:2185 sssd.conf.5.xml:2240 +#: sssd.conf.5.xml:2303 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2528,19 +2547,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2073 +#: sssd.conf.5.xml:2091 msgid "use_fully_qualified_names (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2076 +#: sssd.conf.5.xml:2094 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2081 +#: sssd.conf.5.xml:2099 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -2549,7 +2568,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2089 +#: sssd.conf.5.xml:2107 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -2557,22 +2576,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2096 +#: sssd.conf.5.xml:2114 msgid "Default: FALSE (TRUE if default_domain_suffix is used)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2102 +#: sssd.conf.5.xml:2120 msgid "ignore_group_members (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2105 +#: sssd.conf.5.xml:2123 msgid "Do not return group members for group lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2108 +#: sssd.conf.5.xml:2126 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -2584,7 +2603,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2126 +#: sssd.conf.5.xml:2144 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " @@ -2592,19 +2611,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2137 +#: sssd.conf.5.xml:2155 msgid "auth_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2140 +#: sssd.conf.5.xml:2158 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2144 sssd.conf.5.xml:2206 +#: sssd.conf.5.xml:2162 sssd.conf.5.xml:2224 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2612,7 +2631,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2151 +#: sssd.conf.5.xml:2169 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2620,30 +2639,30 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2175 +#: sssd.conf.5.xml:2193 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2182 +#: sssd.conf.5.xml:2200 msgid "<quote>none</quote> disables authentication explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2185 +#: sssd.conf.5.xml:2203 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2191 +#: sssd.conf.5.xml:2209 msgid "access_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2194 +#: sssd.conf.5.xml:2212 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -2651,19 +2670,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2200 +#: sssd.conf.5.xml:2218 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2203 +#: sssd.conf.5.xml:2221 msgid "<quote>deny</quote> always deny access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2230 +#: sssd.conf.5.xml:2248 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -2672,7 +2691,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2237 +#: sssd.conf.5.xml:2255 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum></" @@ -2680,29 +2699,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2244 +#: sssd.conf.5.xml:2262 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2247 +#: sssd.conf.5.xml:2265 msgid "Default: <quote>permit</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2252 +#: sssd.conf.5.xml:2270 msgid "chpass_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2255 +#: sssd.conf.5.xml:2273 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2260 +#: sssd.conf.5.xml:2278 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -2710,7 +2729,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2268 +#: sssd.conf.5.xml:2286 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2718,35 +2737,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2293 +#: sssd.conf.5.xml:2311 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2297 +#: sssd.conf.5.xml:2315 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2300 +#: sssd.conf.5.xml:2318 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2307 +#: sssd.conf.5.xml:2325 msgid "sudo_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2310 +#: sssd.conf.5.xml:2328 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2314 +#: sssd.conf.5.xml:2332 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2754,32 +2773,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2322 +#: sssd.conf.5.xml:2340 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2326 +#: sssd.conf.5.xml:2344 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2330 +#: sssd.conf.5.xml:2348 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2333 sssd.conf.5.xml:2411 sssd.conf.5.xml:2476 -#: sssd.conf.5.xml:2501 +#: sssd.conf.5.xml:2351 sssd.conf.5.xml:2437 sssd.conf.5.xml:2507 +#: sssd.conf.5.xml:2532 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2337 +#: sssd.conf.5.xml:2355 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -2789,13 +2808,22 @@ msgid "" "<manvolnum>5</manvolnum> </citerefentry>." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2370 +msgid "" +"<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " +"background unless the sudo provider is explicitly disabled. Set " +"<emphasis>sudo_provider = None</emphasis> to disable all sudo-related " +"activity in SSSD if you do not want to use sudo with SSSD at all." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2354 +#: sssd.conf.5.xml:2380 msgid "selinux_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2357 +#: sssd.conf.5.xml:2383 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -2803,7 +2831,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2363 +#: sssd.conf.5.xml:2389 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -2811,31 +2839,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2371 +#: sssd.conf.5.xml:2397 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2374 +#: sssd.conf.5.xml:2400 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2380 +#: sssd.conf.5.xml:2406 msgid "subdomains_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2383 +#: sssd.conf.5.xml:2409 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2389 +#: sssd.conf.5.xml:2415 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -2843,7 +2871,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2398 +#: sssd.conf.5.xml:2424 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -2852,17 +2880,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2407 +#: sssd.conf.5.xml:2433 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2417 +#: sssd.conf.5.xml:2443 msgid "session_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2420 +#: sssd.conf.5.xml:2446 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " @@ -2870,36 +2898,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2427 +#: sssd.conf.5.xml:2453 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2431 +#: sssd.conf.5.xml:2457 msgid "" "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2435 +#: sssd.conf.5.xml:2461 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can perform " "session related tasks." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2465 +msgid "" +"<emphasis>NOTE:</emphasis> In order to have this feature working as expected " +"SSSD must be running as \"root\" and not as the unprivileged user." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2442 +#: sssd.conf.5.xml:2473 msgid "autofs_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2445 +#: sssd.conf.5.xml:2476 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2449 +#: sssd.conf.5.xml:2480 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2907,7 +2942,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2456 +#: sssd.conf.5.xml:2487 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2915,7 +2950,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2464 +#: sssd.conf.5.xml:2495 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2923,24 +2958,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2473 +#: sssd.conf.5.xml:2504 msgid "<quote>none</quote> disables autofs explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2483 +#: sssd.conf.5.xml:2514 msgid "hostid_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2486 +#: sssd.conf.5.xml:2517 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2490 +#: sssd.conf.5.xml:2521 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -2948,12 +2983,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2498 +#: sssd.conf.5.xml:2529 msgid "<quote>none</quote> disables hostid explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2511 +#: sssd.conf.5.xml:2542 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -2963,7 +2998,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2520 +#: sssd.conf.5.xml:2551 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -2973,29 +3008,29 @@ msgstr "" # auto translated by TM merge from project: Fedora Websites, version: fedorahosted.org, DocId: po/fedorahosted #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2525 +#: sssd.conf.5.xml:2556 msgid "username" msgstr "username" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2528 +#: sssd.conf.5.xml:2559 msgid "username@domain.name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2531 +#: sssd.conf.5.xml:2562 msgid "domain\\username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2534 +#: sssd.conf.5.xml:2565 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2539 +#: sssd.conf.5.xml:2570 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -3003,7 +3038,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2545 +#: sssd.conf.5.xml:2576 msgid "" "PLEASE NOTE: the support for non-unique named subpatterns is not available " "on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre " @@ -3011,66 +3046,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2552 +#: sssd.conf.5.xml:2583 msgid "" "PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?" "P<name>) to label subpatterns." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2599 +#: sssd.conf.5.xml:2630 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2605 +#: sssd.conf.5.xml:2636 msgid "lookup_family_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2608 +#: sssd.conf.5.xml:2639 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2612 +#: sssd.conf.5.xml:2643 msgid "Supported values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2615 +#: sssd.conf.5.xml:2646 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2618 +#: sssd.conf.5.xml:2649 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2621 +#: sssd.conf.5.xml:2652 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2624 +#: sssd.conf.5.xml:2655 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2627 +#: sssd.conf.5.xml:2658 msgid "Default: ipv4_first" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2633 +#: sssd.conf.5.xml:2664 msgid "dns_resolver_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2636 +#: sssd.conf.5.xml:2667 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the " "internal fail over service before assuming that the service is unreachable. " @@ -3079,77 +3114,77 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2643 +#: sssd.conf.5.xml:2674 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2648 sssd-ldap.5.xml:1278 sssd-ldap.5.xml:1320 -#: sssd-ldap.5.xml:1338 sssd-krb5.5.xml:248 +#: sssd.conf.5.xml:2679 sssd-ldap.5.xml:1396 sssd-ldap.5.xml:1438 +#: sssd-ldap.5.xml:1456 sssd-krb5.5.xml:248 msgid "Default: 6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2654 +#: sssd.conf.5.xml:2685 msgid "dns_discovery_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2657 +#: sssd.conf.5.xml:2688 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2661 +#: sssd.conf.5.xml:2692 msgid "Default: Use the domain part of machine's hostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2667 +#: sssd.conf.5.xml:2698 msgid "override_gid (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2670 +#: sssd.conf.5.xml:2701 msgid "Override the primary GID value with the one specified." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2676 +#: sssd.conf.5.xml:2707 msgid "case_sensitive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2684 +#: sssd.conf.5.xml:2715 msgid "True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2687 +#: sssd.conf.5.xml:2718 msgid "Case sensitive. This value is invalid for AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2693 +#: sssd.conf.5.xml:2724 msgid "False" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2695 +#: sssd.conf.5.xml:2726 msgid "Case insensitive." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2699 +#: sssd.conf.5.xml:2730 msgid "Preserving" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2702 +#: sssd.conf.5.xml:2733 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " @@ -3157,7 +3192,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2679 +#: sssd.conf.5.xml:2710 msgid "" "Treat user and group names as case sensitive. At the moment, this option is " "not supported in the local provider. Possible option values are: " @@ -3165,17 +3200,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2714 +#: sssd.conf.5.xml:2745 msgid "Default: True (False for AD provider)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2720 +#: sssd.conf.5.xml:2751 msgid "subdomain_inherit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2723 +#: sssd.conf.5.xml:2754 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " @@ -3183,34 +3218,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2729 +#: sssd.conf.5.xml:2760 msgid "ignore_group_members" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2732 +#: sssd.conf.5.xml:2763 msgid "ldap_purge_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2735 sssd-ldap.5.xml:1111 +#: sssd.conf.5.xml:2766 sssd-ldap.5.xml:1120 msgid "ldap_use_tokengroups" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2738 +#: sssd.conf.5.xml:2769 msgid "ldap_user_principal" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2741 +#: sssd.conf.5.xml:2772 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:2747 +#: sssd.conf.5.xml:2778 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" @@ -3218,32 +3253,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2745 sssd-secrets.5.xml:448 +#: sssd.conf.5.xml:2776 sssd-secrets.5.xml:448 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2754 +#: sssd.conf.5.xml:2785 msgid "Note: This option only works with the IPA and AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2761 +#: sssd.conf.5.xml:2792 msgid "subdomain_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2772 +#: sssd.conf.5.xml:2803 msgid "%F" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2773 +#: sssd.conf.5.xml:2804 msgid "flat (NetBIOS) name of a subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2764 +#: sssd.conf.5.xml:2795 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -3253,34 +3288,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2778 +#: sssd.conf.5.xml:2809 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2782 +#: sssd.conf.5.xml:2813 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2787 +#: sssd.conf.5.xml:2818 msgid "realmd_tags (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2790 +#: sssd.conf.5.xml:2821 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2796 +#: sssd.conf.5.xml:2827 msgid "cached_auth_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2799 +#: sssd.conf.5.xml:2830 msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " @@ -3288,20 +3323,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2805 +#: sssd.conf.5.xml:2836 msgid "Special value 0 implies that this feature is disabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2809 +#: sssd.conf.5.xml:2840 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " "<quote>initgroups.</quote>" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2851 +msgid "auto_private_groups (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2854 +msgid "" +"If this option is enabled, SSSD will automatically create user private " +"groups based on user's UID number. The GID number is ignored in this case." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2859 +msgid "" +"For POSIX subdomains, setting the option in the main domain is inherited in " +"the subdomain." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2863 +msgid "" +"For ID-mapping subdomains, auto_private_groups is already enabled for the " +"subdomains and setting it to false will not have any effect for the " +"subdomain." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2868 +msgid "" +"NOTE: Because the GID number and the user private group are inferred from " +"the UID number, it is not supported to have multiple entries with the same " +"UID or GID number with this option. In other words, enabling this option " +"enforces uniqueness across the ID space." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1670 +#: sssd.conf.5.xml:1677 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -3309,29 +3380,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2827 +#: sssd.conf.5.xml:2887 msgid "proxy_pam_target (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2830 +#: sssd.conf.5.xml:2890 msgid "The proxy target PAM proxies to." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2833 +#: sssd.conf.5.xml:2893 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2841 +#: sssd.conf.5.xml:2901 msgid "proxy_lib_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2844 +#: sssd.conf.5.xml:2904 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -3339,12 +3410,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2854 +#: sssd.conf.5.xml:2914 msgid "proxy_fast_alias (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2857 +#: sssd.conf.5.xml:2917 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -3353,12 +3424,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2871 +#: sssd.conf.5.xml:2931 msgid "proxy_max_children (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2874 +#: sssd.conf.5.xml:2934 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " @@ -3366,19 +3437,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:2823 +#: sssd.conf.5.xml:2883 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2890 +#: sssd.conf.5.xml:2950 msgid "Application domains" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2892 +#: sssd.conf.5.xml:2952 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> <refentrytitle>sssd-ifp</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) is appealing to " @@ -3395,7 +3466,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2912 +#: sssd.conf.5.xml:2972 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " @@ -3403,17 +3474,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:2918 +#: sssd.conf.5.xml:2978 msgid "Application domain parameters" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2920 +#: sssd.conf.5.xml:2980 msgid "inherit_from (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2923 +#: sssd.conf.5.xml:2983 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " @@ -3422,7 +3493,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2937 +#: sssd.conf.5.xml:2997 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " @@ -3432,7 +3503,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:2945 +#: sssd.conf.5.xml:3005 #, no-wrap msgid "" "[sssd]\n" @@ -3452,12 +3523,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2963 +#: sssd.conf.5.xml:3023 msgid "The local domain section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2965 +#: sssd.conf.5.xml:3025 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -3465,73 +3536,73 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2972 +#: sssd.conf.5.xml:3032 msgid "default_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2975 +#: sssd.conf.5.xml:3035 msgid "The default shell for users created with SSSD userspace tools." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2979 +#: sssd.conf.5.xml:3039 msgid "Default: <filename>/bin/bash</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2984 +#: sssd.conf.5.xml:3044 msgid "base_directory (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2987 +#: sssd.conf.5.xml:3047 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2992 +#: sssd.conf.5.xml:3052 msgid "Default: <filename>/home</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2997 +#: sssd.conf.5.xml:3057 msgid "create_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3000 +#: sssd.conf.5.xml:3060 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3004 sssd.conf.5.xml:3016 +#: sssd.conf.5.xml:3064 sssd.conf.5.xml:3076 msgid "Default: TRUE" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3009 +#: sssd.conf.5.xml:3069 msgid "remove_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3012 +#: sssd.conf.5.xml:3072 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3021 +#: sssd.conf.5.xml:3081 msgid "homedir_umask (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3024 +#: sssd.conf.5.xml:3084 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -3539,17 +3610,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3032 +#: sssd.conf.5.xml:3092 msgid "Default: 077" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3037 +#: sssd.conf.5.xml:3097 msgid "skel_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3040 +#: sssd.conf.5.xml:3100 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -3558,17 +3629,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3050 +#: sssd.conf.5.xml:3110 msgid "Default: <filename>/etc/skel</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3055 +#: sssd.conf.5.xml:3115 msgid "mail_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3058 +#: sssd.conf.5.xml:3118 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -3576,17 +3647,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3065 +#: sssd.conf.5.xml:3125 msgid "Default: <filename>/var/mail</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3070 +#: sssd.conf.5.xml:3130 msgid "userdel_cmd (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3073 +#: sssd.conf.5.xml:3133 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -3594,17 +3665,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3079 +#: sssd.conf.5.xml:3139 msgid "Default: None, no command is run" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3089 +#: sssd.conf.5.xml:3149 msgid "TRUSTED DOMAIN SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3091 +#: sssd.conf.5.xml:3151 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called <quote>[domain/" @@ -3615,64 +3686,64 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3098 +#: sssd.conf.5.xml:3158 msgid "ldap_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3099 +#: sssd.conf.5.xml:3159 msgid "ldap_user_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3100 +#: sssd.conf.5.xml:3160 msgid "ldap_group_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3101 +#: sssd.conf.5.xml:3161 msgid "ldap_netgroup_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3102 +#: sssd.conf.5.xml:3162 msgid "ldap_service_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3103 +#: sssd.conf.5.xml:3163 msgid "ad_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3104 +#: sssd.conf.5.xml:3164 msgid "ad_backup_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3105 +#: sssd.conf.5.xml:3165 msgid "ad_site," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3106 +#: sssd.conf.5.xml:3166 msgid "use_fully_qualified_names" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3108 +#: sssd.conf.5.xml:3168 msgid "" "For more details about these options see their individual description in the " "manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3114 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:3174 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3120 +#: sssd.conf.5.xml:3180 #, no-wrap msgid "" "[sssd]\n" @@ -3702,7 +3773,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3116 +#: sssd.conf.5.xml:3176 msgid "" "1. The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -3711,7 +3782,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3153 +#: sssd.conf.5.xml:3213 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" @@ -3719,7 +3790,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3147 +#: sssd.conf.5.xml:3207 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -3767,7 +3838,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:75 sssd-ad.5.xml:99 +#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:81 sssd-ad.5.xml:112 #: sssd-krb5.5.xml:63 sssd-ifp.5.xml:44 sssd-files.5.xml:57 #: sssd-secrets.5.xml:120 sssd-session-recording.5.xml:58 sssd-kcm.8.xml:139 msgid "CONFIGURATION OPTIONS" @@ -3868,7 +3939,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:662 sssd-ad.5.xml:270 +#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:662 sssd-ad.5.xml:283 #: sss_override.8.xml:137 sss_override.8.xml:234 msgid "Examples:" msgstr "" @@ -4070,7 +4141,7 @@ msgid "The LDAP attribute that corresponds to the user's primary group id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:297 sssd-ldap.5.xml:920 +#: sssd-ldap.5.xml:297 sssd-ldap.5.xml:929 msgid "Default: gidNumber" msgstr "" @@ -4148,7 +4219,7 @@ msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:364 sssd-ldap.5.xml:946 +#: sssd-ldap.5.xml:364 sssd-ldap.5.xml:955 msgid "" "Default: not set in the general case, objectGUID for AD and ipaUniqueID for " "IPA" @@ -4167,7 +4238,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:379 sssd-ldap.5.xml:961 +#: sssd-ldap.5.xml:379 sssd-ldap.5.xml:970 msgid "Default: objectSid for ActiveDirectory, not set for other servers." msgstr "" @@ -4177,14 +4248,14 @@ msgid "ldap_user_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:389 sssd-ldap.5.xml:971 sssd-ldap.5.xml:1194 +#: sssd-ldap.5.xml:389 sssd-ldap.5.xml:980 sssd-ldap.5.xml:1203 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:393 sssd-ldap.5.xml:975 sssd-ldap.5.xml:1201 +#: sssd-ldap.5.xml:393 sssd-ldap.5.xml:984 sssd-ldap.5.xml:1210 msgid "Default: modifyTimestamp" msgstr "" @@ -4516,7 +4587,7 @@ msgid "The LDAP attribute that contains the user's SSH public keys." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:692 +#: sssd-ldap.5.xml:692 sssd-ldap.5.xml:1306 msgid "Default: sshPublicKey" msgstr "" @@ -4579,8 +4650,8 @@ msgid "The LDAP attribute that corresponds to the user's full name." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:759 sssd-ldap.5.xml:1152 sssd-ldap.5.xml:1226 -#: sssd-ldap.5.xml:2276 sssd-ipa.5.xml:588 +#: sssd-ldap.5.xml:759 sssd-ldap.5.xml:1161 sssd-ldap.5.xml:1235 +#: sssd-ldap.5.xml:1344 sssd-ldap.5.xml:2394 sssd-ipa.5.xml:607 msgid "Default: cn" msgstr "" @@ -4595,7 +4666,7 @@ msgid "The LDAP attribute that lists the user's group memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:772 +#: sssd-ldap.5.xml:772 sssd-ldap.5.xml:1274 msgid "Default: memberOf" msgstr "" @@ -4725,105 +4796,115 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:881 +msgid "" +"Note: If an email address of a user conflicts with an email address or fully " +"qualified name of another user, then SSSD will not be able to serve those " +"users properly. If for some reason several users need to share the same " +"email address then set this option to a nonexistent attribute name in order " +"to disable user lookup/login by email." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:890 msgid "Default: mail" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:887 +#: sssd-ldap.5.xml:896 msgid "ldap_group_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:890 +#: sssd-ldap.5.xml:899 msgid "The object class of a group entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:893 +#: sssd-ldap.5.xml:902 msgid "Default: posixGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:899 +#: sssd-ldap.5.xml:908 msgid "ldap_group_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:902 +#: sssd-ldap.5.xml:911 msgid "The LDAP attribute that corresponds to the group name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:906 +#: sssd-ldap.5.xml:915 msgid "Default: cn (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:913 +#: sssd-ldap.5.xml:922 msgid "ldap_group_gid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:916 +#: sssd-ldap.5.xml:925 msgid "The LDAP attribute that corresponds to the group's id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:926 +#: sssd-ldap.5.xml:935 msgid "ldap_group_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:929 +#: sssd-ldap.5.xml:938 msgid "The LDAP attribute that contains the names of the group's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:933 +#: sssd-ldap.5.xml:942 msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:939 +#: sssd-ldap.5.xml:948 msgid "ldap_group_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:942 +#: sssd-ldap.5.xml:951 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:953 +#: sssd-ldap.5.xml:962 msgid "ldap_group_objectsid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:956 +#: sssd-ldap.5.xml:965 msgid "" "The LDAP attribute that contains the objectSID of an LDAP group object. This " "is usually only necessary for ActiveDirectory servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:968 +#: sssd-ldap.5.xml:977 msgid "ldap_group_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:981 +#: sssd-ldap.5.xml:990 msgid "ldap_group_type (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:984 +#: sssd-ldap.5.xml:993 msgid "" "The LDAP attribute that contains an integer value indicating the type of the " "group and maybe other flags." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:989 +#: sssd-ldap.5.xml:998 msgid "" "This attribute is currently only used by the AD provider to determine if a " "group is a domain local groups and has to be filtered out for trusted " @@ -4831,34 +4912,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:995 +#: sssd-ldap.5.xml:1004 msgid "Default: groupType in the AD provider, otherwise not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1002 +#: sssd-ldap.5.xml:1011 msgid "ldap_group_external_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1005 +#: sssd-ldap.5.xml:1014 msgid "" "The LDAP attribute that references group members that are defined in an " "external domain. At the moment, only IPA's external members are supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1011 +#: sssd-ldap.5.xml:1020 msgid "Default: ipaExternalMember in the IPA provider, otherwise unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1018 +#: sssd-ldap.5.xml:1027 msgid "ldap_group_nesting_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1021 +#: sssd-ldap.5.xml:1030 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -4866,7 +4947,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1028 +#: sssd-ldap.5.xml:1037 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -4876,7 +4957,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1037 +#: sssd-ldap.5.xml:1046 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " @@ -4886,17 +4967,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1046 +#: sssd-ldap.5.xml:1055 msgid "Default: 2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1052 +#: sssd-ldap.5.xml:1061 msgid "ldap_groups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1055 +#: sssd-ldap.5.xml:1064 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which may speed up group lookup operations on deployments with " @@ -4904,14 +4985,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1061 +#: sssd-ldap.5.xml:1070 msgid "" "In most common cases, it is best to leave this option disabled. It generally " "only provides a performance increase on very complex nestings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1066 sssd-ldap.5.xml:1093 +#: sssd-ldap.5.xml:1075 sssd-ldap.5.xml:1102 msgid "" "If this option is enabled, SSSD will use it if it detects that the server " "supports it during initial connection. So \"True\" here essentially means " @@ -4919,7 +5000,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1072 sssd-ldap.5.xml:1099 +#: sssd-ldap.5.xml:1081 sssd-ldap.5.xml:1108 msgid "" "Note: This feature is currently known to work only with Active Directory " "2008 R1 and later. See <ulink url=\"http://msdn.microsoft.com/en-us/library/" @@ -4928,12 +5009,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1084 +#: sssd-ldap.5.xml:1093 msgid "ldap_initgroups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1087 +#: sssd-ldap.5.xml:1096 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which might speed up initgroups operations (most notably when " @@ -4941,168 +5022,268 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1114 +#: sssd-ldap.5.xml:1123 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1119 +#: sssd-ldap.5.xml:1128 msgid "Default: True for AD and IPA otherwise False." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1125 +#: sssd-ldap.5.xml:1134 msgid "ldap_netgroup_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1128 +#: sssd-ldap.5.xml:1137 msgid "The object class of a netgroup entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1131 +#: sssd-ldap.5.xml:1140 msgid "In IPA provider, ipa_netgroup_object_class should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1135 +#: sssd-ldap.5.xml:1144 msgid "Default: nisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1141 +#: sssd-ldap.5.xml:1150 msgid "ldap_netgroup_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1144 +#: sssd-ldap.5.xml:1153 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1148 +#: sssd-ldap.5.xml:1157 msgid "In IPA provider, ipa_netgroup_name should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1158 +#: sssd-ldap.5.xml:1167 msgid "ldap_netgroup_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1161 +#: sssd-ldap.5.xml:1170 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1165 +#: sssd-ldap.5.xml:1174 msgid "In IPA provider, ipa_netgroup_member should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1169 +#: sssd-ldap.5.xml:1178 msgid "Default: memberNisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1175 +#: sssd-ldap.5.xml:1184 msgid "ldap_netgroup_triple (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1178 +#: sssd-ldap.5.xml:1187 msgid "" "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1182 sssd-ldap.5.xml:1198 +#: sssd-ldap.5.xml:1191 sssd-ldap.5.xml:1207 msgid "This option is not available in IPA provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1185 +#: sssd-ldap.5.xml:1194 msgid "Default: nisNetgroupTriple" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1191 +#: sssd-ldap.5.xml:1200 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1207 -msgid "ldap_service_object_class (string)" +#: sssd-ldap.5.xml:1216 +msgid "ldap_host_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1210 -msgid "The object class of a service entry in LDAP." +#: sssd-ldap.5.xml:1219 +msgid "The object class of a host entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1213 +#: sssd-ldap.5.xml:1222 sssd-ldap.5.xml:1331 msgid "Default: ipService" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1219 +#: sssd-ldap.5.xml:1228 +msgid "ldap_host_name (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1231 sssd-ldap.5.xml:1257 +msgid "The LDAP attribute that corresponds to the host's name." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1241 +msgid "ldap_host_fqdn (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1244 +msgid "" +"The LDAP attribute that corresponds to the host's fully-qualified domain " +"name." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1248 +msgid "Default: fqdn" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1254 +msgid "ldap_host_serverhostname (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1261 +msgid "Default: serverHostname" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1267 +msgid "ldap_host_member_of (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1270 +msgid "The LDAP attribute that lists the host's group memberships." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1280 +msgid "ldap_host_search_base (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1283 +msgid "Optional. Use the given string as search base for host objects." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1287 sssd-ipa.5.xml:359 sssd-ipa.5.xml:378 +#: sssd-ipa.5.xml:397 sssd-ipa.5.xml:416 +msgid "" +"See <quote>ldap_search_base</quote> for information about configuring " +"multiple search bases." +msgstr "" + +#. type: Content of: <listitem><para> +#: sssd-ldap.5.xml:1292 sssd-ipa.5.xml:364 include/ldap_search_bases.xml:27 +msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1299 +msgid "ldap_host_ssh_public_key (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1302 +msgid "The LDAP attribute that contains the host's SSH public keys." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1312 +msgid "ldap_host_uuid (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1315 +msgid "The LDAP attribute that contains the UUID/GUID of an LDAP host object." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1325 +msgid "ldap_service_object_class (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1328 +msgid "The object class of a service entry in LDAP." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1337 msgid "ldap_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1222 +#: sssd-ldap.5.xml:1340 msgid "" "The LDAP attribute that contains the name of service attributes and their " "aliases." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1232 +#: sssd-ldap.5.xml:1350 msgid "ldap_service_port (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1235 +#: sssd-ldap.5.xml:1353 msgid "The LDAP attribute that contains the port managed by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1239 +#: sssd-ldap.5.xml:1357 msgid "Default: ipServicePort" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1245 +#: sssd-ldap.5.xml:1363 msgid "ldap_service_proto (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1248 +#: sssd-ldap.5.xml:1366 msgid "" "The LDAP attribute that contains the protocols understood by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1252 +#: sssd-ldap.5.xml:1370 msgid "Default: ipServiceProtocol" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1258 +#: sssd-ldap.5.xml:1376 msgid "ldap_service_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1263 +#: sssd-ldap.5.xml:1381 msgid "ldap_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1266 +#: sssd-ldap.5.xml:1384 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -5110,7 +5291,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1272 +#: sssd-ldap.5.xml:1390 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -5118,12 +5299,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1284 +#: sssd-ldap.5.xml:1402 msgid "ldap_enumeration_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1287 +#: sssd-ldap.5.xml:1405 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -5131,12 +5312,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1300 +#: sssd-ldap.5.xml:1418 msgid "ldap_network_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1303 +#: sssd-ldap.5.xml:1421 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -5147,12 +5328,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1326 +#: sssd-ldap.5.xml:1444 msgid "ldap_opt_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1329 +#: sssd-ldap.5.xml:1447 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -5161,12 +5342,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1344 +#: sssd-ldap.5.xml:1462 msgid "ldap_connection_expire_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1347 +#: sssd-ldap.5.xml:1465 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -5175,34 +5356,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1355 sssd-ldap.5.xml:2433 +#: sssd-ldap.5.xml:1473 sssd-ldap.5.xml:2551 msgid "Default: 900 (15 minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1361 +#: sssd-ldap.5.xml:1479 msgid "ldap_page_size (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1364 +#: sssd-ldap.5.xml:1482 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1369 +#: sssd-ldap.5.xml:1487 msgid "Default: 1000" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1375 +#: sssd-ldap.5.xml:1493 msgid "ldap_disable_paging (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1378 +#: sssd-ldap.5.xml:1496 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -5210,14 +5391,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1384 +#: sssd-ldap.5.xml:1502 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1390 +#: sssd-ldap.5.xml:1508 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -5225,17 +5406,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1402 +#: sssd-ldap.5.xml:1520 msgid "ldap_disable_range_retrieval (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1405 +#: sssd-ldap.5.xml:1523 msgid "Disable Active Directory range retrieval." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1408 +#: sssd-ldap.5.xml:1526 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -5245,12 +5426,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1423 +#: sssd-ldap.5.xml:1541 msgid "ldap_sasl_minssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1426 +#: sssd-ldap.5.xml:1544 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -5258,17 +5439,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1432 +#: sssd-ldap.5.xml:1550 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1439 +#: sssd-ldap.5.xml:1557 msgid "ldap_deref_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1442 +#: sssd-ldap.5.xml:1560 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -5276,13 +5457,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1448 +#: sssd-ldap.5.xml:1566 msgid "" "You can turn off dereference lookups completely by setting the value to 0." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1452 +#: sssd-ldap.5.xml:1570 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -5291,7 +5472,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1460 +#: sssd-ldap.5.xml:1578 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -5299,26 +5480,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1473 +#: sssd-ldap.5.xml:1591 msgid "ldap_tls_reqcert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1476 +#: sssd-ldap.5.xml:1594 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1482 +#: sssd-ldap.5.xml:1600 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1486 +#: sssd-ldap.5.xml:1604 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5326,7 +5507,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1493 +#: sssd-ldap.5.xml:1611 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5334,7 +5515,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1499 +#: sssd-ldap.5.xml:1617 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -5342,41 +5523,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1505 +#: sssd-ldap.5.xml:1623 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1509 +#: sssd-ldap.5.xml:1627 msgid "Default: hard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1515 +#: sssd-ldap.5.xml:1633 msgid "ldap_tls_cacert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1518 +#: sssd-ldap.5.xml:1636 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1523 sssd-ldap.5.xml:1541 sssd-ldap.5.xml:1582 +#: sssd-ldap.5.xml:1641 sssd-ldap.5.xml:1659 sssd-ldap.5.xml:1700 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1530 +#: sssd-ldap.5.xml:1648 msgid "ldap_tls_cacertdir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1533 +#: sssd-ldap.5.xml:1651 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -5385,32 +5566,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1548 +#: sssd-ldap.5.xml:1666 msgid "ldap_tls_cert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1551 +#: sssd-ldap.5.xml:1669 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1561 +#: sssd-ldap.5.xml:1679 msgid "ldap_tls_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1564 +#: sssd-ldap.5.xml:1682 msgid "Specifies the file that contains the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1573 +#: sssd-ldap.5.xml:1691 msgid "ldap_tls_cipher_suite (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1576 +#: sssd-ldap.5.xml:1694 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -5418,24 +5599,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1589 +#: sssd-ldap.5.xml:1707 msgid "ldap_id_use_start_tls (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1592 +#: sssd-ldap.5.xml:1710 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1602 +#: sssd-ldap.5.xml:1720 msgid "ldap_id_mapping (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1605 +#: sssd-ldap.5.xml:1723 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -5443,17 +5624,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1611 +#: sssd-ldap.5.xml:1729 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1621 +#: sssd-ldap.5.xml:1739 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1624 +#: sssd-ldap.5.xml:1742 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -5464,29 +5645,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1636 +#: sssd-ldap.5.xml:1754 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1642 +#: sssd-ldap.5.xml:1760 msgid "ldap_sasl_mech (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1645 +#: sssd-ldap.5.xml:1763 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI is tested and " "supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1655 +#: sssd-ldap.5.xml:1773 msgid "ldap_sasl_authid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1658 +#: sssd-ldap.5.xml:1776 msgid "" "Specify the SASL authorization id to use. When GSSAPI is used, this " "represents the Kerberos principal used for authentication to the directory. " @@ -5495,17 +5676,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1666 +#: sssd-ldap.5.xml:1784 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1672 +#: sssd-ldap.5.xml:1790 msgid "ldap_sasl_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1675 +#: sssd-ldap.5.xml:1793 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -5513,49 +5694,49 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1681 +#: sssd-ldap.5.xml:1799 msgid "Default: the value of krb5_realm." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1687 +#: sssd-ldap.5.xml:1805 msgid "ldap_sasl_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1690 +#: sssd-ldap.5.xml:1808 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1695 +#: sssd-ldap.5.xml:1813 msgid "Default: false;" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1701 +#: sssd-ldap.5.xml:1819 msgid "ldap_krb5_keytab (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1704 +#: sssd-ldap.5.xml:1822 msgid "Specify the keytab to use when using SASL/GSSAPI." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1707 +#: sssd-ldap.5.xml:1825 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1713 +#: sssd-ldap.5.xml:1831 msgid "ldap_krb5_init_creds (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1716 +#: sssd-ldap.5.xml:1834 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -5563,27 +5744,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1728 +#: sssd-ldap.5.xml:1846 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1731 +#: sssd-ldap.5.xml:1849 msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1735 sssd-ad.5.xml:914 +#: sssd-ldap.5.xml:1853 sssd-ad.5.xml:934 msgid "Default: 86400 (24 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1741 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1859 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1744 +#: sssd-ldap.5.xml:1862 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -5595,7 +5776,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1756 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1874 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -5603,7 +5784,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1761 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1879 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -5611,39 +5792,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1770 sssd-ipa.5.xml:432 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1888 sssd-ipa.5.xml:428 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1773 +#: sssd-ldap.5.xml:1891 msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1776 +#: sssd-ldap.5.xml:1894 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1782 sssd-krb5.5.xml:462 +#: sssd-ldap.5.xml:1900 sssd-krb5.5.xml:462 msgid "krb5_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1785 +#: sssd-ldap.5.xml:1903 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1797 sssd-krb5.5.xml:477 +#: sssd-ldap.5.xml:1915 sssd-krb5.5.xml:477 msgid "krb5_use_kdcinfo (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1800 sssd-krb5.5.xml:480 +#: sssd-ldap.5.xml:1918 sssd-krb5.5.xml:480 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -5653,7 +5834,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1811 sssd-krb5.5.xml:491 +#: sssd-ldap.5.xml:1929 sssd-krb5.5.xml:491 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -5661,26 +5842,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1825 +#: sssd-ldap.5.xml:1943 msgid "ldap_pwd_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1828 +#: sssd-ldap.5.xml:1946 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1833 +#: sssd-ldap.5.xml:1951 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1838 +#: sssd-ldap.5.xml:1956 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -5688,7 +5869,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1844 +#: sssd-ldap.5.xml:1962 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -5696,31 +5877,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1853 +#: sssd-ldap.5.xml:1971 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1861 +#: sssd-ldap.5.xml:1979 msgid "ldap_referrals (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1864 +#: sssd-ldap.5.xml:1982 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1868 +#: sssd-ldap.5.xml:1986 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1873 +#: sssd-ldap.5.xml:1991 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -5729,56 +5910,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1887 +#: sssd-ldap.5.xml:2005 msgid "ldap_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1890 +#: sssd-ldap.5.xml:2008 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1894 +#: sssd-ldap.5.xml:2012 msgid "Default: ldap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1900 +#: sssd-ldap.5.xml:2018 msgid "ldap_chpass_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1903 +#: sssd-ldap.5.xml:2021 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1908 +#: sssd-ldap.5.xml:2026 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1914 +#: sssd-ldap.5.xml:2032 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1917 +#: sssd-ldap.5.xml:2035 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1929 +#: sssd-ldap.5.xml:2047 msgid "ldap_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1932 +#: sssd-ldap.5.xml:2050 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -5794,12 +5975,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1952 +#: sssd-ldap.5.xml:2070 msgid "Example:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1955 +#: sssd-ldap.5.xml:2073 #, no-wrap msgid "" "access_provider = ldap\n" @@ -5808,14 +5989,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1959 +#: sssd-ldap.5.xml:2077 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1964 +#: sssd-ldap.5.xml:2082 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -5824,24 +6005,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1972 sssd-ldap.5.xml:2029 +#: sssd-ldap.5.xml:2090 sssd-ldap.5.xml:2147 msgid "Default: Empty" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1978 +#: sssd-ldap.5.xml:2096 msgid "ldap_account_expire_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1981 +#: sssd-ldap.5.xml:2099 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1985 +#: sssd-ldap.5.xml:2103 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -5849,19 +6030,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1992 +#: sssd-ldap.5.xml:2110 msgid "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1995 +#: sssd-ldap.5.xml:2113 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2000 +#: sssd-ldap.5.xml:2118 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -5870,7 +6051,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2007 +#: sssd-ldap.5.xml:2125 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -5878,7 +6059,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2013 +#: sssd-ldap.5.xml:2131 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -5887,7 +6068,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2022 +#: sssd-ldap.5.xml:2140 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -5895,22 +6076,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2035 +#: sssd-ldap.5.xml:2153 msgid "ldap_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2038 +#: sssd-ldap.5.xml:2156 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2042 +#: sssd-ldap.5.xml:2160 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2045 +#: sssd-ldap.5.xml:2163 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -5920,14 +6101,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2055 +#: sssd-ldap.5.xml:2173 msgid "" "<emphasis> Please note that this option is superseded by the <quote>ppolicy</" "quote> option and might be removed in a future release. </emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2062 +#: sssd-ldap.5.xml:2180 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -5940,12 +6121,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2079 +#: sssd-ldap.5.xml:2197 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2083 +#: sssd-ldap.5.xml:2201 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " @@ -5955,7 +6136,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2093 +#: sssd-ldap.5.xml:2211 msgid "" "The difference between these options is the action taken if user password is " "expired: pwd_expire_policy_reject - user is denied to log in, " @@ -5965,63 +6146,63 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2101 +#: sssd-ldap.5.xml:2219 msgid "" "Note If user password is expired no explicit message is prompted by SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2105 +#: sssd-ldap.5.xml:2223 msgid "" "Please note that 'access_provider = ldap' must be set for this feature to " "work. Also 'ldap_pwd_policy' must be set to an appropriate password policy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2110 +#: sssd-ldap.5.xml:2228 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2115 +#: sssd-ldap.5.xml:2233 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2119 +#: sssd-ldap.5.xml:2237 msgid "" "<emphasis>rhost</emphasis>: use the rhost attribute to determine whether " "remote host can access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2123 +#: sssd-ldap.5.xml:2241 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control option" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2128 +#: sssd-ldap.5.xml:2246 msgid "Default: filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2131 +#: sssd-ldap.5.xml:2249 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2138 +#: sssd-ldap.5.xml:2256 msgid "ldap_pwdlockout_dn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2141 +#: sssd-ldap.5.xml:2259 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " @@ -6030,74 +6211,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2149 +#: sssd-ldap.5.xml:2267 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2152 +#: sssd-ldap.5.xml:2270 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2158 +#: sssd-ldap.5.xml:2276 msgid "ldap_deref (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2161 +#: sssd-ldap.5.xml:2279 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2166 +#: sssd-ldap.5.xml:2284 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2170 +#: sssd-ldap.5.xml:2288 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2175 +#: sssd-ldap.5.xml:2293 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2180 +#: sssd-ldap.5.xml:2298 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2185 +#: sssd-ldap.5.xml:2303 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2193 +#: sssd-ldap.5.xml:2311 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2196 +#: sssd-ldap.5.xml:2314 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2200 +#: sssd-ldap.5.xml:2318 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -6108,7 +6289,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2211 +#: sssd-ldap.5.xml:2329 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -6116,24 +6297,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2223 sssd-ifp.5.xml:136 +#: sssd-ldap.5.xml:2341 sssd-ifp.5.xml:136 msgid "wildcard_limit (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2226 +#: sssd-ldap.5.xml:2344 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2230 +#: sssd-ldap.5.xml:2348 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2234 +#: sssd-ldap.5.xml:2352 msgid "Default: 1000 (often the size of one page)" msgstr "" @@ -6148,12 +6329,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2244 +#: sssd-ldap.5.xml:2362 msgid "SUDO OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2246 +#: sssd-ldap.5.xml:2364 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -6161,208 +6342,208 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2257 +#: sssd-ldap.5.xml:2375 msgid "ldap_sudorule_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2260 +#: sssd-ldap.5.xml:2378 msgid "The object class of a sudo rule entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2263 +#: sssd-ldap.5.xml:2381 msgid "Default: sudoRole" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2269 +#: sssd-ldap.5.xml:2387 msgid "ldap_sudorule_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2272 +#: sssd-ldap.5.xml:2390 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2282 +#: sssd-ldap.5.xml:2400 msgid "ldap_sudorule_command (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2285 +#: sssd-ldap.5.xml:2403 msgid "The LDAP attribute that corresponds to the command name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2289 +#: sssd-ldap.5.xml:2407 msgid "Default: sudoCommand" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2295 +#: sssd-ldap.5.xml:2413 msgid "ldap_sudorule_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2298 +#: sssd-ldap.5.xml:2416 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2303 +#: sssd-ldap.5.xml:2421 msgid "Default: sudoHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2309 +#: sssd-ldap.5.xml:2427 msgid "ldap_sudorule_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2312 +#: sssd-ldap.5.xml:2430 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2316 +#: sssd-ldap.5.xml:2434 msgid "Default: sudoUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2322 +#: sssd-ldap.5.xml:2440 msgid "ldap_sudorule_option (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2325 +#: sssd-ldap.5.xml:2443 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2329 +#: sssd-ldap.5.xml:2447 msgid "Default: sudoOption" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2335 +#: sssd-ldap.5.xml:2453 msgid "ldap_sudorule_runasuser (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2338 +#: sssd-ldap.5.xml:2456 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2342 +#: sssd-ldap.5.xml:2460 msgid "Default: sudoRunAsUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2348 +#: sssd-ldap.5.xml:2466 msgid "ldap_sudorule_runasgroup (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2351 +#: sssd-ldap.5.xml:2469 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2355 +#: sssd-ldap.5.xml:2473 msgid "Default: sudoRunAsGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2361 +#: sssd-ldap.5.xml:2479 msgid "ldap_sudorule_notbefore (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2364 +#: sssd-ldap.5.xml:2482 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2368 +#: sssd-ldap.5.xml:2486 msgid "Default: sudoNotBefore" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2374 +#: sssd-ldap.5.xml:2492 msgid "ldap_sudorule_notafter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2377 +#: sssd-ldap.5.xml:2495 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2382 +#: sssd-ldap.5.xml:2500 msgid "Default: sudoNotAfter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2388 +#: sssd-ldap.5.xml:2506 msgid "ldap_sudorule_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2391 +#: sssd-ldap.5.xml:2509 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2395 +#: sssd-ldap.5.xml:2513 msgid "Default: sudoOrder" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2401 +#: sssd-ldap.5.xml:2519 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2404 +#: sssd-ldap.5.xml:2522 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2409 +#: sssd-ldap.5.xml:2527 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2414 +#: sssd-ldap.5.xml:2532 msgid "Default: 21600 (6 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2420 +#: sssd-ldap.5.xml:2538 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2423 +#: sssd-ldap.5.xml:2541 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest USN " @@ -6370,101 +6551,101 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2429 +#: sssd-ldap.5.xml:2547 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2439 +#: sssd-ldap.5.xml:2557 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2442 +#: sssd-ldap.5.xml:2560 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2453 +#: sssd-ldap.5.xml:2571 msgid "ldap_sudo_hostnames (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2456 +#: sssd-ldap.5.xml:2574 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2461 +#: sssd-ldap.5.xml:2579 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2466 sssd-ldap.5.xml:2489 sssd-ldap.5.xml:2507 -#: sssd-ldap.5.xml:2525 +#: sssd-ldap.5.xml:2584 sssd-ldap.5.xml:2607 sssd-ldap.5.xml:2625 +#: sssd-ldap.5.xml:2643 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2471 sssd-ldap.5.xml:2494 +#: sssd-ldap.5.xml:2589 sssd-ldap.5.xml:2612 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2477 +#: sssd-ldap.5.xml:2595 msgid "ldap_sudo_ip (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2480 +#: sssd-ldap.5.xml:2598 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2485 +#: sssd-ldap.5.xml:2603 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2500 +#: sssd-ldap.5.xml:2618 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2503 +#: sssd-ldap.5.xml:2621 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2518 +#: sssd-ldap.5.xml:2636 msgid "ldap_sudo_include_regexp (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2521 +#: sssd-ldap.5.xml:2639 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2537 +#: sssd-ldap.5.xml:2655 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -6473,111 +6654,111 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2547 +#: sssd-ldap.5.xml:2665 msgid "AUTOFS OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2549 +#: sssd-ldap.5.xml:2667 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2555 +#: sssd-ldap.5.xml:2673 msgid "ldap_autofs_map_master_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2558 +#: sssd-ldap.5.xml:2676 msgid "The name of the automount master map in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2561 +#: sssd-ldap.5.xml:2679 msgid "Default: auto.master" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2568 +#: sssd-ldap.5.xml:2686 msgid "ldap_autofs_map_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2571 +#: sssd-ldap.5.xml:2689 msgid "The object class of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2574 +#: sssd-ldap.5.xml:2692 msgid "Default: nisMap (rfc2307, autofs_provider=ad), otherwise automountMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2582 +#: sssd-ldap.5.xml:2700 msgid "ldap_autofs_map_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2585 +#: sssd-ldap.5.xml:2703 msgid "The name of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2588 +#: sssd-ldap.5.xml:2706 msgid "" "Default: nisMapName (rfc2307, autofs_provider=ad), otherwise automountMapName" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2596 +#: sssd-ldap.5.xml:2714 msgid "ldap_autofs_entry_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2599 +#: sssd-ldap.5.xml:2717 msgid "" "The object class of an automount entry in LDAP. The entry usually " "corresponds to a mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2604 +#: sssd-ldap.5.xml:2722 msgid "Default: nisObject (rfc2307, autofs_provider=ad), otherwise automount" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2612 +#: sssd-ldap.5.xml:2730 msgid "ldap_autofs_entry_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2615 sssd-ldap.5.xml:2630 +#: sssd-ldap.5.xml:2733 sssd-ldap.5.xml:2748 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2619 +#: sssd-ldap.5.xml:2737 msgid "Default: cn (rfc2307, autofs_provider=ad), otherwise automountKey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2627 +#: sssd-ldap.5.xml:2745 msgid "ldap_autofs_entry_value (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2634 +#: sssd-ldap.5.xml:2752 msgid "" "Default: nisMapEntry (rfc2307, autofs_provider=ad), otherwise " "automountInformation" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2553 +#: sssd-ldap.5.xml:2671 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " @@ -6586,32 +6767,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2645 +#: sssd-ldap.5.xml:2763 msgid "ADVANCED OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2652 +#: sssd-ldap.5.xml:2770 msgid "ldap_netgroup_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2657 +#: sssd-ldap.5.xml:2775 msgid "ldap_user_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2662 +#: sssd-ldap.5.xml:2780 msgid "ldap_group_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> -#: sssd-ldap.5.xml:2667 +#: sssd-ldap.5.xml:2785 msgid "<note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> -#: sssd-ldap.5.xml:2669 +#: sssd-ldap.5.xml:2787 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " @@ -6620,22 +6801,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist> -#: sssd-ldap.5.xml:2676 +#: sssd-ldap.5.xml:2794 msgid "</note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2678 +#: sssd-ldap.5.xml:2796 msgid "ldap_sudo_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2683 +#: sssd-ldap.5.xml:2801 msgid "ldap_autofs_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2647 +#: sssd-ldap.5.xml:2765 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -6644,14 +6825,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2698 sssd-simple.5.xml:131 sssd-ipa.5.xml:717 -#: sssd-ad.5.xml:1018 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 +#: sssd-ldap.5.xml:2816 sssd-simple.5.xml:131 sssd-ipa.5.xml:736 +#: sssd-ad.5.xml:1038 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 #: sssd-files.5.xml:71 sssd-session-recording.5.xml:144 msgid "EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2700 +#: sssd-ldap.5.xml:2818 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -6659,7 +6840,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2706 +#: sssd-ldap.5.xml:2824 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -6672,27 +6853,27 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2705 sssd-ldap.5.xml:2723 sssd-simple.5.xml:139 -#: sssd-ipa.5.xml:725 sssd-ad.5.xml:1026 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 +#: sssd-ldap.5.xml:2823 sssd-ldap.5.xml:2841 sssd-simple.5.xml:139 +#: sssd-ipa.5.xml:744 sssd-ad.5.xml:1046 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 #: sssd-files.5.xml:78 sssd-session-recording.5.xml:150 #: include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2717 +#: sssd-ldap.5.xml:2835 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2719 +#: sssd-ldap.5.xml:2837 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2724 +#: sssd-ldap.5.xml:2842 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -6708,13 +6889,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2739 sssd_krb5_locator_plugin.8.xml:61 sssd-simple.5.xml:148 -#: sssd-ad.5.xml:1041 sssd.8.xml:195 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2857 sssd_krb5_locator_plugin.8.xml:61 sssd-simple.5.xml:148 +#: sssd-ad.5.xml:1061 sssd.8.xml:230 sss_seed.8.xml:163 msgid "NOTES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2741 +#: sssd-ldap.5.xml:2859 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -7120,7 +7301,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:70 sssd-ipa.5.xml:76 sssd-ad.5.xml:100 +#: sssd-simple.5.xml:70 sssd-ipa.5.xml:82 sssd-ad.5.xml:113 msgid "" "Refer to the section <quote>DOMAIN SECTIONS</quote> of the <citerefentry> " "<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" @@ -7970,7 +8151,7 @@ msgstr "" #: sss-certmap.5.xml:577 msgid "" "This template will add the OID which is stored in the registeredID component " -"of the SAN as as dotted-decimal string." +"of the SAN as a dotted-decimal string." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> @@ -8061,30 +8242,38 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:67 msgid "" +"If <quote>auth_provider=ipa</quote> or <quote>access_provider=ipa</quote> is " +"configured in sssd.conf then the id_provider must also be set to <quote>ipa</" +"quote>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:73 +msgid "" "The IPA provider will use the PAC responder if the Kerberos tickets of users " "from trusted realms contain a PAC. To make configuration easier the PAC " "responder is started automatically if the IPA ID provider is configured." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:83 +#: sssd-ipa.5.xml:89 msgid "ipa_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:86 +#: sssd-ipa.5.xml:92 msgid "" "Specifies the name of the IPA domain. This is optional. If not provided, " "the configuration domain name is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:94 +#: sssd-ipa.5.xml:100 msgid "ipa_server, ipa_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:97 +#: sssd-ipa.5.xml:103 msgid "" "The comma-separated list of IP addresses or hostnames of the IPA servers to " "which SSSD should connect in the order of preference. For more information " @@ -8094,12 +8283,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:110 +#: sssd-ipa.5.xml:116 msgid "ipa_hostname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:113 +#: sssd-ipa.5.xml:119 msgid "" "Optional. May be set on machines where the hostname(5) does not reflect the " "fully qualified name used in the IPA domain to identify this host. The " @@ -8107,12 +8296,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:122 sssd-ad.5.xml:843 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:863 msgid "dyndns_update (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:125 +#: sssd-ipa.5.xml:131 msgid "" "Optional. This option tells SSSD to automatically update the DNS server " "built into FreeIPA with the IP address of this client. The update is secured " @@ -8122,14 +8311,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:134 sssd-ad.5.xml:857 +#: sssd-ipa.5.xml:140 sssd-ad.5.xml:877 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:139 +#: sssd-ipa.5.xml:145 msgid "" "NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_update</" "emphasis> option, users should migrate to using <emphasis>dyndns_update</" @@ -8137,12 +8326,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:151 sssd-ad.5.xml:868 +#: sssd-ipa.5.xml:157 sssd-ad.5.xml:888 msgid "dyndns_ttl (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:154 sssd-ad.5.xml:871 +#: sssd-ipa.5.xml:160 sssd-ad.5.xml:891 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -8150,7 +8339,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:159 +#: sssd-ipa.5.xml:165 msgid "" "NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_ttl</" "emphasis> option, users should migrate to using <emphasis>dyndns_ttl</" @@ -8158,17 +8347,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:165 +#: sssd-ipa.5.xml:171 msgid "Default: 1200 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:171 sssd-ad.5.xml:882 +#: sssd-ipa.5.xml:177 sssd-ad.5.xml:902 msgid "dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:174 sssd-ad.5.xml:885 +#: sssd-ipa.5.xml:180 sssd-ad.5.xml:905 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " @@ -8177,7 +8366,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:181 +#: sssd-ipa.5.xml:187 msgid "" "NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_iface</" "emphasis> option, users should migrate to using <emphasis>dyndns_iface</" @@ -8185,24 +8374,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:187 +#: sssd-ipa.5.xml:193 msgid "" "Default: Use the IP addresses of the interface which is used for IPA LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:191 sssd-ad.5.xml:896 +#: sssd-ipa.5.xml:197 sssd-ad.5.xml:916 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:197 sssd-ad.5.xml:947 +#: sssd-ipa.5.xml:203 sssd-ad.5.xml:967 msgid "dyndns_auth (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:200 sssd-ad.5.xml:950 +#: sssd-ipa.5.xml:206 sssd-ad.5.xml:970 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " @@ -8210,22 +8399,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:206 sssd-ad.5.xml:956 +#: sssd-ipa.5.xml:212 sssd-ad.5.xml:976 msgid "Default: GSS-TSIG" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:212 +#: sssd-ipa.5.xml:218 msgid "ipa_enable_dns_sites (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:215 sssd-ad.5.xml:197 +#: sssd-ipa.5.xml:221 sssd-ad.5.xml:210 msgid "Enables DNS sites - location based service discovery." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:219 +#: sssd-ipa.5.xml:225 msgid "" "If true and service discovery (see Service Discovery paragraph at the bottom " "of the man page) is enabled, then the SSSD will first attempt location " @@ -8237,12 +8426,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:238 sssd-ad.5.xml:902 +#: sssd-ipa.5.xml:244 sssd-ad.5.xml:922 msgid "dyndns_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:241 +#: sssd-ipa.5.xml:247 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -8250,228 +8439,215 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:254 sssd-ad.5.xml:920 +#: sssd-ipa.5.xml:260 sssd-ad.5.xml:940 msgid "dyndns_update_ptr (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:257 sssd-ad.5.xml:923 +#: sssd-ipa.5.xml:263 sssd-ad.5.xml:943 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:262 +#: sssd-ipa.5.xml:268 msgid "" "This option should be False in most IPA deployments as the IPA server " "generates the PTR records automatically when forward records are changed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:268 +#: sssd-ipa.5.xml:274 msgid "Default: False (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:274 sssd-ad.5.xml:934 +#: sssd-ipa.5.xml:280 sssd-ad.5.xml:954 msgid "dyndns_force_tcp (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:277 sssd-ad.5.xml:937 +#: sssd-ipa.5.xml:283 sssd-ad.5.xml:957 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:281 sssd-ad.5.xml:941 +#: sssd-ipa.5.xml:287 sssd-ad.5.xml:961 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:287 sssd-ad.5.xml:962 +#: sssd-ipa.5.xml:293 sssd-ad.5.xml:982 msgid "dyndns_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:290 sssd-ad.5.xml:965 +#: sssd-ipa.5.xml:296 sssd-ad.5.xml:985 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:295 sssd-ad.5.xml:970 +#: sssd-ipa.5.xml:301 sssd-ad.5.xml:990 msgid "" "Setting this option makes sense for environments where the DNS server is " "different from the identity server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:300 sssd-ad.5.xml:975 +#: sssd-ipa.5.xml:306 sssd-ad.5.xml:995 msgid "" "Please note that this option will be only used in fallback attempt when " "previous attempt using autodetected settings failed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:305 sssd-ad.5.xml:980 +#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1000 msgid "Default: None (let nsupdate choose the server)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:311 +#: sssd-ipa.5.xml:317 msgid "ipa_deskprofile_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:314 +#: sssd-ipa.5.xml:320 msgid "" "Optional. Use the given string as search base for Desktop Profile related " "objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:318 sssd-ipa.5.xml:331 +#: sssd-ipa.5.xml:324 sssd-ipa.5.xml:337 msgid "Default: Use base DN" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:324 +#: sssd-ipa.5.xml:330 msgid "ipa_hbac_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:327 +#: sssd-ipa.5.xml:333 msgid "Optional. Use the given string as search base for HBAC related objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:337 +#: sssd-ipa.5.xml:343 msgid "ipa_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:340 -msgid "Optional. Use the given string as search base for host objects." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:344 sssd-ipa.5.xml:363 sssd-ipa.5.xml:382 sssd-ipa.5.xml:401 -#: sssd-ipa.5.xml:420 -msgid "" -"See <quote>ldap_search_base</quote> for information about configuring " -"multiple search bases." -msgstr "" - -#. type: Content of: <listitem><para> -#: sssd-ipa.5.xml:349 sssd-ipa.5.xml:368 include/ldap_search_bases.xml:27 -msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" +#: sssd-ipa.5.xml:346 +msgid "Deprecated. Use ldap_host_search_base instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:356 +#: sssd-ipa.5.xml:352 msgid "ipa_selinux_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:359 +#: sssd-ipa.5.xml:355 msgid "Optional. Use the given string as search base for SELinux user maps." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:375 +#: sssd-ipa.5.xml:371 msgid "ipa_subdomains_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:378 +#: sssd-ipa.5.xml:374 msgid "Optional. Use the given string as search base for trusted domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:387 +#: sssd-ipa.5.xml:383 msgid "Default: the value of <emphasis>cn=trusts,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:394 +#: sssd-ipa.5.xml:390 msgid "ipa_master_domain_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:397 +#: sssd-ipa.5.xml:393 msgid "Optional. Use the given string as search base for master domain object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:406 +#: sssd-ipa.5.xml:402 msgid "Default: the value of <emphasis>cn=ad,cn=etc,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:413 +#: sssd-ipa.5.xml:409 msgid "ipa_views_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:416 +#: sssd-ipa.5.xml:412 msgid "Optional. Use the given string as search base for views containers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:425 +#: sssd-ipa.5.xml:421 msgid "Default: the value of <emphasis>cn=views,cn=accounts,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:435 +#: sssd-ipa.5.xml:431 msgid "" "The name of the Kerberos realm. This is optional and defaults to the value " "of <quote>ipa_domain</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:439 +#: sssd-ipa.5.xml:435 msgid "" "The name of the Kerberos realm has a special meaning in IPA - it is " "converted into the base DN to use for performing LDAP operations." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:447 sssd-ad.5.xml:989 +#: sssd-ipa.5.xml:443 sssd-ad.5.xml:1009 msgid "krb5_confd_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:450 sssd-ad.5.xml:992 +#: sssd-ipa.5.xml:446 sssd-ad.5.xml:1012 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:454 sssd-ad.5.xml:996 +#: sssd-ipa.5.xml:450 sssd-ad.5.xml:1016 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:458 sssd-ad.5.xml:1000 +#: sssd-ipa.5.xml:454 sssd-ad.5.xml:1020 msgid "" "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:465 +#: sssd-ipa.5.xml:461 msgid "ipa_deskprofile_refresh (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:468 +#: sssd-ipa.5.xml:464 msgid "" "The amount of time between lookups of the Desktop Profile rules against the " "IPA server. This will reduce the latency and load on the IPA server if there " @@ -8479,34 +8655,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:475 sssd-ipa.5.xml:505 sssd-ipa.5.xml:521 sssd-ad.5.xml:408 +#: sssd-ipa.5.xml:471 sssd-ipa.5.xml:501 sssd-ipa.5.xml:517 sssd-ad.5.xml:428 msgid "Default: 5 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:481 +#: sssd-ipa.5.xml:477 msgid "ipa_deskprofile_request_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:484 +#: sssd-ipa.5.xml:480 msgid "" "The amount of time between lookups of the Desktop Profile rules against the " "IPA server in case the last request did not return any rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:489 +#: sssd-ipa.5.xml:485 msgid "Default: 60 (minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:495 +#: sssd-ipa.5.xml:491 msgid "ipa_hbac_refresh (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:498 +#: sssd-ipa.5.xml:494 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server. " "This will reduce the latency and load on the IPA server if there are many " @@ -8514,12 +8690,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:511 +#: sssd-ipa.5.xml:507 msgid "ipa_hbac_selinux (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:514 +#: sssd-ipa.5.xml:510 msgid "" "The amount of time between lookups of the SELinux maps against the IPA " "server. This will reduce the latency and load on the IPA server if there are " @@ -8527,192 +8703,214 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:527 +#: sssd-ipa.5.xml:523 msgid "ipa_server_mode (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:530 +#: sssd-ipa.5.xml:526 msgid "" "This option will be set by the IPA installer (ipa-server-install) " "automatically and denotes if SSSD is running on an IPA server or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:535 +#: sssd-ipa.5.xml:531 msgid "" "On an IPA server SSSD will lookup users and groups from trusted domains " "directly while on a client it will ask an IPA server." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:536 +msgid "" +"NOTE: There are currently some assumptions that must be met when SSSD is " +"running on an IPA server." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ipa.5.xml:541 +msgid "" +"The <quote>ipa_server</quote> option must be configured to point to the IPA " +"server itself. This is already the default set by the IPA installer, so no " +"manual change is required." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ipa.5.xml:550 +msgid "" +"The <quote>full_name_format</quote> option must not be tweaked to only print " +"short names for users from trusted domains." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:546 +#: sssd-ipa.5.xml:565 msgid "ipa_automount_location (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:549 +#: sssd-ipa.5.xml:568 msgid "The automounter location this IPA client will be using" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:552 +#: sssd-ipa.5.xml:571 msgid "Default: The location named \"default\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:560 +#: sssd-ipa.5.xml:579 msgid "VIEWS AND OVERRIDES" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:569 +#: sssd-ipa.5.xml:588 msgid "ipa_view_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:572 +#: sssd-ipa.5.xml:591 msgid "Objectclass of the view container." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:575 +#: sssd-ipa.5.xml:594 msgid "Default: nsContainer" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:581 +#: sssd-ipa.5.xml:600 msgid "ipa_view_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:584 +#: sssd-ipa.5.xml:603 msgid "Name of the attribute holding the name of the view." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:594 +#: sssd-ipa.5.xml:613 msgid "ipa_override_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:597 +#: sssd-ipa.5.xml:616 msgid "Objectclass of the override objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:600 +#: sssd-ipa.5.xml:619 msgid "Default: ipaOverrideAnchor" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:606 +#: sssd-ipa.5.xml:625 msgid "ipa_anchor_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:609 +#: sssd-ipa.5.xml:628 msgid "" "Name of the attribute containing the reference to the original object in a " "remote domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:613 +#: sssd-ipa.5.xml:632 msgid "Default: ipaAnchorUUID" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:619 +#: sssd-ipa.5.xml:638 msgid "ipa_user_override_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:622 +#: sssd-ipa.5.xml:641 msgid "" "Name of the objectclass for user overrides. It is used to determine if the " "found override object is related to a user or a group." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:627 +#: sssd-ipa.5.xml:646 msgid "User overrides can contain attributes given by" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:630 +#: sssd-ipa.5.xml:649 msgid "ldap_user_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:633 +#: sssd-ipa.5.xml:652 msgid "ldap_user_uid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:636 +#: sssd-ipa.5.xml:655 msgid "ldap_user_gid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:639 +#: sssd-ipa.5.xml:658 msgid "ldap_user_gecos" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:642 +#: sssd-ipa.5.xml:661 msgid "ldap_user_home_directory" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:645 +#: sssd-ipa.5.xml:664 msgid "ldap_user_shell" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:648 +#: sssd-ipa.5.xml:667 msgid "ldap_user_ssh_public_key" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:653 +#: sssd-ipa.5.xml:672 msgid "Default: ipaUserOverride" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:659 +#: sssd-ipa.5.xml:678 msgid "ipa_group_override_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:662 +#: sssd-ipa.5.xml:681 msgid "" "Name of the objectclass for group overrides. It is used to determine if the " "found override object is related to a user or a group." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:667 +#: sssd-ipa.5.xml:686 msgid "Group overrides can contain attributes given by" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:670 +#: sssd-ipa.5.xml:689 msgid "ldap_group_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:673 +#: sssd-ipa.5.xml:692 msgid "ldap_group_gid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:678 +#: sssd-ipa.5.xml:697 msgid "Default: ipaGroupOverride" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:562 +#: sssd-ipa.5.xml:581 msgid "" "SSSD can handle views and overrides which are offered by FreeIPA 4.1 and " "later version. Since all paths and objectclasses are fixed on the server " @@ -8722,19 +8920,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ipa.5.xml:690 +#: sssd-ipa.5.xml:709 msgid "SUBDOMAINS PROVIDER" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:692 +#: sssd-ipa.5.xml:711 msgid "" "The IPA subdomains provider behaves slightly differently if it is configured " "explicitly or implicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:696 +#: sssd-ipa.5.xml:715 msgid "" "If the option 'subdomains_provider = ipa' is found in the domain section of " "sssd.conf, the IPA subdomains provider is configured explicitly, and all " @@ -8742,7 +8940,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:702 +#: sssd-ipa.5.xml:721 msgid "" "If the option 'subdomains_provider' is not set in the domain section of sssd." "conf but there is the option 'id_provider = ipa', the IPA subdomains " @@ -8754,7 +8952,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:719 +#: sssd-ipa.5.xml:738 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -8762,7 +8960,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:726 +#: sssd-ipa.5.xml:745 #, no-wrap msgid "" "[domain/example.com]\n" @@ -8798,7 +8996,7 @@ msgid "" "This provider requires that the machine be joined to the AD domain and a " "keytab is available. Back end communication occurs over a GSSAPI-encrypted " "channel, SSL/TLS options should not be used with the AD provider and will be " -"superceded by Kerberos usage." +"superseded by Kerberos usage." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> @@ -8846,8 +9044,16 @@ msgid "" "side." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ad.5.xml:79 +msgid "" +"If <quote>auth_provider=ad</quote> or <quote>access_provider=ad</quote> is " +"configured in sssd.conf then the id_provider must also be set to <quote>ad</" +"quote>." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:85 +#: sssd-ad.5.xml:91 #, no-wrap msgid "" "ldap_id_mapping = False\n" @@ -8855,20 +9061,25 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:79 +#: sssd-ad.5.xml:85 msgid "" "By default, the AD provider will map UID and GID values from the objectSID " "parameter in Active Directory. For details on this, see the <quote>ID " "MAPPING</quote> section below. If you want to disable ID mapping and instead " "rely on POSIX attributes defined in Active Directory, you should set " -"<placeholder type=\"programlisting\" id=\"0\"/> In order to retrieve users " -"and groups using POSIX attributes from trusted domains, the AD administrator " -"must make sure that the POSIX attributes are replicated to the Global " -"Catalog." +"<placeholder type=\"programlisting\" id=\"0\"/> If POSIX attributes should " +"be used, it is recommended for performance reasons that the attributes are " +"also replicated to the Global Catalog. If POSIX attributes are replicated, " +"SSSD will attempt to locate the domain of a requested numerical ID with the " +"help of the Global Catalog and only search that domain. In contrast, if " +"POSIX attributes are not replicated to the Global Catalog, SSSD must search " +"all the domains in the forest sequentially. Please note that the " +"<quote>cache_first</quote> option might be also helpful in speeding up " +"domainless searches." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:92 +#: sssd-ad.5.xml:105 msgid "" "Users, groups and other entities served by SSSD are always treated as case-" "insensitive in the AD provider for compatibility with Active Directory's " @@ -8876,38 +9087,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:107 +#: sssd-ad.5.xml:120 msgid "ad_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:110 +#: sssd-ad.5.xml:123 msgid "" "Specifies the name of the Active Directory domain. This is optional. If not " "provided, the configuration domain name is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:115 +#: sssd-ad.5.xml:128 msgid "" "For proper operation, this option should be specified as the lower-case " "version of the long version of the Active Directory domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:120 +#: sssd-ad.5.xml:133 msgid "" "The short domain name (also known as the NetBIOS or the flat name) is " "autodetected by the SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:127 +#: sssd-ad.5.xml:140 msgid "ad_enabled_domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:130 +#: sssd-ad.5.xml:143 msgid "" "A comma-separated list of enabled Active Directory domains. If provided, " "SSSD will ignore any domains not listed in this option. If left unset, all " @@ -8915,7 +9126,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:140 +#: sssd-ad.5.xml:153 #, no-wrap msgid "" "ad_enabled_domains = sales.example.com, eng.example.com\n" @@ -8923,7 +9134,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:136 +#: sssd-ad.5.xml:149 msgid "" "For proper operation, this option must be specified in all lower-case and as " "the fully qualified domain name of the Active Directory domain. For example: " @@ -8931,19 +9142,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:144 +#: sssd-ad.5.xml:157 msgid "" "The short domain name (also known as the NetBIOS or the flat name) will be " "autodetected by SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:154 +#: sssd-ad.5.xml:167 msgid "ad_server, ad_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:157 +#: sssd-ad.5.xml:170 msgid "" "The comma-separated list of hostnames of the AD servers to which SSSD should " "connect in order of preference. For more information on failover and server " @@ -8951,26 +9162,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:164 +#: sssd-ad.5.xml:177 msgid "" "This is optional if autodiscovery is enabled. For more information on " "service discovery, refer to the <quote>SERVICE DISCOVERY</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:169 +#: sssd-ad.5.xml:182 msgid "" "Note: Trusted domains will always auto-discover servers even if the primary " "server is explicitly defined in the ad_server option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:177 +#: sssd-ad.5.xml:190 msgid "ad_hostname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:180 +#: sssd-ad.5.xml:193 msgid "" "Optional. May be set on machines where the hostname(5) does not reflect the " "fully qualified name used in the Active Directory domain to identify this " @@ -8978,19 +9189,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:186 +#: sssd-ad.5.xml:199 msgid "" "This field is used to determine the host principal in use in the keytab. It " "must match the hostname for which the keytab was issued." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:194 +#: sssd-ad.5.xml:207 msgid "ad_enable_dns_sites (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:201 +#: sssd-ad.5.xml:214 msgid "" "If true and service discovery (see Service Discovery paragraph at the bottom " "of the man page) is enabled, the SSSD will first attempt to discover the " @@ -9001,12 +9212,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:217 +#: sssd-ad.5.xml:230 msgid "ad_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:220 +#: sssd-ad.5.xml:233 msgid "" "This option specifies LDAP access control filter that the user must match in " "order to be allowed access. Please note that the <quote>access_provider</" @@ -9015,7 +9226,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:228 +#: sssd-ad.5.xml:241 msgid "" "The option also supports specifying different filters per domain or forest. " "This extended filter would consist of: <quote>KEYWORD:NAME:FILTER</quote>. " @@ -9024,7 +9235,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:236 +#: sssd-ad.5.xml:249 msgid "" "If the keyword equals to <quote>DOM</quote> or is missing, then <quote>NAME</" "quote> specifies the domain or subdomain the filter applies to. If the " @@ -9033,14 +9244,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:244 +#: sssd-ad.5.xml:257 msgid "" "Multiple filters can be separated with the <quote>?</quote> character, " "similarly to how search bases work." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:249 +#: sssd-ad.5.xml:262 msgid "" "Nested group membership must be searched for using a special OID " "<quote>:1.2.840.113556.1.4.1941:</quote> in addition to the full DOM:domain." @@ -9053,7 +9264,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:262 +#: sssd-ad.5.xml:275 msgid "" "The most specific match is always used. For example, if the option specified " "filter for a domain the user is a member of and a global filter, the per-" @@ -9062,7 +9273,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ad.5.xml:273 +#: sssd-ad.5.xml:286 #, no-wrap msgid "" "# apply filter on domain called dom1 only:\n" @@ -9080,24 +9291,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:292 +#: sssd-ad.5.xml:305 msgid "ad_site (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:295 +#: sssd-ad.5.xml:308 msgid "" "Specify AD site to which client should try to connect. If this option is " "not provided, the AD site will be auto-discovered." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:306 +#: sssd-ad.5.xml:319 msgid "ad_enable_gc (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:309 +#: sssd-ad.5.xml:322 msgid "" "By default, the SSSD connects to the Global Catalog first to retrieve users " "from trusted domains and uses the LDAP port to retrieve group memberships or " @@ -9106,7 +9317,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:317 +#: sssd-ad.5.xml:330 msgid "" "Please note that disabling Global Catalog support does not disable " "retrieving users from trusted domains. The SSSD would connect to the LDAP " @@ -9115,12 +9326,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:331 +#: sssd-ad.5.xml:344 msgid "ad_gpo_access_control (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:334 +#: sssd-ad.5.xml:347 msgid "" "This option specifies the operation mode for GPO-based access control " "functionality: whether it operates in disabled mode, enforcing mode, or " @@ -9130,14 +9341,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:343 +#: sssd-ad.5.xml:356 msgid "" "GPO-based access control functionality uses GPO policy settings to determine " "whether or not a particular user is allowed to logon to a particular host." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:349 +#: sssd-ad.5.xml:362 +msgid "" +"NOTE: The current version of SSSD does not support host (computer) entries " +"in the GPO 'Security Filtering' list. Only user and group entries are " +"supported. Host entries in the list have no effect." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:369 msgid "" "NOTE: If the operation mode is set to enforcing, it is possible that users " "that were previously allowed logon access will now be denied logon access " @@ -9150,23 +9369,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:362 +#: sssd-ad.5.xml:382 msgid "There are three supported values for this option:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:366 +#: sssd-ad.5.xml:386 msgid "" "disabled: GPO-based access control rules are neither evaluated nor enforced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:372 +#: sssd-ad.5.xml:392 msgid "enforcing: GPO-based access control rules are evaluated and enforced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:378 +#: sssd-ad.5.xml:398 msgid "" "permissive: GPO-based access control rules are evaluated, but not enforced. " "Instead, a syslog message will be emitted indicating that the user would " @@ -9174,22 +9393,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:389 +#: sssd-ad.5.xml:409 msgid "Default: permissive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:392 +#: sssd-ad.5.xml:412 msgid "Default: enforcing" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:398 +#: sssd-ad.5.xml:418 msgid "ad_gpo_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:401 +#: sssd-ad.5.xml:421 msgid "" "The amount of time between lookups of GPO policy files against the AD " "server. This will reduce the latency and load on the AD server if there are " @@ -9197,12 +9416,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:414 +#: sssd-ad.5.xml:434 msgid "ad_gpo_map_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:417 +#: sssd-ad.5.xml:437 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the InteractiveLogonRight and " @@ -9210,14 +9429,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:423 +#: sssd-ad.5.xml:443 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on locally\" and \"Deny log on locally\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:437 +#: sssd-ad.5.xml:457 #, no-wrap msgid "" "ad_gpo_map_interactive = +my_pam_service, -login\n" @@ -9225,7 +9444,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:428 +#: sssd-ad.5.xml:448 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9237,78 +9456,78 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:441 sssd-ad.5.xml:537 sssd-ad.5.xml:583 sssd-ad.5.xml:628 -#: sssd-ad.5.xml:694 +#: sssd-ad.5.xml:461 sssd-ad.5.xml:557 sssd-ad.5.xml:603 sssd-ad.5.xml:648 +#: sssd-ad.5.xml:714 msgid "Default: the default set of PAM service names includes:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:445 +#: sssd-ad.5.xml:465 msgid "login" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:450 +#: sssd-ad.5.xml:470 msgid "su" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:455 +#: sssd-ad.5.xml:475 msgid "su-l" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:460 +#: sssd-ad.5.xml:480 msgid "gdm-fingerprint" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:465 +#: sssd-ad.5.xml:485 msgid "gdm-password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:470 +#: sssd-ad.5.xml:490 msgid "gdm-smartcard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:475 +#: sssd-ad.5.xml:495 msgid "kdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:480 +#: sssd-ad.5.xml:500 msgid "lightdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:485 +#: sssd-ad.5.xml:505 msgid "lxdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:490 +#: sssd-ad.5.xml:510 msgid "sddm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:495 +#: sssd-ad.5.xml:515 msgid "unity" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:500 +#: sssd-ad.5.xml:520 msgid "xdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:509 +#: sssd-ad.5.xml:529 msgid "ad_gpo_map_remote_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:512 +#: sssd-ad.5.xml:532 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the RemoteInteractiveLogonRight and " @@ -9316,7 +9535,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:518 +#: sssd-ad.5.xml:538 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on through Remote Desktop Services\" and \"Deny log on through Remote " @@ -9324,7 +9543,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:533 +#: sssd-ad.5.xml:553 #, no-wrap msgid "" "ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n" @@ -9332,7 +9551,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:524 +#: sssd-ad.5.xml:544 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9344,22 +9563,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:541 +#: sssd-ad.5.xml:561 msgid "sshd" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:546 +#: sssd-ad.5.xml:566 msgid "cockpit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:555 +#: sssd-ad.5.xml:575 msgid "ad_gpo_map_network (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:558 +#: sssd-ad.5.xml:578 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the NetworkLogonRight and " @@ -9367,7 +9586,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:564 +#: sssd-ad.5.xml:584 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Access " "this computer from the network\" and \"Deny access to this computer from the " @@ -9375,7 +9594,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:579 +#: sssd-ad.5.xml:599 #, no-wrap msgid "" "ad_gpo_map_network = +my_pam_service, -ftp\n" @@ -9383,7 +9602,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:570 +#: sssd-ad.5.xml:590 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9395,22 +9614,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:587 +#: sssd-ad.5.xml:607 msgid "ftp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:592 +#: sssd-ad.5.xml:612 msgid "samba" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:601 +#: sssd-ad.5.xml:621 msgid "ad_gpo_map_batch (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:604 +#: sssd-ad.5.xml:624 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " @@ -9418,14 +9637,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:610 +#: sssd-ad.5.xml:630 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a batch job\" and \"Deny log on as a batch job\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:624 +#: sssd-ad.5.xml:644 #, no-wrap msgid "" "ad_gpo_map_batch = +my_pam_service, -crond\n" @@ -9433,7 +9652,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:615 +#: sssd-ad.5.xml:635 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9445,17 +9664,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:632 +#: sssd-ad.5.xml:652 msgid "crond" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:641 +#: sssd-ad.5.xml:661 msgid "ad_gpo_map_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:644 +#: sssd-ad.5.xml:664 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the ServiceLogonRight and " @@ -9463,14 +9682,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:650 +#: sssd-ad.5.xml:670 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a service\" and \"Deny log on as a service\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:663 +#: sssd-ad.5.xml:683 #, no-wrap msgid "" "ad_gpo_map_service = +my_pam_service\n" @@ -9478,7 +9697,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:655 sssd-ad.5.xml:730 +#: sssd-ad.5.xml:675 sssd-ad.5.xml:750 msgid "" "It is possible to add a PAM service name to the default set by using <quote>" "+service_name</quote>. Since the default set is empty, it is not possible " @@ -9489,19 +9708,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:673 +#: sssd-ad.5.xml:693 msgid "ad_gpo_map_permit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:676 +#: sssd-ad.5.xml:696 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always granted, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:690 +#: sssd-ad.5.xml:710 #, no-wrap msgid "" "ad_gpo_map_permit = +my_pam_service, -sudo\n" @@ -9509,7 +9728,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:681 +#: sssd-ad.5.xml:701 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9521,39 +9740,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:698 +#: sssd-ad.5.xml:718 msgid "polkit-1" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:703 +#: sssd-ad.5.xml:723 msgid "sudo" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:708 +#: sssd-ad.5.xml:728 msgid "sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:713 +#: sssd-ad.5.xml:733 msgid "systemd-user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:722 +#: sssd-ad.5.xml:742 msgid "ad_gpo_map_deny (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:725 +#: sssd-ad.5.xml:745 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always denied, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:738 +#: sssd-ad.5.xml:758 #, no-wrap msgid "" "ad_gpo_map_deny = +my_pam_service\n" @@ -9561,12 +9780,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:748 +#: sssd-ad.5.xml:768 msgid "ad_gpo_default_right (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:751 +#: sssd-ad.5.xml:771 msgid "" "This option defines how access control is evaluated for PAM service names " "that are not explicitly listed in one of the ad_gpo_map_* options. This " @@ -9579,57 +9798,57 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:764 +#: sssd-ad.5.xml:784 msgid "Supported values for this option include:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:768 +#: sssd-ad.5.xml:788 msgid "interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:773 +#: sssd-ad.5.xml:793 msgid "remote_interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:778 +#: sssd-ad.5.xml:798 msgid "network" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:783 +#: sssd-ad.5.xml:803 msgid "batch" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:788 +#: sssd-ad.5.xml:808 msgid "service" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:793 +#: sssd-ad.5.xml:813 msgid "permit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:798 +#: sssd-ad.5.xml:818 msgid "deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:804 +#: sssd-ad.5.xml:824 msgid "Default: deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:810 +#: sssd-ad.5.xml:830 msgid "ad_maximum_machine_account_password_age (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:813 +#: sssd-ad.5.xml:833 msgid "" "SSSD will check once a day if the machine account password is older than the " "given age in days and try to renew it. A value of 0 will disable the renewal " @@ -9637,17 +9856,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:819 +#: sssd-ad.5.xml:839 msgid "Default: 30 days" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:825 +#: sssd-ad.5.xml:845 msgid "ad_machine_account_password_renewal_opts (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:828 +#: sssd-ad.5.xml:848 msgid "" "This option should only be used to test the machine account renewal task. " "The option expects 2 integers separated by a colon (':'). The first integer " @@ -9657,12 +9876,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:837 +#: sssd-ad.5.xml:857 msgid "Default: 86400:750 (24h and 15m)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:846 +#: sssd-ad.5.xml:866 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -9673,19 +9892,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:876 +#: sssd-ad.5.xml:896 msgid "Default: 3600 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:892 +#: sssd-ad.5.xml:912 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:905 +#: sssd-ad.5.xml:925 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -9695,12 +9914,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:928 sss_rpcidmapd.5.xml:76 +#: sssd-ad.5.xml:948 sss_rpcidmapd.5.xml:76 msgid "Default: True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1020 +#: sssd-ad.5.xml:1040 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -9708,7 +9927,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1027 +#: sssd-ad.5.xml:1047 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -9723,7 +9942,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1047 +#: sssd-ad.5.xml:1067 #, no-wrap msgid "" "access_provider = ldap\n" @@ -9732,7 +9951,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1043 +#: sssd-ad.5.xml:1063 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -9740,7 +9959,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1053 +#: sssd-ad.5.xml:1073 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -9750,7 +9969,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1061 +#: sssd-ad.5.xml:1081 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " @@ -10060,33 +10279,73 @@ msgid "" "files for every SSSD service and domain." msgstr "" +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:94 +msgid "" +"This option is deprecated. It is replaced by <option>--logger=files</option>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sssd.8.xml:101 +msgid "<option>--logger=</option><replaceable>value</replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:105 +msgid "" +"Location where SSSD will send log messages. This option overrides the value " +"of the deprecated option <option>--debug-to-files</option>. The deprecated " +"option will still work if the <option>--logger</option> is not used." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:112 +msgid "" +"<emphasis>stderr</emphasis>: Redirect debug messages to standard error " +"output." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:116 +msgid "" +"<emphasis>files</emphasis>: Redirect debug messages to the log files. By " +"default, the log files are stored in <filename>/var/log/sssd</filename> and " +"there are separate log files for every SSSD service and domain." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:122 +msgid "" +"<emphasis>journald</emphasis>: Redirect debug messages to systemd-journald" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:97 +#: sssd.8.xml:132 msgid "<option>-D</option>,<option>--daemon</option>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:101 +#: sssd.8.xml:136 msgid "Become a daemon after starting up." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:107 sss_seed.8.xml:136 +#: sssd.8.xml:142 sss_seed.8.xml:136 msgid "<option>-i</option>,<option>--interactive</option>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:111 +#: sssd.8.xml:146 msgid "Run in the foreground, don't become a daemon." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:117 +#: sssd.8.xml:152 msgid "<option>-c</option>,<option>--config</option>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:121 +#: sssd.8.xml:156 msgid "" "Specify a non-default config file. The default is <filename>/etc/sssd/sssd." "conf</filename>. For reference on the config file syntax and options, " @@ -10095,39 +10354,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:135 +#: sssd.8.xml:170 msgid "<option>--version</option>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:139 +#: sssd.8.xml:174 msgid "Print version number and exit." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.8.xml:147 +#: sssd.8.xml:182 msgid "Signals" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:150 +#: sssd.8.xml:185 msgid "SIGTERM/SIGINT" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:153 +#: sssd.8.xml:188 msgid "" "Informs the SSSD to gracefully terminate all of its child processes and then " "shut down the monitor." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:159 +#: sssd.8.xml:194 msgid "SIGHUP" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:162 +#: sssd.8.xml:197 msgid "" "Tells the SSSD to stop writing to its current debug file descriptors and to " "close and reopen them. This is meant to facilitate log rolling with programs " @@ -10135,12 +10394,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:170 +#: sssd.8.xml:205 msgid "SIGUSR1" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:173 +#: sssd.8.xml:208 msgid "" "Tells the SSSD to simulate offline operation for the duration of the " "<quote>offline_timeout</quote> parameter. This is useful for testing. The " @@ -10149,12 +10408,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:182 +#: sssd.8.xml:217 msgid "SIGUSR2" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:185 +#: sssd.8.xml:220 msgid "" "Tells the SSSD to go online immediately. This is useful for testing. The " "signal can be sent to either the sssd process or any sssd_be process " @@ -10162,7 +10421,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.8.xml:197 +#: sssd.8.xml:232 msgid "" "If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", client " "applications will not use the fast in memory cache." @@ -12525,7 +12784,7 @@ msgid "" "project was born to deal with this problem in cloud like environments, but " "we found the idea compelling even at a single system level. As a security " "service, SSSD is ideal to host this capability while offering the same API " -"via a Unix Socket. This will make it possible to use local calls and have " +"via a UNIX Socket. This will make it possible to use local calls and have " "them transparently routed to a local or a remote key management store like " "IPA Vault for storage, escrow and recovery." msgstr "" diff --git a/src/man/po/de.po b/src/man/po/de.po index 99520311df9..3d1d87a0244 100644 --- a/src/man/po/de.po +++ b/src/man/po/de.po @@ -10,7 +10,7 @@ msgid "" msgstr "" "Project-Id-Version: sssd-docs 1.15.3\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2017-10-20 16:15+0200\n" +"POT-Creation-Date: 2018-03-09 12:30+0100\n" "PO-Revision-Date: 2014-12-14 11:53-0500\n" "Last-Translator: Copied by Zanata <copied-by-zanata@zanata.org>\n" "Language-Team: German (http://www.transifex.com/projects/p/sssd/language/" @@ -325,9 +325,9 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:133 sssd.conf.5.xml:543 sssd.conf.5.xml:837 -#: sssd.conf.5.xml:1467 sssd-ldap.5.xml:1722 sssd-ldap.5.xml:1819 -#: sssd-ldap.5.xml:1881 sssd-ldap.5.xml:2447 sssd-ldap.5.xml:2512 -#: sssd-ldap.5.xml:2530 sssd-ad.5.xml:211 sssd-ad.5.xml:325 sssd-ad.5.xml:862 +#: sssd.conf.5.xml:1474 sssd-ldap.5.xml:1840 sssd-ldap.5.xml:1937 +#: sssd-ldap.5.xml:1999 sssd-ldap.5.xml:2565 sssd-ldap.5.xml:2630 +#: sssd-ldap.5.xml:2648 sssd-ad.5.xml:224 sssd-ad.5.xml:338 sssd-ad.5.xml:882 #: sssd-krb5.5.xml:499 sssd-secrets.5.xml:351 sssd-secrets.5.xml:364 msgid "Default: true" msgstr "Voreinstellung: »true«" @@ -346,16 +346,16 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:146 sssd.conf.5.xml:540 sssd.conf.5.xml:721 -#: sssd.conf.5.xml:1400 sssd.conf.5.xml:2865 sssd-ldap.5.xml:708 -#: sssd-ldap.5.xml:1596 sssd-ldap.5.xml:1615 sssd-ldap.5.xml:1791 -#: sssd-ldap.5.xml:2217 sssd-ipa.5.xml:145 sssd-ipa.5.xml:232 -#: sssd-ipa.5.xml:540 sssd-krb5.5.xml:266 sssd-krb5.5.xml:300 +#: sssd.conf.5.xml:1407 sssd.conf.5.xml:2925 sssd-ldap.5.xml:708 +#: sssd-ldap.5.xml:1714 sssd-ldap.5.xml:1733 sssd-ldap.5.xml:1909 +#: sssd-ldap.5.xml:2335 sssd-ipa.5.xml:151 sssd-ipa.5.xml:238 +#: sssd-ipa.5.xml:559 sssd-krb5.5.xml:266 sssd-krb5.5.xml:300 #: sssd-krb5.5.xml:471 msgid "Default: false" msgstr "Voreinstellung: »false«" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2255 +#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2373 #: sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 sssd-systemtap.5.xml:210 #: sssd-systemtap.5.xml:248 sssd-systemtap.5.xml:304 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" @@ -380,8 +380,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:169 sssd.conf.5.xml:1352 sssd.conf.5.xml:2881 -#: sssd-ldap.5.xml:1467 include/ldap_id_mapping.xml:264 +#: sssd.conf.5.xml:169 sssd.conf.5.xml:1359 sssd.conf.5.xml:2941 +#: sssd-ldap.5.xml:1585 include/ldap_id_mapping.xml:264 msgid "Default: 10" msgstr "Voreinstellung: 10" @@ -396,7 +396,7 @@ msgid "The [sssd] section" msgstr "Der Abschnitt [sssd]" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:191 sssd.conf.5.xml:2970 +#: sssd.conf.5.xml:191 sssd.conf.5.xml:3030 msgid "Section parameters" msgstr "Abschnittsparameter" @@ -424,7 +424,7 @@ msgstr "Dienste" msgid "" "Comma separated list of services that are started when sssd itself starts. " "<phrase condition=\"have_systemd\"> The services' list is optional on " -"platforms where systemd is supported, as they will either be socket or dbus " +"platforms where systemd is supported, as they will either be socket or D-Bus " "activated when needed. </phrase>" msgstr "" @@ -485,7 +485,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:259 sssd.conf.5.xml:2508 +#: sssd.conf.5.xml:259 sssd.conf.5.xml:2539 msgid "re_expression (string)" msgstr "re_expression (Zeichenkette)" @@ -508,12 +508,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:276 sssd.conf.5.xml:2559 +#: sssd.conf.5.xml:276 sssd.conf.5.xml:2590 msgid "full_name_format (string)" msgstr "full_name_format (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:279 sssd.conf.5.xml:2562 +#: sssd.conf.5.xml:279 sssd.conf.5.xml:2593 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -525,32 +525,32 @@ msgstr "" "zusammengestellt wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:290 sssd.conf.5.xml:2573 +#: sssd.conf.5.xml:290 sssd.conf.5.xml:2604 msgid "%1$s" msgstr "%1$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:291 sssd.conf.5.xml:2574 +#: sssd.conf.5.xml:291 sssd.conf.5.xml:2605 msgid "user name" msgstr "Benutzername" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:294 sssd.conf.5.xml:2577 +#: sssd.conf.5.xml:294 sssd.conf.5.xml:2608 msgid "%2$s" msgstr "%2$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:297 sssd.conf.5.xml:2580 +#: sssd.conf.5.xml:297 sssd.conf.5.xml:2611 msgid "domain name as specified in the SSSD config file." msgstr "Domain-Name, wie er durch die SSSD-Konfigurationsdatei angegeben wird" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:303 sssd.conf.5.xml:2586 +#: sssd.conf.5.xml:303 sssd.conf.5.xml:2617 msgid "%3$s" msgstr "%3$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:306 sssd.conf.5.xml:2589 +#: sssd.conf.5.xml:306 sssd.conf.5.xml:2620 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." @@ -559,7 +559,7 @@ msgstr "" "direkt konfiguriert als auch über IPA-Trust" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:287 sssd.conf.5.xml:2570 +#: sssd.conf.5.xml:287 sssd.conf.5.xml:2601 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -713,12 +713,13 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:418 sssd.conf.5.xml:1156 sssd-ldap.5.xml:679 -#: sssd-ldap.5.xml:1555 sssd-ldap.5.xml:1567 sssd-ldap.5.xml:1649 -#: sssd-ad.5.xml:667 sssd-ad.5.xml:742 sssd-krb5.5.xml:410 sssd-krb5.5.xml:556 -#: sssd-secrets.5.xml:339 sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 -#: sssd-secrets.5.xml:404 sssd-secrets.5.xml:415 -#: include/ldap_id_mapping.xml:205 include/ldap_id_mapping.xml:216 +#: sssd.conf.5.xml:418 sssd.conf.5.xml:1163 sssd-ldap.5.xml:679 +#: sssd-ldap.5.xml:1319 sssd-ldap.5.xml:1673 sssd-ldap.5.xml:1685 +#: sssd-ldap.5.xml:1767 sssd-ad.5.xml:687 sssd-ad.5.xml:762 sssd.8.xml:126 +#: sssd-krb5.5.xml:410 sssd-krb5.5.xml:556 sssd-secrets.5.xml:339 +#: sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 sssd-secrets.5.xml:404 +#: sssd-secrets.5.xml:415 include/ldap_id_mapping.xml:205 +#: include/ldap_id_mapping.xml:216 msgid "Default: not set" msgstr "Voreinstellung: nicht gesetzt" @@ -905,8 +906,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:587 sssd.conf.5.xml:1364 sssd.conf.5.xml:2931 -#: sssd-ad.5.xml:148 sssd-ad.5.xml:286 sssd-ad.5.xml:300 +#: sssd.conf.5.xml:587 sssd.conf.5.xml:1371 sssd.conf.5.xml:2991 +#: sssd-ad.5.xml:161 sssd-ad.5.xml:299 sssd-ad.5.xml:313 msgid "Default: Not set" msgstr "Voreinstellung: Nicht gesetzt" @@ -998,7 +999,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:655 sssd.conf.5.xml:687 sssd.conf.5.xml:968 -#: sssd.conf.5.xml:1222 sssd-ldap.5.xml:1294 +#: sssd.conf.5.xml:1229 sssd-ldap.5.xml:1412 msgid "Default: 60" msgstr "Voreinstellung: 60" @@ -1053,12 +1054,12 @@ msgid "" "resource exhaustion on the system. The minimum acceptable value for this " "option is 60 seconds. Setting this option to 0 (zero) means that no timeout " "will be set up to the responder. This option only has effect when SSSD is " -"built with systemd support and when services are either socket or dbus " +"built with systemd support and when services are either socket or D-Bus " "activated." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:709 sssd.conf.5.xml:980 sssd.conf.5.xml:1559 +#: sssd.conf.5.xml:709 sssd.conf.5.xml:981 sssd.conf.5.xml:1566 #: sssd-ldap.5.xml:722 msgid "Default: 300" msgstr "Voreinstellung: 300" @@ -1155,7 +1156,7 @@ msgstr "" "Sekunden senken. (0 schaltet diese Funktionalität aus.)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:775 sssd.conf.5.xml:1421 +#: sssd.conf.5.xml:775 sssd.conf.5.xml:1428 msgid "Default: 50" msgstr "Voreinstellung: 50" @@ -1177,7 +1178,7 @@ msgstr "" "Backend erneut gefragt wird)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:789 sssd.conf.5.xml:1445 +#: sssd.conf.5.xml:789 sssd.conf.5.xml:1452 msgid "Default: 15" msgstr "Voreinstellung: 15" @@ -1194,7 +1195,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:802 sssd.conf.5.xml:1210 sssd.conf.5.xml:2815 sssd.8.xml:79 +#: sssd.conf.5.xml:802 sssd.conf.5.xml:1217 sssd.conf.5.xml:2846 sssd.8.xml:79 msgid "Default: 0" msgstr "Voreinstellung: 0" @@ -1272,7 +1273,7 @@ msgstr "" " " #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:856 sssd.conf.5.xml:1289 sssd.conf.5.xml:1308 +#: sssd.conf.5.xml:856 sssd.conf.5.xml:1296 sssd.conf.5.xml:1315 #: sssd-krb5.5.xml:539 include/override_homedir.xml:59 msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "Beispiel: <placeholder type=\"programlisting\" id=\"0\"/>" @@ -1431,12 +1432,12 @@ msgstr "" "Vernünftiges, üblicherweise /bin/sh, ersetzt.)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:961 sssd.conf.5.xml:1215 +#: sssd.conf.5.xml:961 sssd.conf.5.xml:1222 msgid "get_domains_timeout (int)" msgstr "get_domains_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:964 sssd.conf.5.xml:1218 +#: sssd.conf.5.xml:964 sssd.conf.5.xml:1225 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." @@ -1453,23 +1454,30 @@ msgstr "memcache_timeout (Ganzzahl)" #: sssd.conf.5.xml:976 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " -"valid." +"valid. Setting this option to zero will disable the in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:983 +#: sssd.conf.5.xml:984 +msgid "" +"WARNING: Disabling the in-memory cache will have significant negative impact " +"on SSSD's performance and should only be used for testing." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:990 msgid "" "NOTE: If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", " "client applications will not use the fast in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:991 sssd-ifp.5.xml:74 +#: sssd.conf.5.xml:998 sssd-ifp.5.xml:74 msgid "user_attributes (string)" msgstr "user_attributes (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:994 +#: sssd.conf.5.xml:1001 msgid "" "Some of the additional NSS responder requests can return more attributes " "than just the POSIX ones defined by the NSS interface. The list of " @@ -1480,48 +1488,48 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1007 +#: sssd.conf.5.xml:1014 msgid "" "To make configuration more easy the NSS responder will check the InfoPipe " "option if it is not set for the NSS responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1012 +#: sssd.conf.5.xml:1019 msgid "Default: not set, fallback to InfoPipe option" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1017 +#: sssd.conf.5.xml:1024 msgid "pwfield (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1020 +#: sssd.conf.5.xml:1027 msgid "" "The value that NSS operations that return users or groups will return for " "the <quote>password</quote> field." msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:1025 include/override_homedir.xml:56 +#: sssd.conf.5.xml:1032 include/override_homedir.xml:56 msgid "This option can also be set per-domain." msgstr "Diese Option kann auch pro Domain gesetzt werden." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1028 +#: sssd.conf.5.xml:1035 msgid "" "Default: <quote>*</quote> (remote domains) or <quote>x</quote> (the files " "domain)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1036 +#: sssd.conf.5.xml:1043 msgid "PAM configuration options" msgstr "PAM-Konfigurationsoptionen" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1038 +#: sssd.conf.5.xml:1045 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." @@ -1530,12 +1538,12 @@ msgstr "" "Authentication Module« (PAM) einzurichten." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1043 +#: sssd.conf.5.xml:1050 msgid "offline_credentials_expiration (integer)" msgstr "offline_credentials_expiration (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1046 +#: sssd.conf.5.xml:1053 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." @@ -1545,17 +1553,17 @@ msgstr "" "erfolgreichen Anmeldung)?" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1051 sssd.conf.5.xml:1064 +#: sssd.conf.5.xml:1058 sssd.conf.5.xml:1071 msgid "Default: 0 (No limit)" msgstr "Voreinstellung: 0 (unbegrenzt)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1057 +#: sssd.conf.5.xml:1064 msgid "offline_failed_login_attempts (integer)" msgstr "offline_failed_login_attempts (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1060 +#: sssd.conf.5.xml:1067 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." @@ -1564,12 +1572,12 @@ msgstr "" "Authentifizierungsanbieter offline ist?" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1070 +#: sssd.conf.5.xml:1077 msgid "offline_failed_login_delay (integer)" msgstr "offline_failed_login_delay (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1073 +#: sssd.conf.5.xml:1080 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." @@ -1579,7 +1587,7 @@ msgstr "" "Anmeldeversuch möglich ist." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1078 +#: sssd.conf.5.xml:1085 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -1591,17 +1599,17 @@ msgstr "" "Authentifizierung reaktivieren." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1084 sssd.conf.5.xml:1182 +#: sssd.conf.5.xml:1091 sssd.conf.5.xml:1189 msgid "Default: 5" msgstr "Voreinstellung: 5" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1090 +#: sssd.conf.5.xml:1097 msgid "pam_verbosity (integer)" msgstr "pam_verbosity (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1093 +#: sssd.conf.5.xml:1100 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." @@ -1610,43 +1618,43 @@ msgstr "" "angezeigt werden. Je höher die Zahl, desto mehr Nachrichten werden angezeigt." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1098 +#: sssd.conf.5.xml:1105 msgid "Currently sssd supports the following values:" msgstr "Derzeit unterstützt SSSD folgende Werte:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1101 +#: sssd.conf.5.xml:1108 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "<emphasis>0</emphasis>: keine Nachricht anzeigen" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1104 +#: sssd.conf.5.xml:1111 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "<emphasis>1</emphasis>: nur wichtige Nachrichten anzeigen" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1108 +#: sssd.conf.5.xml:1115 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "<emphasis>2</emphasis>: nur informative Nachrichten anzeigen" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1111 +#: sssd.conf.5.xml:1118 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" "<emphasis>3</emphasis>: alle Nachrichten und Debug-Informationen anzeigen" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1115 sssd.8.xml:63 +#: sssd.conf.5.xml:1122 sssd.8.xml:63 msgid "Default: 1" msgstr "Voreinstellung: 1" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1121 +#: sssd.conf.5.xml:1128 msgid "pam_response_filter (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1124 +#: sssd.conf.5.xml:1131 msgid "" "A comma separated list of strings which allows to remove (filter) data sent " "by the PAM responder to pam_sss PAM module. There are different kind of " @@ -1655,61 +1663,61 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1132 +#: sssd.conf.5.xml:1139 msgid "" "While messages already can be controlled with the help of the pam_verbosity " "option this option allows to filter out other kind of responses as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1139 +#: sssd.conf.5.xml:1146 msgid "ENV" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1140 +#: sssd.conf.5.xml:1147 msgid "Do not send any environment variables to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1143 +#: sssd.conf.5.xml:1150 msgid "ENV:var_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1144 +#: sssd.conf.5.xml:1151 msgid "Do not send environment variable var_name to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1148 +#: sssd.conf.5.xml:1155 msgid "ENV:var_name:service" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1149 +#: sssd.conf.5.xml:1156 msgid "Do not send environment variable var_name to service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1137 +#: sssd.conf.5.xml:1144 msgid "" "Currently the following filters are supported: <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1159 +#: sssd.conf.5.xml:1166 msgid "Example: ENV:KRB5CCNAME:sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1165 +#: sssd.conf.5.xml:1172 msgid "pam_id_timeout (integer)" msgstr "pam_id_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1168 +#: sssd.conf.5.xml:1175 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1721,7 +1729,7 @@ msgstr "" "den neusten Informationen erfolgt." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1174 +#: sssd.conf.5.xml:1181 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -1735,17 +1743,17 @@ msgstr "" "viele Abfragen der Identitätsanbieter zu vermeiden." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1188 +#: sssd.conf.5.xml:1195 msgid "pam_pwd_expiration_warning (integer)" msgstr "pam_pwd_expiration_warning (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1191 sssd.conf.5.xml:2010 +#: sssd.conf.5.xml:1198 sssd.conf.5.xml:2028 msgid "Display a warning N days before the password expires." msgstr "zeigt N Tage vor Ablauf des Passworts eine Warnung an." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1194 +#: sssd.conf.5.xml:1201 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1756,7 +1764,7 @@ msgstr "" "SSSD keine Warnung anzeigen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1200 sssd.conf.5.xml:2013 +#: sssd.conf.5.xml:1207 sssd.conf.5.xml:2031 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." @@ -1766,7 +1774,7 @@ msgstr "" "automatisch angezeigt." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1205 +#: sssd.conf.5.xml:1212 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." @@ -1775,12 +1783,12 @@ msgstr "" "emphasis> für eine bestimmte Domain außer Kraft gesetzt werden." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:1234 msgid "pam_trusted_users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1230 +#: sssd.conf.5.xml:1237 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to run PAM conversations against trusted domains. Users not " @@ -1790,74 +1798,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1240 +#: sssd.conf.5.xml:1247 msgid "Default: All users are considered trusted by default" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1244 +#: sssd.conf.5.xml:1251 msgid "" "Please note that UID 0 is always allowed to access the PAM responder even in " "case it is not in the pam_trusted_users list." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1251 +#: sssd.conf.5.xml:1258 msgid "pam_public_domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1254 +#: sssd.conf.5.xml:1261 msgid "" "Specifies the comma-separated list of domain names that are accessible even " "to untrusted users." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1258 +#: sssd.conf.5.xml:1265 msgid "Two special values for pam_public_domains option are defined:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1262 +#: sssd.conf.5.xml:1269 msgid "" "all (Untrusted users are allowed to access all domains in PAM responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1266 +#: sssd.conf.5.xml:1273 msgid "" "none (Untrusted users are not allowed to access any domains PAM in " "responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1270 sssd.conf.5.xml:1295 sssd.conf.5.xml:1314 -#: sssd.conf.5.xml:1807 sssd.conf.5.xml:2751 sssd-ldap.5.xml:1850 +#: sssd.conf.5.xml:1277 sssd.conf.5.xml:1302 sssd.conf.5.xml:1321 +#: sssd.conf.5.xml:1825 sssd.conf.5.xml:2782 sssd-ldap.5.xml:1968 msgid "Default: none" msgstr "Voreinstellung: none" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1275 +#: sssd.conf.5.xml:1282 msgid "pam_account_expired_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1278 +#: sssd.conf.5.xml:1285 msgid "" "Allows a custom expiration message to be set, replacing the default " "'Permission denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1283 +#: sssd.conf.5.xml:1290 msgid "" "Note: Please be aware that message is only printed for the SSH service " "unless pam_verbosity is set to 3 (show all messages and debug information)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1291 +#: sssd.conf.5.xml:1298 #, no-wrap msgid "" "pam_account_expired_message = Account expired, please contact help desk.\n" @@ -1865,19 +1873,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1300 +#: sssd.conf.5.xml:1307 msgid "pam_account_locked_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1303 +#: sssd.conf.5.xml:1310 msgid "" "Allows a custom lockout message to be set, replacing the default 'Permission " "denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1310 +#: sssd.conf.5.xml:1317 #, no-wrap msgid "" "pam_account_locked_message = Account locked, please contact help desk.\n" @@ -1885,12 +1893,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1319 +#: sssd.conf.5.xml:1326 msgid "pam_cert_auth (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1322 +#: sssd.conf.5.xml:1329 msgid "" "Enable certificate based Smartcard authentication. Since this requires " "additional communication with the Smartcard which will delay the " @@ -1898,58 +1906,58 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1328 sssd-ldap.5.xml:1078 sssd-ldap.5.xml:1105 -#: sssd-ldap.5.xml:1396 sssd-ldap.5.xml:1417 sssd-ldap.5.xml:1923 -#: include/ldap_id_mapping.xml:244 +#: sssd.conf.5.xml:1335 sssd.conf.5.xml:2875 sssd-ldap.5.xml:1087 +#: sssd-ldap.5.xml:1114 sssd-ldap.5.xml:1514 sssd-ldap.5.xml:1535 +#: sssd-ldap.5.xml:2041 include/ldap_id_mapping.xml:244 msgid "Default: False" msgstr "Voreinstellung: False" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1333 +#: sssd.conf.5.xml:1340 msgid "pam_cert_db_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1336 +#: sssd.conf.5.xml:1343 msgid "" "The path to the certificate database which contain the PKCS#11 modules to " "access the Smartcard." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1340 +#: sssd.conf.5.xml:1347 msgid "Default: /etc/pki/nssdb (NSS version)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1345 +#: sssd.conf.5.xml:1352 msgid "p11_child_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1348 +#: sssd.conf.5.xml:1355 msgid "How many seconds will pam_sss wait for p11_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1357 +#: sssd.conf.5.xml:1364 msgid "pam_app_services (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1360 +#: sssd.conf.5.xml:1367 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1373 +#: sssd.conf.5.xml:1380 msgid "SUDO configuration options" msgstr "Sudo-Konfigurationsoptionen" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1375 +#: sssd.conf.5.xml:1382 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -1967,12 +1975,12 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1392 +#: sssd.conf.5.xml:1399 msgid "sudo_timed (bool)" msgstr "sudo_timed (Boolesch)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1395 +#: sssd.conf.5.xml:1402 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." @@ -1982,14 +1990,14 @@ msgstr "" "nicht." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1407 +#: sssd.conf.5.xml:1414 #, fuzzy #| msgid "ldap_deref_threshold (integer)" msgid "sudo_threshold (integer)" msgstr "ldap_deref_threshold (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1410 +#: sssd.conf.5.xml:1417 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -1999,23 +2007,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1429 +#: sssd.conf.5.xml:1436 msgid "AUTOFS configuration options" msgstr "AUTOFS-Konfigurationsoptionen" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1431 +#: sssd.conf.5.xml:1438 msgid "These options can be used to configure the autofs service." msgstr "" "Diese Optionen können zum Konfigurieren des Dienstes »autofs« benutzt werden." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1435 +#: sssd.conf.5.xml:1442 msgid "autofs_negative_timeout (integer)" msgstr "autofs_negative_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1438 +#: sssd.conf.5.xml:1445 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -2026,23 +2034,23 @@ msgstr "" "nicht existierende), bevor das Backend erneut befragt wird." #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1454 +#: sssd.conf.5.xml:1461 msgid "SSH configuration options" msgstr "SSH-Konfigurationsoptionen" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1456 +#: sssd.conf.5.xml:1463 msgid "These options can be used to configure the SSH service." msgstr "" "Diese Optionen können zum Konfigurieren des SSH-Dienstes benutzt werden." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1460 +#: sssd.conf.5.xml:1467 msgid "ssh_hash_known_hosts (bool)" msgstr "ssh_hash_known_hosts (Boolesch)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1463 +#: sssd.conf.5.xml:1470 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." @@ -2051,12 +2059,12 @@ msgstr "" "»known_hosts« zusammengemischt werden oder nicht." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1472 +#: sssd.conf.5.xml:1479 msgid "ssh_known_hosts_timeout (integer)" msgstr "ssh_known_hosts_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1475 +#: sssd.conf.5.xml:1482 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." @@ -2065,34 +2073,34 @@ msgstr "" "»known_hosts« behalten wird, bevor seine Rechnerschlüssel abgefragt werden." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1479 +#: sssd.conf.5.xml:1486 msgid "Default: 180" msgstr "Voreinstellung: 180" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1484 +#: sssd.conf.5.xml:1491 msgid "ca_db (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1487 +#: sssd.conf.5.xml:1494 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1492 +#: sssd.conf.5.xml:1499 msgid "Default: /etc/pki/nssdb" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1500 +#: sssd.conf.5.xml:1507 msgid "PAC responder configuration options" msgstr "PAC-Responder-Konfigurationsoptionen" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1502 +#: sssd.conf.5.xml:1509 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -2103,7 +2111,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1511 +#: sssd.conf.5.xml:1518 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -2114,7 +2122,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1519 +#: sssd.conf.5.xml:1526 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." @@ -2123,18 +2131,18 @@ msgstr "" "diesen Gruppen hinzugefügt." #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1525 +#: sssd.conf.5.xml:1532 msgid "These options can be used to configure the PAC responder." msgstr "" "Diese Optionen können zur Konfiguration des PAC-Responders verwendet werden." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1529 sssd-ifp.5.xml:50 +#: sssd.conf.5.xml:1536 sssd-ifp.5.xml:50 msgid "allowed_uids (string)" msgstr "allowed_uids (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1532 +#: sssd.conf.5.xml:1539 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -2145,14 +2153,14 @@ msgstr "" "beim Starten zu UIDs aufgelöst." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1538 +#: sssd.conf.5.xml:1545 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" "Voreinstellung: 0 (Nur dem Benutzer Root ist der Zugriff auf den PAC-" "Responder gestattet.)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1542 +#: sssd.conf.5.xml:1549 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -2165,26 +2173,26 @@ msgstr "" "der Liste der erlaubten UIDs auch die 0 hinzufügen." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1551 +#: sssd.conf.5.xml:1558 msgid "pac_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1554 +#: sssd.conf.5.xml:1561 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1567 +#: sssd.conf.5.xml:1574 #, fuzzy #| msgid "PAC responder configuration options" msgid "Session recording configuration options" msgstr "PAC-Responder-Konfigurationsoptionen" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1569 +#: sssd.conf.5.xml:1576 #, fuzzy #| msgid "" #| "This manual page describes the configuration of the AD provider for " @@ -2207,38 +2215,38 @@ msgstr "" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1582 +#: sssd.conf.5.xml:1589 #, fuzzy #| msgid "These options can be used to configure any service." msgid "These options can be used to configure session recording." msgstr "Diese Optionen können zur Konfiguration jedes Dienstes benutzt werden." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1586 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:1593 sssd-session-recording.5.xml:64 #, fuzzy #| msgid "sudo_provider (string)" msgid "scope (string)" msgstr "sudo_provider (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1593 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:1600 sssd-session-recording.5.xml:71 #, fuzzy #| msgid "none" msgid "\"none\"" msgstr "none" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1596 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:1603 sssd-session-recording.5.xml:74 msgid "No users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1601 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:1608 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1604 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:1611 sssd-session-recording.5.xml:82 #, fuzzy #| msgid "" #| "Append this user to groups specified by the <replaceable>GROUPS</" @@ -2254,17 +2262,17 @@ msgstr "" "von Gruppennamen." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1613 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:1620 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1616 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:1623 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1589 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:1596 sssd-session-recording.5.xml:67 #, fuzzy #| msgid "" #| "The following expansions are supported: <placeholder type=\"variablelist" @@ -2277,21 +2285,21 @@ msgstr "" "\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1623 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:1630 sssd-session-recording.5.xml:101 #, fuzzy #| msgid "Default: none" msgid "Default: \"none\"" msgstr "Voreinstellung: none" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1628 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:1635 sssd-session-recording.5.xml:106 #, fuzzy #| msgid "skel_dir (string)" msgid "users (string)" msgstr "skel_dir (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1631 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:1638 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording enabled. " "Matches user names as returned by NSS. I.e. after the possible space " @@ -2299,21 +2307,21 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1637 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:1644 sssd-session-recording.5.xml:115 #, fuzzy #| msgid "Default: empty, i.e. ldap_uri is used." msgid "Default: Empty. Matches no users." msgstr "Voreinstellung: leer, d.h., dass »ldap_uri« benutzt wird" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1642 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:1649 sssd-session-recording.5.xml:120 #, fuzzy #| msgid "ldap_group_name (string)" msgid "groups (string)" msgstr "ldap_group_name (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1645 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:1652 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " @@ -2321,7 +2329,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1651 sssd-session-recording.5.xml:129 +#: sssd.conf.5.xml:1658 sssd-session-recording.5.xml:129 msgid "" "NOTE: using this option (having it set to anything) has a considerable " "performance cost, because each uncached request for a user requires " @@ -2329,22 +2337,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1658 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:1665 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1668 +#: sssd.conf.5.xml:1675 msgid "DOMAIN SECTIONS" msgstr "DOMAIN-ABSCHNITTE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1675 +#: sssd.conf.5.xml:1682 msgid "domain_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1678 +#: sssd.conf.5.xml:1685 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " @@ -2353,14 +2361,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1686 +#: sssd.conf.5.xml:1693 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1690 +#: sssd.conf.5.xml:1697 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " @@ -2369,31 +2377,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1698 +#: sssd.conf.5.xml:1705 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1702 +#: sssd.conf.5.xml:1709 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1706 +#: sssd.conf.5.xml:1713 msgid "Default: posix" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1712 +#: sssd.conf.5.xml:1719 msgid "min_id,max_id (integer)" msgstr "min_id,max_id (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1715 +#: sssd.conf.5.xml:1722 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." @@ -2402,7 +2410,7 @@ msgstr "" "enthält, der jenseits dieser Beschränkungen liegt, wird er ignoriert." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1720 +#: sssd.conf.5.xml:1727 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -2415,7 +2423,7 @@ msgstr "" "werden jene, die im Bereich liegen, wie erwartet gemeldet." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1727 +#: sssd.conf.5.xml:1734 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." @@ -2424,41 +2432,57 @@ msgstr "" "den Zwischenspeicher und nicht nur ihre Rückgabe über Name oder ID." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1731 +#: sssd.conf.5.xml:1738 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "Voreinstellung: 1 für »min_id«, 0 (keine Beschränkung) für »max_id«" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1737 +#: sssd.conf.5.xml:1744 msgid "enumerate (bool)" msgstr "enumerate (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1740 +#: sssd.conf.5.xml:1747 msgid "" -"Determines if a domain can be enumerated. This parameter can have one of the " -"following values:" +"Determines if a domain can be enumerated, that is, whether the domain can " +"list all the users and group it contains. Note that it is not required to " +"enable enumeration in order for secondary groups to be displayed. This " +"parameter can have one of the following values:" msgstr "" -"bestimmt, ob eine Domain aufgezählt werden kann. Dieser Parameter kann einen " -"der folgenden Werte haben:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1744 +#: sssd.conf.5.xml:1755 msgid "TRUE = Users and groups are enumerated" msgstr "TRUE = Benutzer und Gruppen werden aufgezählt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1747 +#: sssd.conf.5.xml:1758 msgid "FALSE = No enumerations for this domain" msgstr "FALSE = keine Aufzählungen für diese Domain" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1750 sssd.conf.5.xml:1965 sssd.conf.5.xml:2132 +#: sssd.conf.5.xml:1761 sssd.conf.5.xml:1983 sssd.conf.5.xml:2150 msgid "Default: FALSE" msgstr "Voreinstellung: FALSE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1753 +#: sssd.conf.5.xml:1764 +msgid "" +"Enumerating a domain requires SSSD to download and store ALL user and group " +"entries from the remote server." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1769 +#, fuzzy +#| msgid "" +#| "Note: Enabling enumeration has a moderate performance impact on SSSD " +#| "while enumeration is running. It may take up to several minutes after " +#| "SSSD startup to fully complete enumerations. During this time, " +#| "individual requests for information will go directly to LDAP, though it " +#| "may be slow, due to the heavy enumeration processing. Saving a large " +#| "number of entries to cache after the enumeration completes might also be " +#| "CPU intensive as the memberships have to be recomputed." msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -2466,7 +2490,9 @@ msgid "" "information will go directly to LDAP, though it may be slow, due to the " "heavy enumeration processing. Saving a large number of entries to cache " "after the enumeration completes might also be CPU intensive as the " -"memberships have to be recomputed." +"memberships have to be recomputed. This can lead to the <quote>sssd_be</" +"quote> process becoming unresponsive or even restarted by the internal " +"watchdog." msgstr "" "Hinweis: Aktivieren der Aufzählung hat mäßige Auswirkungen auf die Leistung " "von SSSD, während die Aufzählung läuft. Das Vervollständigen der " @@ -2478,7 +2504,7 @@ msgstr "" "die Mitgliedschaften neu berechnet werden müssen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1766 +#: sssd.conf.5.xml:1784 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." @@ -2488,7 +2514,7 @@ msgstr "" "Ergebnisse zurück." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1771 +#: sssd.conf.5.xml:1789 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -2503,7 +2529,7 @@ msgstr "" "benutzten »id_provider«." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1779 +#: sssd.conf.5.xml:1797 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." @@ -2512,32 +2538,32 @@ msgstr "" "insbesondere in großen Umgebungen, nicht empfohlen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1787 +#: sssd.conf.5.xml:1805 msgid "subdomain_enumerate (string)" msgstr "subdomain_enumerate (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1794 +#: sssd.conf.5.xml:1812 msgid "all" msgstr "all" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1795 +#: sssd.conf.5.xml:1813 msgid "All discovered trusted domains will be enumerated" msgstr "Alle entdeckten vertrauenswürdigen Domains werden aufgezählt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1798 +#: sssd.conf.5.xml:1816 msgid "none" msgstr "none" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1799 +#: sssd.conf.5.xml:1817 msgid "No discovered trusted domains will be enumerated" msgstr "Keine der entdeckten vertrauenswürdigen Domains wird aufgezählt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1790 +#: sssd.conf.5.xml:1808 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -2551,12 +2577,12 @@ msgstr "" "Domains aktivieren." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1813 +#: sssd.conf.5.xml:1831 msgid "entry_cache_timeout (integer)" msgstr "entry_cache_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1816 +#: sssd.conf.5.xml:1834 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" @@ -2565,7 +2591,7 @@ msgstr "" "soll, bevor das Backend erneut abgefragt wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1820 +#: sssd.conf.5.xml:1838 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -2583,17 +2609,17 @@ msgstr "" "wurden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1833 +#: sssd.conf.5.xml:1851 msgid "Default: 5400" msgstr "Voreinstellung: 5400" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1839 +#: sssd.conf.5.xml:1857 msgid "entry_cache_user_timeout (integer)" msgstr "entry_cache_user_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1842 +#: sssd.conf.5.xml:1860 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" @@ -2602,19 +2628,19 @@ msgstr "" "betrachten soll, bevor das Backend erneut abgefragt wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1846 sssd.conf.5.xml:1859 sssd.conf.5.xml:1872 -#: sssd.conf.5.xml:1885 sssd.conf.5.xml:1898 sssd.conf.5.xml:1912 -#: sssd.conf.5.xml:1926 +#: sssd.conf.5.xml:1864 sssd.conf.5.xml:1877 sssd.conf.5.xml:1890 +#: sssd.conf.5.xml:1903 sssd.conf.5.xml:1916 sssd.conf.5.xml:1930 +#: sssd.conf.5.xml:1944 msgid "Default: entry_cache_timeout" msgstr "Voreinstellung: entry_cache_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1852 +#: sssd.conf.5.xml:1870 msgid "entry_cache_group_timeout (integer)" msgstr "entry_cache_group_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1855 +#: sssd.conf.5.xml:1873 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" @@ -2623,12 +2649,12 @@ msgstr "" "betrachten soll, bevor das Backend erneut abgefragt wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1865 +#: sssd.conf.5.xml:1883 msgid "entry_cache_netgroup_timeout (integer)" msgstr "entry_cache_netgroup_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1868 +#: sssd.conf.5.xml:1886 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" @@ -2637,12 +2663,12 @@ msgstr "" "betrachten soll, bevor das Backend erneut abgefragt wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1878 +#: sssd.conf.5.xml:1896 msgid "entry_cache_service_timeout (integer)" msgstr "entry_cache_service_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1881 +#: sssd.conf.5.xml:1899 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" @@ -2651,12 +2677,12 @@ msgstr "" "betrachten soll, bevor das Backend erneut abgefragt wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1891 +#: sssd.conf.5.xml:1909 msgid "entry_cache_sudo_timeout (integer)" msgstr "entry_cache_sudo_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1894 +#: sssd.conf.5.xml:1912 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" @@ -2665,12 +2691,12 @@ msgstr "" "bevor das Backend erneut abgefragt wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1904 +#: sssd.conf.5.xml:1922 msgid "entry_cache_autofs_timeout (integer)" msgstr "entry_cache_autofs_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1907 +#: sssd.conf.5.xml:1925 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" @@ -2680,24 +2706,24 @@ msgstr "" "wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1918 +#: sssd.conf.5.xml:1936 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1921 +#: sssd.conf.5.xml:1939 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1932 +#: sssd.conf.5.xml:1950 msgid "refresh_expired_interval (integer)" msgstr "refresh_expired_interval (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1935 +#: sssd.conf.5.xml:1953 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." @@ -2707,49 +2733,49 @@ msgstr "" "abgelaufenen oder beinahe abgelaufenen Daten aktualisiert werden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1940 +#: sssd.conf.5.xml:1958 msgid "" "The background refresh will process users, groups and netgroups in the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1944 +#: sssd.conf.5.xml:1962 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" "Sie können in Betracht ziehen, diesen Wert auf 3/4 * entry_cache_timeout zu " "setzen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1948 sssd-ldap.5.xml:746 sssd-ipa.5.xml:248 +#: sssd.conf.5.xml:1966 sssd-ldap.5.xml:746 sssd-ipa.5.xml:254 msgid "Default: 0 (disabled)" msgstr "Voreinstellung: 0 (deaktiviert)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1954 +#: sssd.conf.5.xml:1972 msgid "cache_credentials (bool)" msgstr "cache_credentials (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1957 +#: sssd.conf.5.xml:1975 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" "bestimmt, ob auch Benutzerberechtigungen im lokalen LDB-Zwischenspeicher " "zwischengespeichert werden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1961 +#: sssd.conf.5.xml:1979 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" "Benutzerberechtigungen werden in einem SHA512-Hash, nicht im Klartext " "gespeichert." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1971 +#: sssd.conf.5.xml:1989 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1974 +#: sssd.conf.5.xml:1992 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " @@ -2757,24 +2783,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1981 +#: sssd.conf.5.xml:1999 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1986 +#: sssd.conf.5.xml:2004 msgid "Default: 8" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1992 +#: sssd.conf.5.xml:2010 msgid "account_cache_expiration (integer)" msgstr "account_cache_expiration (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1995 +#: sssd.conf.5.xml:2013 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -2787,17 +2813,17 @@ msgstr "" "Parameters muss größer oder gleich »offline_credentials_expiration« sein." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2002 +#: sssd.conf.5.xml:2020 msgid "Default: 0 (unlimited)" msgstr "Voreinstellung: 0 (unbegrenzt)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2007 +#: sssd.conf.5.xml:2025 msgid "pwd_expiration_warning (integer)" msgstr "pwd_expiration_warning (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2018 +#: sssd.conf.5.xml:2036 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -2810,17 +2836,17 @@ msgstr "" "Authentifizierungsanbieter konfiguriert werden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2025 +#: sssd.conf.5.xml:2043 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "Voreinstellung: 7 (Kerberos), 0 (LDAP)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2031 +#: sssd.conf.5.xml:2049 msgid "id_provider (string)" msgstr "id_provider (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2034 +#: sssd.conf.5.xml:2052 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" @@ -2828,17 +2854,17 @@ msgstr "" "werden unterstützt:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2038 +#: sssd.conf.5.xml:2056 msgid "<quote>proxy</quote>: Support a legacy NSS provider" msgstr "»proxy«: unterstützt einen veralteten NSS-Anbieter." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2041 sssd.conf.5.xml:2178 +#: sssd.conf.5.xml:2059 sssd.conf.5.xml:2196 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "»local«: SSSDs interner Anbieter für lokale Benutzer" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2045 +#: sssd.conf.5.xml:2063 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -2849,8 +2875,8 @@ msgstr "" "<manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2053 sssd.conf.5.xml:2158 sssd.conf.5.xml:2213 -#: sssd.conf.5.xml:2276 +#: sssd.conf.5.xml:2071 sssd.conf.5.xml:2176 sssd.conf.5.xml:2231 +#: sssd.conf.5.xml:2294 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -2863,8 +2889,8 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2062 sssd.conf.5.xml:2167 sssd.conf.5.xml:2222 -#: sssd.conf.5.xml:2285 +#: sssd.conf.5.xml:2080 sssd.conf.5.xml:2185 sssd.conf.5.xml:2240 +#: sssd.conf.5.xml:2303 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2876,12 +2902,12 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2073 +#: sssd.conf.5.xml:2091 msgid "use_fully_qualified_names (bool)" msgstr "use_fully_qualified_names (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2076 +#: sssd.conf.5.xml:2094 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." @@ -2891,7 +2917,7 @@ msgstr "" "Benutzers, der an NSS gemeldet wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2081 +#: sssd.conf.5.xml:2099 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -2905,7 +2931,7 @@ msgstr "" "test@LOCAL</command> würde ihn hingegen finden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2089 +#: sssd.conf.5.xml:2107 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -2917,22 +2943,22 @@ msgstr "" "nicht voll qualifizierter Name angefragt wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2096 +#: sssd.conf.5.xml:2114 msgid "Default: FALSE (TRUE if default_domain_suffix is used)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2102 +#: sssd.conf.5.xml:2120 msgid "ignore_group_members (bool)" msgstr "ignore_group_members (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2105 +#: sssd.conf.5.xml:2123 msgid "Do not return group members for group lookups." msgstr "gibt beim Nachschlagen der Gruppe nicht die Gruppenmitglieder zurück." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2108 +#: sssd.conf.5.xml:2126 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -2944,7 +2970,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2126 +#: sssd.conf.5.xml:2144 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " @@ -2952,12 +2978,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2137 +#: sssd.conf.5.xml:2155 msgid "auth_provider (string)" msgstr "auth_provider (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2140 +#: sssd.conf.5.xml:2158 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" @@ -2966,7 +2992,7 @@ msgstr "" "Authentifizierungsanbieter werden unterstützt:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2144 sssd.conf.5.xml:2206 +#: sssd.conf.5.xml:2162 sssd.conf.5.xml:2224 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2977,7 +3003,7 @@ msgstr "" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2151 +#: sssd.conf.5.xml:2169 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2989,19 +3015,19 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2175 +#: sssd.conf.5.xml:2193 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" "»proxy« zur Weitergabe der Authentifizierung an irgendein anderes PAM-Ziel" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2182 +#: sssd.conf.5.xml:2200 msgid "<quote>none</quote> disables authentication explicitly." msgstr "»none« deaktiviert explizit die Authentifizierung." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2185 +#: sssd.conf.5.xml:2203 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." @@ -3010,12 +3036,12 @@ msgstr "" "mit Authentifizierungsanfragen umgehen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2191 +#: sssd.conf.5.xml:2209 msgid "access_provider (string)" msgstr "access_provider (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2194 +#: sssd.conf.5.xml:2212 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -3026,7 +3052,7 @@ msgstr "" "Backends enthalten sind). Interne Spezialanbieter sind:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2200 +#: sssd.conf.5.xml:2218 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." @@ -3035,12 +3061,12 @@ msgstr "" "für eine lokale Domain." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2203 +#: sssd.conf.5.xml:2221 msgid "<quote>deny</quote> always deny access." msgstr "»deny« verweigert dem Zugriff immer." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2230 +#: sssd.conf.5.xml:2248 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -3053,7 +3079,7 @@ msgstr "" "simple</refentrytitle> <manvolnum>5</manvolnum></citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2237 +#: sssd.conf.5.xml:2255 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum></" @@ -3061,22 +3087,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2244 +#: sssd.conf.5.xml:2262 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2247 +#: sssd.conf.5.xml:2265 msgid "Default: <quote>permit</quote>" msgstr "Voreinstellung: »permit«" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2252 +#: sssd.conf.5.xml:2270 msgid "chpass_provider (string)" msgstr "chpass_provider (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2255 +#: sssd.conf.5.xml:2273 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" @@ -3085,7 +3111,7 @@ msgstr "" "Folgende Anbieter von Passwortänderungen werden unterstützt:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2260 +#: sssd.conf.5.xml:2278 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -3093,7 +3119,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2268 +#: sssd.conf.5.xml:2286 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3105,19 +3131,19 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2293 +#: sssd.conf.5.xml:2311 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" "»proxy« zur Weitergabe der Passwortänderung an irgendein anderes PAM-Ziel" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2297 +#: sssd.conf.5.xml:2315 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "»none« verbietet explizit Passwortänderungen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2300 +#: sssd.conf.5.xml:2318 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." @@ -3126,19 +3152,19 @@ msgstr "" "kann mit Passwortänderungsanfragen umgehen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2307 +#: sssd.conf.5.xml:2325 msgid "sudo_provider (string)" msgstr "sudo_provider (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2310 +#: sssd.conf.5.xml:2328 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" "der für diese Domain benutzte Sudo-Anbieter. Folgende Sudo-Anbieter werden " "unterstützt:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2314 +#: sssd.conf.5.xml:2332 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3149,7 +3175,7 @@ msgstr "" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2322 +#: sssd.conf.5.xml:2340 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." @@ -3158,7 +3184,7 @@ msgstr "" "Vorgabeeinstellungen für IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2326 +#: sssd.conf.5.xml:2344 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." @@ -3167,19 +3193,19 @@ msgstr "" "Vorgabeeinstellungen für AD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2330 +#: sssd.conf.5.xml:2348 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "»none« deaktiviert explizit Sudo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2333 sssd.conf.5.xml:2411 sssd.conf.5.xml:2476 -#: sssd.conf.5.xml:2501 +#: sssd.conf.5.xml:2351 sssd.conf.5.xml:2437 sssd.conf.5.xml:2507 +#: sssd.conf.5.xml:2532 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" "Voreinstellung: Falls gesetzt, wird der Wert von »id_provider« benutzt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2337 +#: sssd.conf.5.xml:2355 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -3195,13 +3221,22 @@ msgstr "" "»ldap_sudo_*« in <citerefentry> <refentrytitle>sssd-ldap</refentrytitle> " "<manvolnum>5</manvolnum> </citerefentry>." +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2370 +msgid "" +"<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " +"background unless the sudo provider is explicitly disabled. Set " +"<emphasis>sudo_provider = None</emphasis> to disable all sudo-related " +"activity in SSSD if you do not want to use sudo with SSSD at all." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2354 +#: sssd.conf.5.xml:2380 msgid "selinux_provider (string)" msgstr "selinux_provider (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2357 +#: sssd.conf.5.xml:2383 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -3212,7 +3247,7 @@ msgstr "" "Zugriffsanbieter beendet hat. Folgende SELinux-Anbieter werden unterstützt:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2363 +#: sssd.conf.5.xml:2389 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3224,12 +3259,12 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2371 +#: sssd.conf.5.xml:2397 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "»none« verbietet explizit das Abholen von SELinux-Einstellungen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2374 +#: sssd.conf.5.xml:2400 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." @@ -3238,12 +3273,12 @@ msgstr "" "kann SELinux-Ladeanfragen handhaben." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2380 +#: sssd.conf.5.xml:2406 msgid "subdomains_provider (string)" msgstr "subdomains_provider (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2383 +#: sssd.conf.5.xml:2409 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" @@ -3253,7 +3288,7 @@ msgstr "" "werden unterstützt:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2389 +#: sssd.conf.5.xml:2415 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3265,7 +3300,7 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2398 +#: sssd.conf.5.xml:2424 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -3274,19 +3309,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2407 +#: sssd.conf.5.xml:2433 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "»none« deaktiviert explizit das Abholen von Subdomains." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2417 +#: sssd.conf.5.xml:2443 #, fuzzy #| msgid "selinux_provider (string)" msgid "session_provider (string)" msgstr "selinux_provider (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2420 +#: sssd.conf.5.xml:2446 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " @@ -3294,18 +3329,18 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2427 +#: sssd.conf.5.xml:2453 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2431 +#: sssd.conf.5.xml:2457 msgid "" "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2435 +#: sssd.conf.5.xml:2461 #, fuzzy #| msgid "" #| "Default: <quote>id_provider</quote> is used if it is set and can handle " @@ -3317,13 +3352,20 @@ msgstr "" "Voreinstellung: Falls gesetzt, wird der Wert von »id_provider« benutzt. Er " "kann SELinux-Ladeanfragen handhaben." +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2465 +msgid "" +"<emphasis>NOTE:</emphasis> In order to have this feature working as expected " +"SSSD must be running as \"root\" and not as the unprivileged user." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2442 +#: sssd.conf.5.xml:2473 msgid "autofs_provider (string)" msgstr "autofs_provider (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2445 +#: sssd.conf.5.xml:2476 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" @@ -3331,7 +3373,7 @@ msgstr "" "»autofs« werden unterstützt:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2449 +#: sssd.conf.5.xml:2480 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3343,7 +3385,7 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2456 +#: sssd.conf.5.xml:2487 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3355,7 +3397,7 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2464 +#: sssd.conf.5.xml:2495 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3363,17 +3405,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2473 +#: sssd.conf.5.xml:2504 msgid "<quote>none</quote> disables autofs explicitly." msgstr "»none« deaktiviert explizit »autofs«." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2483 +#: sssd.conf.5.xml:2514 msgid "hostid_provider (string)" msgstr "hostid_provider (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2486 +#: sssd.conf.5.xml:2517 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" @@ -3382,7 +3424,7 @@ msgstr "" "wird. Folgende Anbieter von »hostid« werden unterstützt:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2490 +#: sssd.conf.5.xml:2521 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3394,12 +3436,12 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2498 +#: sssd.conf.5.xml:2529 msgid "<quote>none</quote> disables hostid explicitly." msgstr "»none« deaktiviert explizit »hostid«." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2511 +#: sssd.conf.5.xml:2542 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -3414,7 +3456,7 @@ msgstr "" "(NetBIOS-) Namen der Domain entsprechen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2520 +#: sssd.conf.5.xml:2551 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -3426,22 +3468,22 @@ msgstr "" "P<Name>[^@\\\\]+)$))« " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2525 +#: sssd.conf.5.xml:2556 msgid "username" msgstr "Benutzername" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2528 +#: sssd.conf.5.xml:2559 msgid "username@domain.name" msgstr "Benutzername@Domain.Name" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2531 +#: sssd.conf.5.xml:2562 msgid "domain\\username" msgstr "Domain\\Benutzername" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2534 +#: sssd.conf.5.xml:2565 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." @@ -3451,7 +3493,7 @@ msgstr "" "Windows-Domains zu ermöglichen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2539 +#: sssd.conf.5.xml:2570 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -3461,7 +3503,7 @@ msgstr "" "bedeutet »der Name ist alles bis zum »@«-Zeichen, die Domain alles danach«" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2545 +#: sssd.conf.5.xml:2576 msgid "" "PLEASE NOTE: the support for non-unique named subpatterns is not available " "on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre " @@ -3473,7 +3515,7 @@ msgstr "" "eindeutig benannte Musterteile unterstützen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2552 +#: sssd.conf.5.xml:2583 msgid "" "PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?" "P<name>) to label subpatterns." @@ -3482,17 +3524,17 @@ msgstr "" "Beschriftungsmusterteile nur die Python-Syntax (?P<Name>)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2599 +#: sssd.conf.5.xml:2630 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "Voreinstellung: »%1$s@%2$s«" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2605 +#: sssd.conf.5.xml:2636 msgid "lookup_family_order (string)" msgstr "lookup_family_order (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2608 +#: sssd.conf.5.xml:2639 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." @@ -3500,46 +3542,46 @@ msgstr "" "ermöglicht es, die bei DNS-Abfragen zu bevorzugende Adressfamilie zu wählen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2612 +#: sssd.conf.5.xml:2643 msgid "Supported values:" msgstr "unterstützte Werte:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2615 +#: sssd.conf.5.xml:2646 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" "ipv4_first: versucht die IPv4- und, falls dies fehlschlägt, die IPv6-Adresse " "nachzuschlagen" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2618 +#: sssd.conf.5.xml:2649 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "ipv4_only: versucht, nur Rechnernamen zu IPv4-Adressen aufzulösen" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2621 +#: sssd.conf.5.xml:2652 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" "ipv6_first: versucht die IPv6- und, falls dies fehlschlägt, die IPv4-Adresse " "nachzuschlagen" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2624 +#: sssd.conf.5.xml:2655 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "ipv6_only: versucht, nur Rechnernamen zu IPv6-Adressen aufzulösen" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2627 +#: sssd.conf.5.xml:2658 msgid "Default: ipv4_first" msgstr "Voreinstellung: ipv4_first" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2633 +#: sssd.conf.5.xml:2664 msgid "dns_resolver_timeout (integer)" msgstr "dns_resolver_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2636 +#: sssd.conf.5.xml:2667 #, fuzzy #| msgid "" #| "Defines the amount of time (in seconds) to wait for a reply from the DNS " @@ -3557,25 +3599,25 @@ msgstr "" "Offline-Modus arbeiten." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2643 +#: sssd.conf.5.xml:2674 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2648 sssd-ldap.5.xml:1278 sssd-ldap.5.xml:1320 -#: sssd-ldap.5.xml:1338 sssd-krb5.5.xml:248 +#: sssd.conf.5.xml:2679 sssd-ldap.5.xml:1396 sssd-ldap.5.xml:1438 +#: sssd-ldap.5.xml:1456 sssd-krb5.5.xml:248 msgid "Default: 6" msgstr "Voreinstellung: 6" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2654 +#: sssd.conf.5.xml:2685 msgid "dns_discovery_domain (string)" msgstr "dns_discovery_domain (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2657 +#: sssd.conf.5.xml:2688 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." @@ -3584,52 +3626,52 @@ msgstr "" "DNS-Dienstabfrage an." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2661 +#: sssd.conf.5.xml:2692 msgid "Default: Use the domain part of machine's hostname" msgstr "Voreinstellung: Der Domain-Teil des Rechnernamens wird benutzt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2667 +#: sssd.conf.5.xml:2698 msgid "override_gid (integer)" msgstr "override_gid (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2670 +#: sssd.conf.5.xml:2701 msgid "Override the primary GID value with the one specified." msgstr "überschreibt die Haupt-GID mit der angegebenen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2676 +#: sssd.conf.5.xml:2707 msgid "case_sensitive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2684 +#: sssd.conf.5.xml:2715 msgid "True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2687 +#: sssd.conf.5.xml:2718 msgid "Case sensitive. This value is invalid for AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2693 +#: sssd.conf.5.xml:2724 msgid "False" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2695 +#: sssd.conf.5.xml:2726 msgid "Case insensitive." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2699 +#: sssd.conf.5.xml:2730 msgid "Preserving" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2702 +#: sssd.conf.5.xml:2733 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " @@ -3637,7 +3679,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2679 +#: sssd.conf.5.xml:2710 msgid "" "Treat user and group names as case sensitive. At the moment, this option is " "not supported in the local provider. Possible option values are: " @@ -3645,17 +3687,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2714 +#: sssd.conf.5.xml:2745 msgid "Default: True (False for AD provider)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2720 +#: sssd.conf.5.xml:2751 msgid "subdomain_inherit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2723 +#: sssd.conf.5.xml:2754 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " @@ -3663,34 +3705,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2729 +#: sssd.conf.5.xml:2760 msgid "ignore_group_members" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2732 +#: sssd.conf.5.xml:2763 msgid "ldap_purge_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2735 sssd-ldap.5.xml:1111 +#: sssd.conf.5.xml:2766 sssd-ldap.5.xml:1120 msgid "ldap_use_tokengroups" msgstr "ldap_use_tokengroups" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2738 +#: sssd.conf.5.xml:2769 msgid "ldap_user_principal" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2741 +#: sssd.conf.5.xml:2772 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:2747 +#: sssd.conf.5.xml:2778 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" @@ -3698,32 +3740,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2745 sssd-secrets.5.xml:448 +#: sssd.conf.5.xml:2776 sssd-secrets.5.xml:448 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2754 +#: sssd.conf.5.xml:2785 msgid "Note: This option only works with the IPA and AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2761 +#: sssd.conf.5.xml:2792 msgid "subdomain_homedir (string)" msgstr "subdomain_homedir (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2772 +#: sssd.conf.5.xml:2803 msgid "%F" msgstr "%F" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2773 +#: sssd.conf.5.xml:2804 msgid "flat (NetBIOS) name of a subdomain." msgstr "flacher (NetBIOS-) Name einer Subdomain" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2764 +#: sssd.conf.5.xml:2795 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -3738,7 +3780,7 @@ msgstr "" "verwendet werden. <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2778 +#: sssd.conf.5.xml:2809 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" @@ -3746,17 +3788,17 @@ msgstr "" "überschrieben werden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2782 +#: sssd.conf.5.xml:2813 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "Voreinstellung: <filename>/home/%d/%u</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2787 +#: sssd.conf.5.xml:2818 msgid "realmd_tags (string)" msgstr "realmd_tags (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2790 +#: sssd.conf.5.xml:2821 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" @@ -3764,12 +3806,12 @@ msgstr "" "Kennzeichnungen" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2796 +#: sssd.conf.5.xml:2827 msgid "cached_auth_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2799 +#: sssd.conf.5.xml:2830 msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " @@ -3777,20 +3819,58 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2805 +#: sssd.conf.5.xml:2836 msgid "Special value 0 implies that this feature is disabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2809 +#: sssd.conf.5.xml:2840 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " "<quote>initgroups.</quote>" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2851 +#, fuzzy +#| msgid "autofs_provider (string)" +msgid "auto_private_groups (string)" +msgstr "autofs_provider (Zeichenkette)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2854 +msgid "" +"If this option is enabled, SSSD will automatically create user private " +"groups based on user's UID number. The GID number is ignored in this case." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2859 +msgid "" +"For POSIX subdomains, setting the option in the main domain is inherited in " +"the subdomain." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2863 +msgid "" +"For ID-mapping subdomains, auto_private_groups is already enabled for the " +"subdomains and setting it to false will not have any effect for the " +"subdomain." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2868 +msgid "" +"NOTE: Because the GID number and the user private group are inferred from " +"the UID number, it is not supported to have multiple entries with the same " +"UID or GID number with this option. In other words, enabling this option " +"enforces uniqueness across the ID space." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1670 +#: sssd.conf.5.xml:1677 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -3802,17 +3882,17 @@ msgstr "" "\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2827 +#: sssd.conf.5.xml:2887 msgid "proxy_pam_target (string)" msgstr "proxy_pam_target (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2830 +#: sssd.conf.5.xml:2890 msgid "The proxy target PAM proxies to." msgstr "das Proxy-Ziel, an das PAM weiterleitet" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2833 +#: sssd.conf.5.xml:2893 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." @@ -3822,12 +3902,12 @@ msgstr "" "hinzufügen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2841 +#: sssd.conf.5.xml:2901 msgid "proxy_lib_name (string)" msgstr "proxy_lib_name (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2844 +#: sssd.conf.5.xml:2904 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -3838,12 +3918,12 @@ msgstr "" "$(libName)_$(function)«, zum Beispiel »_nss_files_getpwent«." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2854 +#: sssd.conf.5.xml:2914 msgid "proxy_fast_alias (boolean)" msgstr "proxy_fast_alias (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2857 +#: sssd.conf.5.xml:2917 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -3857,12 +3937,12 @@ msgstr "" "veranlassen, die ID im Zwischenspeicher nachzuschlagen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2871 +#: sssd.conf.5.xml:2931 msgid "proxy_max_children (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2874 +#: sssd.conf.5.xml:2934 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " @@ -3870,7 +3950,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:2823 +#: sssd.conf.5.xml:2883 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" @@ -3879,12 +3959,12 @@ msgstr "" "\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2890 +#: sssd.conf.5.xml:2950 msgid "Application domains" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2892 +#: sssd.conf.5.xml:2952 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> <refentrytitle>sssd-ifp</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) is appealing to " @@ -3901,7 +3981,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2912 +#: sssd.conf.5.xml:2972 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " @@ -3909,17 +3989,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:2918 +#: sssd.conf.5.xml:2978 msgid "Application domain parameters" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2920 +#: sssd.conf.5.xml:2980 msgid "inherit_from (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2923 +#: sssd.conf.5.xml:2983 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " @@ -3928,7 +4008,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2937 +#: sssd.conf.5.xml:2997 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " @@ -3938,7 +4018,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:2945 +#: sssd.conf.5.xml:3005 #, no-wrap msgid "" "[sssd]\n" @@ -3958,12 +4038,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2963 +#: sssd.conf.5.xml:3023 msgid "The local domain section" msgstr "Der Abschnitt lokale Domain" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2965 +#: sssd.conf.5.xml:3025 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -3974,29 +4054,29 @@ msgstr "" "<replaceable>ID_Anbieter=lokal</replaceable> benutzt." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2972 +#: sssd.conf.5.xml:3032 msgid "default_shell (string)" msgstr "default_shell (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2975 +#: sssd.conf.5.xml:3035 msgid "The default shell for users created with SSSD userspace tools." msgstr "" "die Standard-Shell für Anwender, die mit den SSSD-Werkzeugen für den " "Benutzerbereich erstellt wurde." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2979 +#: sssd.conf.5.xml:3039 msgid "Default: <filename>/bin/bash</filename>" msgstr "Voreinstellung: <filename>/bin/bash</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2984 +#: sssd.conf.5.xml:3044 msgid "base_directory (string)" msgstr "base_directory (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2987 +#: sssd.conf.5.xml:3047 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." @@ -4005,17 +4085,17 @@ msgstr "" "replaceable> und benutzen dies als Home-Verzeichnis." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2992 +#: sssd.conf.5.xml:3052 msgid "Default: <filename>/home</filename>" msgstr "Voreinstellung: <filename>/home</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2997 +#: sssd.conf.5.xml:3057 msgid "create_homedir (bool)" msgstr "create_homedir (Boolesch)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3000 +#: sssd.conf.5.xml:3060 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." @@ -4024,17 +4104,17 @@ msgstr "" "werden soll; kann auf der Befehlszeile überschrieben werden" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3004 sssd.conf.5.xml:3016 +#: sssd.conf.5.xml:3064 sssd.conf.5.xml:3076 msgid "Default: TRUE" msgstr "Voreinstellung: TRUE" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3009 +#: sssd.conf.5.xml:3069 msgid "remove_homedir (bool)" msgstr "remove_homedir (Boolesch)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3012 +#: sssd.conf.5.xml:3072 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." @@ -4043,12 +4123,12 @@ msgstr "" "entfernt werden soll; kann auf der Befehlszeile überschrieben werden" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3021 +#: sssd.conf.5.xml:3081 msgid "homedir_umask (integer)" msgstr "homedir_umask (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3024 +#: sssd.conf.5.xml:3084 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -4059,17 +4139,17 @@ msgstr "" "Standardzugriffsrechte für ein neu erstelltes Home-Verzeichnis anzugeben." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3032 +#: sssd.conf.5.xml:3092 msgid "Default: 077" msgstr "Voreinstellung: 077" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3037 +#: sssd.conf.5.xml:3097 msgid "skel_dir (string)" msgstr "skel_dir (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3040 +#: sssd.conf.5.xml:3100 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -4082,17 +4162,17 @@ msgstr "" "<manvolnum>8</manvolnum> </citerefentry> erstellt wird" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3050 +#: sssd.conf.5.xml:3110 msgid "Default: <filename>/etc/skel</filename>" msgstr "Voreinstellung: <filename>/etc/skel</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3055 +#: sssd.conf.5.xml:3115 msgid "mail_dir (string)" msgstr "mail_dir (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3058 +#: sssd.conf.5.xml:3118 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -4103,17 +4183,17 @@ msgstr "" "wurde. Ist dies nicht angegeben wird ein Standardwert verwendet." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3065 +#: sssd.conf.5.xml:3125 msgid "Default: <filename>/var/mail</filename>" msgstr "Voreinstellung: <filename>/var/mail</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3070 +#: sssd.conf.5.xml:3130 msgid "userdel_cmd (string)" msgstr "userdel_cmd (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3073 +#: sssd.conf.5.xml:3133 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -4125,17 +4205,17 @@ msgstr "" "berücksichtigt." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3079 +#: sssd.conf.5.xml:3139 msgid "Default: None, no command is run" msgstr "Voreinstellung: keine, es wird kein Befehl ausgeführt" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3089 +#: sssd.conf.5.xml:3149 msgid "TRUSTED DOMAIN SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3091 +#: sssd.conf.5.xml:3151 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called <quote>[domain/" @@ -4146,64 +4226,64 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3098 +#: sssd.conf.5.xml:3158 msgid "ldap_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3099 +#: sssd.conf.5.xml:3159 msgid "ldap_user_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3100 +#: sssd.conf.5.xml:3160 msgid "ldap_group_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3101 +#: sssd.conf.5.xml:3161 msgid "ldap_netgroup_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3102 +#: sssd.conf.5.xml:3162 msgid "ldap_service_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3103 +#: sssd.conf.5.xml:3163 msgid "ad_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3104 +#: sssd.conf.5.xml:3164 msgid "ad_backup_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3105 +#: sssd.conf.5.xml:3165 msgid "ad_site," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3106 +#: sssd.conf.5.xml:3166 msgid "use_fully_qualified_names" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3108 +#: sssd.conf.5.xml:3168 msgid "" "For more details about these options see their individual description in the " "manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3114 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:3174 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3120 +#: sssd.conf.5.xml:3180 #, no-wrap msgid "" "[sssd]\n" @@ -4257,7 +4337,7 @@ msgstr "" "enumerate = False\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3116 +#: sssd.conf.5.xml:3176 #, fuzzy #| msgid "" #| "The following example shows a typical SSSD config. It does not describe " @@ -4276,7 +4356,7 @@ msgstr "" "\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3153 +#: sssd.conf.5.xml:3213 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" @@ -4284,7 +4364,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3147 +#: sssd.conf.5.xml:3207 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -4346,7 +4426,7 @@ msgstr "" "unter »ldap_access_filter«." #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:75 sssd-ad.5.xml:99 +#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:81 sssd-ad.5.xml:112 #: sssd-krb5.5.xml:63 sssd-ifp.5.xml:44 sssd-files.5.xml:57 #: sssd-secrets.5.xml:120 sssd-session-recording.5.xml:58 sssd-kcm.8.xml:139 msgid "CONFIGURATION OPTIONS" @@ -4470,7 +4550,7 @@ msgstr "" "rfc/rfc2254.txt spezifiziert, sein." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:662 sssd-ad.5.xml:270 +#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:662 sssd-ad.5.xml:283 #: sss_override.8.xml:137 sss_override.8.xml:234 msgid "Examples:" msgstr "Beispiele:" @@ -4700,7 +4780,7 @@ msgid "The LDAP attribute that corresponds to the user's primary group id." msgstr "das LDAP-Attribut, das zu der Hauptgruppen-ID des Benutzers gehört" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:297 sssd-ldap.5.xml:920 +#: sssd-ldap.5.xml:297 sssd-ldap.5.xml:929 msgid "Default: gidNumber" msgstr "Voreinstellung: gidNumber" @@ -4781,7 +4861,7 @@ msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:364 sssd-ldap.5.xml:946 +#: sssd-ldap.5.xml:364 sssd-ldap.5.xml:955 msgid "" "Default: not set in the general case, objectGUID for AD and ipaUniqueID for " "IPA" @@ -4802,7 +4882,7 @@ msgstr "" "Dies wird normalerweise nur für Active-Directory-Server benötigt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:379 sssd-ldap.5.xml:961 +#: sssd-ldap.5.xml:379 sssd-ldap.5.xml:970 msgid "Default: objectSid for ActiveDirectory, not set for other servers." msgstr "" @@ -4812,7 +4892,7 @@ msgid "ldap_user_modify_timestamp (string)" msgstr "ldap_user_modify_timestamp (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:389 sssd-ldap.5.xml:971 sssd-ldap.5.xml:1194 +#: sssd-ldap.5.xml:389 sssd-ldap.5.xml:980 sssd-ldap.5.xml:1203 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." @@ -4821,7 +4901,7 @@ msgstr "" "übergeordneten Objekt enthält" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:393 sssd-ldap.5.xml:975 sssd-ldap.5.xml:1201 +#: sssd-ldap.5.xml:393 sssd-ldap.5.xml:984 sssd-ldap.5.xml:1210 msgid "Default: modifyTimestamp" msgstr "Voreinstellung: modifyTimestamp" @@ -5217,7 +5297,7 @@ msgstr "" "das LDAP-Attribut, das die öffentlichen SSH-Schlüssel des Benutzers enthält" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:692 +#: sssd-ldap.5.xml:692 sssd-ldap.5.xml:1306 msgid "Default: sshPublicKey" msgstr "" @@ -5289,8 +5369,8 @@ msgid "The LDAP attribute that corresponds to the user's full name." msgstr "das LDAP-Attribut, das dem vollständigen Benutzernamen entspricht" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:759 sssd-ldap.5.xml:1152 sssd-ldap.5.xml:1226 -#: sssd-ldap.5.xml:2276 sssd-ipa.5.xml:588 +#: sssd-ldap.5.xml:759 sssd-ldap.5.xml:1161 sssd-ldap.5.xml:1235 +#: sssd-ldap.5.xml:1344 sssd-ldap.5.xml:2394 sssd-ipa.5.xml:607 msgid "Default: cn" msgstr "Voreinstellung: cn" @@ -5306,7 +5386,7 @@ msgstr "" "das LDAP-Attribut, das die Gruppenmitgliedschaften des Benutzers aufführt" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:772 +#: sssd-ldap.5.xml:772 sssd-ldap.5.xml:1274 msgid "Default: memberOf" msgstr "Voreinstellung: memberOf" @@ -5480,81 +5560,91 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:881 +msgid "" +"Note: If an email address of a user conflicts with an email address or fully " +"qualified name of another user, then SSSD will not be able to serve those " +"users properly. If for some reason several users need to share the same " +"email address then set this option to a nonexistent attribute name in order " +"to disable user lookup/login by email." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:890 msgid "Default: mail" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:887 +#: sssd-ldap.5.xml:896 msgid "ldap_group_object_class (string)" msgstr "ldap_group_object_class (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:890 +#: sssd-ldap.5.xml:899 msgid "The object class of a group entry in LDAP." msgstr "die Objektklasse eines Gruppeneintrags in LDAP" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:893 +#: sssd-ldap.5.xml:902 msgid "Default: posixGroup" msgstr "Voreinstellung: posixGroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:899 +#: sssd-ldap.5.xml:908 msgid "ldap_group_name (string)" msgstr "ldap_group_name (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:902 +#: sssd-ldap.5.xml:911 msgid "The LDAP attribute that corresponds to the group name." msgstr "das LDAP-Attribut, das dem Gruppennamen entspricht" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:906 +#: sssd-ldap.5.xml:915 msgid "Default: cn (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:913 +#: sssd-ldap.5.xml:922 msgid "ldap_group_gid_number (string)" msgstr "ldap_group_gid_number (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:916 +#: sssd-ldap.5.xml:925 msgid "The LDAP attribute that corresponds to the group's id." msgstr "das LDAP-Attribut, das der Gruppen-ID entspricht" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:926 +#: sssd-ldap.5.xml:935 msgid "ldap_group_member (string)" msgstr "ldap_group_member (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:929 +#: sssd-ldap.5.xml:938 msgid "The LDAP attribute that contains the names of the group's members." msgstr "das LDAP-Attribut, das die Namen der Gruppenmitglieder enthält" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:933 +#: sssd-ldap.5.xml:942 msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" msgstr "Voreinstellung: memberuid (rfc2307) / member (rfc2307bis)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:939 +#: sssd-ldap.5.xml:948 msgid "ldap_group_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:942 +#: sssd-ldap.5.xml:951 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:953 +#: sssd-ldap.5.xml:962 msgid "ldap_group_objectsid (string)" msgstr "ldap_group_objectsid (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:956 +#: sssd-ldap.5.xml:965 msgid "" "The LDAP attribute that contains the objectSID of an LDAP group object. This " "is usually only necessary for ActiveDirectory servers." @@ -5563,17 +5653,17 @@ msgstr "" "wird normalerweise nur für Active-Directory-Server benötigt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:968 +#: sssd-ldap.5.xml:977 msgid "ldap_group_modify_timestamp (string)" msgstr "ldap_group_modify_timestamp (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:981 +#: sssd-ldap.5.xml:990 msgid "ldap_group_type (integer)" msgstr "ldap_group_type (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:984 +#: sssd-ldap.5.xml:993 msgid "" "The LDAP attribute that contains an integer value indicating the type of the " "group and maybe other flags." @@ -5582,7 +5672,7 @@ msgstr "" "eventuell weitere Flags enthält." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:989 +#: sssd-ldap.5.xml:998 msgid "" "This attribute is currently only used by the AD provider to determine if a " "group is a domain local groups and has to be filtered out for trusted " @@ -5593,34 +5683,34 @@ msgstr "" "Domains herausgefiltert werden sollte." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:995 +#: sssd-ldap.5.xml:1004 msgid "Default: groupType in the AD provider, otherwise not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1002 +#: sssd-ldap.5.xml:1011 msgid "ldap_group_external_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1005 +#: sssd-ldap.5.xml:1014 msgid "" "The LDAP attribute that references group members that are defined in an " "external domain. At the moment, only IPA's external members are supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1011 +#: sssd-ldap.5.xml:1020 msgid "Default: ipaExternalMember in the IPA provider, otherwise unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1018 +#: sssd-ldap.5.xml:1027 msgid "ldap_group_nesting_level (integer)" msgstr "ldap_group_nesting_level (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1021 +#: sssd-ldap.5.xml:1030 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -5632,7 +5722,7 @@ msgstr "" "das Schema RFC2307." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1028 +#: sssd-ldap.5.xml:1037 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -5649,7 +5739,7 @@ msgstr "" "erfolgt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1037 +#: sssd-ldap.5.xml:1046 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " @@ -5659,17 +5749,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1046 +#: sssd-ldap.5.xml:1055 msgid "Default: 2" msgstr "Voreinstellung: 2" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1052 +#: sssd-ldap.5.xml:1061 msgid "ldap_groups_use_matching_rule_in_chain" msgstr "ldap_groups_use_matching_rule_in_chain" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1055 +#: sssd-ldap.5.xml:1064 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which may speed up group lookup operations on deployments with " @@ -5681,7 +5771,7 @@ msgstr "" "beschleunigen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1061 +#: sssd-ldap.5.xml:1070 msgid "" "In most common cases, it is best to leave this option disabled. It generally " "only provides a performance increase on very complex nestings." @@ -5691,7 +5781,7 @@ msgstr "" "Leistungssteigerung." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1066 sssd-ldap.5.xml:1093 +#: sssd-ldap.5.xml:1075 sssd-ldap.5.xml:1102 msgid "" "If this option is enabled, SSSD will use it if it detects that the server " "supports it during initial connection. So \"True\" here essentially means " @@ -5702,7 +5792,7 @@ msgstr "" "»True« eigentlich »auto-detect«." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1072 sssd-ldap.5.xml:1099 +#: sssd-ldap.5.xml:1081 sssd-ldap.5.xml:1108 msgid "" "Note: This feature is currently known to work only with Active Directory " "2008 R1 and later. See <ulink url=\"http://msdn.microsoft.com/en-us/library/" @@ -5715,12 +5805,12 @@ msgstr "" "aa746475%28v=vs.85%29.aspx\"> MSDN™-Dokumentation</ulink>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1084 +#: sssd-ldap.5.xml:1093 msgid "ldap_initgroups_use_matching_rule_in_chain" msgstr "ldap_initgroups_use_matching_rule_in_chain" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1087 +#: sssd-ldap.5.xml:1096 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which might speed up initgroups operations (most notably when " @@ -5732,7 +5822,7 @@ msgstr "" "verschachtelten Gruppen)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1114 +#: sssd-ldap.5.xml:1123 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." @@ -5742,76 +5832,76 @@ msgstr "" "und neuere Versionen ausgeführt wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1119 +#: sssd-ldap.5.xml:1128 msgid "Default: True for AD and IPA otherwise False." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1125 +#: sssd-ldap.5.xml:1134 msgid "ldap_netgroup_object_class (string)" msgstr "ldap_netgroup_object_class (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1128 +#: sssd-ldap.5.xml:1137 msgid "The object class of a netgroup entry in LDAP." msgstr "die Objektklasse eines Netzgruppeneintrags in LDAP" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1131 +#: sssd-ldap.5.xml:1140 msgid "In IPA provider, ipa_netgroup_object_class should be used instead." msgstr "" "Beim IPA-Anbieter sollte stattdessen »ipa_netgroup_object_class« benutzt " "werden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1135 +#: sssd-ldap.5.xml:1144 msgid "Default: nisNetgroup" msgstr "Voreinstellung: nisNetgroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1141 +#: sssd-ldap.5.xml:1150 msgid "ldap_netgroup_name (string)" msgstr "ldap_netgroup_name (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1144 +#: sssd-ldap.5.xml:1153 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "das LDAP-Attribut, das dem Netzgruppennamen entspricht" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1148 +#: sssd-ldap.5.xml:1157 msgid "In IPA provider, ipa_netgroup_name should be used instead." msgstr "" "Beim IPA-Anbieter sollte stattdessen »ipa_netgroup_name« benutzt werden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1158 +#: sssd-ldap.5.xml:1167 msgid "ldap_netgroup_member (string)" msgstr "ldap_netgroup_member (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1161 +#: sssd-ldap.5.xml:1170 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "das LDAP-Attribut, das die Namen der Netzgruppenmitglieder enthält" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1165 +#: sssd-ldap.5.xml:1174 msgid "In IPA provider, ipa_netgroup_member should be used instead." msgstr "" "Beim IPA-Anbieter sollte stattdessen »ipa_netgroup_member« benutzt werden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1169 +#: sssd-ldap.5.xml:1178 msgid "Default: memberNisNetgroup" msgstr "Voreinstellung: memberNisNetgroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1175 +#: sssd-ldap.5.xml:1184 msgid "ldap_netgroup_triple (string)" msgstr "ldap_netgroup_triple (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1178 +#: sssd-ldap.5.xml:1187 msgid "" "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" @@ -5819,42 +5909,180 @@ msgstr "" "enthält" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1182 sssd-ldap.5.xml:1198 +#: sssd-ldap.5.xml:1191 sssd-ldap.5.xml:1207 msgid "This option is not available in IPA provider." msgstr "Diese Option ist für IPA-Anbieter nicht verfügbar." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1185 +#: sssd-ldap.5.xml:1194 msgid "Default: nisNetgroupTriple" msgstr "Voreinstellung: nisNetgroupTriple" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1191 +#: sssd-ldap.5.xml:1200 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "ldap_netgroup_modify_timestamp (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1207 -msgid "ldap_service_object_class (string)" -msgstr "ldap_service_object_class (Zeichenkette)" +#: sssd-ldap.5.xml:1216 +#, fuzzy +#| msgid "ldap_user_object_class (string)" +msgid "ldap_host_object_class (string)" +msgstr "ldap_user_object_class (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1210 -msgid "The object class of a service entry in LDAP." -msgstr "die Objektklasse eines Diensteintrags in LDAP" +#: sssd-ldap.5.xml:1219 +#, fuzzy +#| msgid "The object class of a user entry in LDAP." +msgid "The object class of a host entry in LDAP." +msgstr "die Objektklasse eines Benutzereintrags in LDAP" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1213 +#: sssd-ldap.5.xml:1222 sssd-ldap.5.xml:1331 msgid "Default: ipService" msgstr "Voreinstellung: ipService" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1219 +#: sssd-ldap.5.xml:1228 +#, fuzzy +#| msgid "ad_hostname (string)" +msgid "ldap_host_name (string)" +msgstr "ad_hostname (Zeichenkette)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1231 sssd-ldap.5.xml:1257 +#, fuzzy +#| msgid "The LDAP attribute that corresponds to the group name." +msgid "The LDAP attribute that corresponds to the host's name." +msgstr "das LDAP-Attribut, das dem Gruppennamen entspricht" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1241 +#, fuzzy +#| msgid "ldap_sudo_hostnames (string)" +msgid "ldap_host_fqdn (string)" +msgstr "ldap_sudo_hostnames (Zeichenkette)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1244 +#, fuzzy +#| msgid "The LDAP attribute that corresponds to the user's full name." +msgid "" +"The LDAP attribute that corresponds to the host's fully-qualified domain " +"name." +msgstr "das LDAP-Attribut, das dem vollständigen Benutzernamen entspricht" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1248 +#, fuzzy +#| msgid "Default: cn" +msgid "Default: fqdn" +msgstr "Voreinstellung: cn" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1254 +#, fuzzy +#| msgid "ldap_dns_service_name (string)" +msgid "ldap_host_serverhostname (string)" +msgstr "ldap_dns_service_name (Zeichenkette)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1261 +#, fuzzy +#| msgid "Default: sudoHost" +msgid "Default: serverHostname" +msgstr "Voreinstellung: sudoHost" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1267 +#, fuzzy +#| msgid "ldap_user_member_of (string)" +msgid "ldap_host_member_of (string)" +msgstr "ldap_user_member_of (Zeichenkette)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1270 +#, fuzzy +#| msgid "The LDAP attribute that lists the user's group memberships." +msgid "The LDAP attribute that lists the host's group memberships." +msgstr "" +"das LDAP-Attribut, das die Gruppenmitgliedschaften des Benutzers aufführt" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1280 +#, fuzzy +#| msgid "ipa_host_search_base (string)" +msgid "ldap_host_search_base (string)" +msgstr "ipa_host_search_base (Zeichenkette)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1283 +msgid "Optional. Use the given string as search base for host objects." +msgstr "" +"optional, verwendet die angegebene Zeichenkette als Suchgrundlage für " +"Rechnerobjekte" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1287 sssd-ipa.5.xml:359 sssd-ipa.5.xml:378 +#: sssd-ipa.5.xml:397 sssd-ipa.5.xml:416 +msgid "" +"See <quote>ldap_search_base</quote> for information about configuring " +"multiple search bases." +msgstr "" +"Informationen über das Konfigurieren mehrerer Suchgrundlagen finden Sie " +"unter »ldap_search_base«." + +#. type: Content of: <listitem><para> +#: sssd-ldap.5.xml:1292 sssd-ipa.5.xml:364 include/ldap_search_bases.xml:27 +msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" +msgstr "Voreinstellung: der Wert von <emphasis>ldap_search_base</emphasis>" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1299 +#, fuzzy +#| msgid "ldap_user_ssh_public_key (string)" +msgid "ldap_host_ssh_public_key (string)" +msgstr "ldap_user_ssh_public_key (Zeichenkette)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1302 +#, fuzzy +#| msgid "The LDAP attribute that contains the user's SSH public keys." +msgid "The LDAP attribute that contains the host's SSH public keys." +msgstr "" +"das LDAP-Attribut, das die öffentlichen SSH-Schlüssel des Benutzers enthält" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1312 +#, fuzzy +#| msgid "ldap_sasl_authid (string)" +msgid "ldap_host_uuid (string)" +msgstr "ldap_sasl_authid (Zeichenkette)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1315 +#, fuzzy +#| msgid "The LDAP attribute that contains the port managed by this service." +msgid "The LDAP attribute that contains the UUID/GUID of an LDAP host object." +msgstr "das LDAP-Attribut, das den von diesem Dienst verwalteten Port enthält" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1325 +msgid "ldap_service_object_class (string)" +msgstr "ldap_service_object_class (Zeichenkette)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1328 +msgid "The object class of a service entry in LDAP." +msgstr "die Objektklasse eines Diensteintrags in LDAP" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1337 msgid "ldap_service_name (string)" msgstr "ldap_service_name (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1222 +#: sssd-ldap.5.xml:1340 msgid "" "The LDAP attribute that contains the name of service attributes and their " "aliases." @@ -5862,49 +6090,49 @@ msgstr "" "das LDAP-Attribut, das die Namen von Dienstattributen und ihre Alias enthält" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1232 +#: sssd-ldap.5.xml:1350 msgid "ldap_service_port (string)" msgstr "ldap_service_port (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1235 +#: sssd-ldap.5.xml:1353 msgid "The LDAP attribute that contains the port managed by this service." msgstr "das LDAP-Attribut, das den von diesem Dienst verwalteten Port enthält" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1239 +#: sssd-ldap.5.xml:1357 msgid "Default: ipServicePort" msgstr "Voreinstellung: ipServicePort" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1245 +#: sssd-ldap.5.xml:1363 msgid "ldap_service_proto (string)" msgstr "ldap_service_proto (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1248 +#: sssd-ldap.5.xml:1366 msgid "" "The LDAP attribute that contains the protocols understood by this service." msgstr "" "das LDAP-Attribut, das die von diesem Dienst verstandenen Protokolle enthält" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1252 +#: sssd-ldap.5.xml:1370 msgid "Default: ipServiceProtocol" msgstr "Voreinstellung: ipServiceProtocol" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1258 +#: sssd-ldap.5.xml:1376 msgid "ldap_service_search_base (string)" msgstr "ldap_service_search_base (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1263 +#: sssd-ldap.5.xml:1381 msgid "ldap_search_timeout (integer)" msgstr "ldap_search_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1266 +#: sssd-ldap.5.xml:1384 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -5915,7 +6143,7 @@ msgstr "" "Ergebnisse zurückgegeben werden (und in den Offline-Modus gegangen wird)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1272 +#: sssd-ldap.5.xml:1390 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -5926,12 +6154,12 @@ msgstr "" "Zeitüberschreitungspunkten für spezielle Nachschlagetypen ersetzt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1284 +#: sssd-ldap.5.xml:1402 msgid "ldap_enumeration_search_timeout (integer)" msgstr "ldap_enumeration_search_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1287 +#: sssd-ldap.5.xml:1405 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -5943,12 +6171,12 @@ msgstr "" "(und in den Offline-Modus gegangen wird)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1300 +#: sssd-ldap.5.xml:1418 msgid "ldap_network_timeout (integer)" msgstr "ldap_network_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1303 +#: sssd-ldap.5.xml:1421 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -5965,12 +6193,12 @@ msgstr "" "citerefentry> zurückkehrt, falls keine Aktivität stattfindet." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1326 +#: sssd-ldap.5.xml:1444 msgid "ldap_opt_timeout (integer)" msgstr "ldap_opt_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1329 +#: sssd-ldap.5.xml:1447 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -5979,12 +6207,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1344 +#: sssd-ldap.5.xml:1462 msgid "ldap_connection_expire_timeout (integer)" msgstr "ldap_connection_expire_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1347 +#: sssd-ldap.5.xml:1465 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -5998,17 +6226,17 @@ msgstr "" "Lebensdauer) verwendet." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1355 sssd-ldap.5.xml:2433 +#: sssd-ldap.5.xml:1473 sssd-ldap.5.xml:2551 msgid "Default: 900 (15 minutes)" msgstr "Voreinstellung: 900 (15 Minuten)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1361 +#: sssd-ldap.5.xml:1479 msgid "ldap_page_size (integer)" msgstr "ldap_page_size (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1364 +#: sssd-ldap.5.xml:1482 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." @@ -6018,17 +6246,17 @@ msgstr "" "pro Anfrage." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1369 +#: sssd-ldap.5.xml:1487 msgid "Default: 1000" msgstr "Voreinstellung: 1000" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1375 +#: sssd-ldap.5.xml:1493 msgid "ldap_disable_paging (boolean)" msgstr "ldap_disable_paging (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1378 +#: sssd-ldap.5.xml:1496 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -6040,7 +6268,7 @@ msgstr "" "deaktiviert ist oder sich nicht ordnungsgemäß verhält." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1384 +#: sssd-ldap.5.xml:1502 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." @@ -6050,7 +6278,7 @@ msgstr "" "aber nicht in der Lage, es zu benutzen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1390 +#: sssd-ldap.5.xml:1508 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -6062,17 +6290,17 @@ msgstr "" "abgelehnt werden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1402 +#: sssd-ldap.5.xml:1520 msgid "ldap_disable_range_retrieval (boolean)" msgstr "ldap_disable_range_retrieval (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1405 +#: sssd-ldap.5.xml:1523 msgid "Disable Active Directory range retrieval." msgstr "deaktiviert die Bereichsabfrage von Active Directory" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1408 +#: sssd-ldap.5.xml:1526 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -6088,12 +6316,12 @@ msgstr "" "es so aussehen, als ob große Gruppen keine Mitglieder hätten." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1423 +#: sssd-ldap.5.xml:1541 msgid "ldap_sasl_minssf (integer)" msgstr "ldap_sasl_minssf (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1426 +#: sssd-ldap.5.xml:1544 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -6104,19 +6332,19 @@ msgstr "" "Werte dieser Option werden durch OpenLDAP definiert." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1432 +#: sssd-ldap.5.xml:1550 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" "Voreinstellung: verwendet die Voreinstellungen des System (normalerweise in " "»ldap.conf« angegeben)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1439 +#: sssd-ldap.5.xml:1557 msgid "ldap_deref_threshold (integer)" msgstr "ldap_deref_threshold (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1442 +#: sssd-ldap.5.xml:1560 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -6128,7 +6356,7 @@ msgstr "" "nachgeschlagen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1448 +#: sssd-ldap.5.xml:1566 msgid "" "You can turn off dereference lookups completely by setting the value to 0." msgstr "" @@ -6136,7 +6364,7 @@ msgstr "" "den Wert auf 0 setzen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1452 +#: sssd-ldap.5.xml:1570 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -6149,7 +6377,7 @@ msgstr "" "unterstützten Server sind 389/RHDS, OpenLDAP und Active Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1460 +#: sssd-ldap.5.xml:1578 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -6160,12 +6388,12 @@ msgstr "" "Nachschlagen ohne Rücksicht auf die Einstellung deaktiviert." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1473 +#: sssd-ldap.5.xml:1591 msgid "ldap_tls_reqcert (string)" msgstr "ldap_tls_reqcert (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1476 +#: sssd-ldap.5.xml:1594 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" @@ -6175,7 +6403,7 @@ msgstr "" "Werte angegeben werden:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1482 +#: sssd-ldap.5.xml:1600 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." @@ -6184,7 +6412,7 @@ msgstr "" "oder anfordern." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1486 +#: sssd-ldap.5.xml:1604 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -6196,7 +6424,7 @@ msgstr "" "Sitzung fährt normal fort." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1493 +#: sssd-ldap.5.xml:1611 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -6207,7 +6435,7 @@ msgstr "" "ungültiges Zertifikat bereitgestellt wird, wird die Sitzung sofort beendet." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1499 +#: sssd-ldap.5.xml:1617 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -6218,22 +6446,22 @@ msgstr "" "sofort beendet." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1505 +#: sssd-ldap.5.xml:1623 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "<emphasis>hard</emphasis> = entspricht »demand«" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1509 +#: sssd-ldap.5.xml:1627 msgid "Default: hard" msgstr "Voreinstellung: hard" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1515 +#: sssd-ldap.5.xml:1633 msgid "ldap_tls_cacert (string)" msgstr "ldap_tls_cacert (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1518 +#: sssd-ldap.5.xml:1636 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." @@ -6242,7 +6470,7 @@ msgstr "" "die <command>sssd</command> erkennen wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1523 sssd-ldap.5.xml:1541 sssd-ldap.5.xml:1582 +#: sssd-ldap.5.xml:1641 sssd-ldap.5.xml:1659 sssd-ldap.5.xml:1700 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" @@ -6251,12 +6479,12 @@ msgstr "" "<filename>/etc/openldap/ldap.conf</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1530 +#: sssd-ldap.5.xml:1648 msgid "ldap_tls_cacertdir (string)" msgstr "ldap_tls_cacertdir (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1533 +#: sssd-ldap.5.xml:1651 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -6270,33 +6498,33 @@ msgstr "" "Erstellen der korrekten Namen verwendet werden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1548 +#: sssd-ldap.5.xml:1666 msgid "ldap_tls_cert (string)" msgstr "ldap_tls_cert (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1551 +#: sssd-ldap.5.xml:1669 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" "gibt die Datei an, die das Zertifikat für den Schlüssel des Clients enthält." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1561 +#: sssd-ldap.5.xml:1679 msgid "ldap_tls_key (string)" msgstr "ldap_tls_key (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1564 +#: sssd-ldap.5.xml:1682 msgid "Specifies the file that contains the client's key." msgstr "gibt die Datei an, die den Schlüssel des Clients enthält." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1573 +#: sssd-ldap.5.xml:1691 msgid "ldap_tls_cipher_suite (string)" msgstr "ldap_tls_cipher_suite (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1576 +#: sssd-ldap.5.xml:1694 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -6304,12 +6532,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1589 +#: sssd-ldap.5.xml:1707 msgid "ldap_id_use_start_tls (boolean)" msgstr "ldap_id_use_start_tls (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1592 +#: sssd-ldap.5.xml:1710 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." @@ -6318,12 +6546,12 @@ msgstr "" "\">tls</systemitem> benutzen muss, um den Kanal abzusichern." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1602 +#: sssd-ldap.5.xml:1720 msgid "ldap_id_mapping (boolean)" msgstr "ldap_id_mapping (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1605 +#: sssd-ldap.5.xml:1723 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -6335,19 +6563,19 @@ msgstr "" "verlassen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1611 +#: sssd-ldap.5.xml:1729 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" "Derzeit unterstützt diese Funktionalität nur das Abbilden von Active-" "Directory-ObjectSIDs." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1621 +#: sssd-ldap.5.xml:1739 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1624 +#: sssd-ldap.5.xml:1742 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -6366,17 +6594,17 @@ msgstr "" "Abbildung von IDs wählen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1636 +#: sssd-ldap.5.xml:1754 msgid "Default: not set (both options are set to 0)" msgstr "Voreinstellung: nicht gesetzt (beide Optionen sind auf 0 gesetzt)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1642 +#: sssd-ldap.5.xml:1760 msgid "ldap_sasl_mech (string)" msgstr "ldap_sasl_mech (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1645 +#: sssd-ldap.5.xml:1763 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI is tested and " "supported." @@ -6385,12 +6613,12 @@ msgstr "" "GSSAPI getestet und wird unterstützt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1655 +#: sssd-ldap.5.xml:1773 msgid "ldap_sasl_authid (string)" msgstr "ldap_sasl_authid (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1658 +#: sssd-ldap.5.xml:1776 msgid "" "Specify the SASL authorization id to use. When GSSAPI is used, this " "represents the Kerberos principal used for authentication to the directory. " @@ -6405,17 +6633,17 @@ msgstr "" "enthalten." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1666 +#: sssd-ldap.5.xml:1784 msgid "Default: host/hostname@REALM" msgstr "Voreinstellung Rechner/MeinRechner@BEREICH" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1672 +#: sssd-ldap.5.xml:1790 msgid "ldap_sasl_realm (string)" msgstr "ldap_sasl_realm (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1675 +#: sssd-ldap.5.xml:1793 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -6426,17 +6654,17 @@ msgstr "" "»ldap_sasl_authid« ebenfalls den Realm enthält, wird diese Option ignoriert." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1681 +#: sssd-ldap.5.xml:1799 msgid "Default: the value of krb5_realm." msgstr "Voreinstellung: der Wert von »krb5_realm«" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1687 +#: sssd-ldap.5.xml:1805 msgid "ldap_sasl_canonicalize (boolean)" msgstr "ldap_sasl_canonicalize (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1690 +#: sssd-ldap.5.xml:1808 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." @@ -6446,34 +6674,34 @@ msgstr "" "Bind in eine kanonische Form zu bringen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1695 +#: sssd-ldap.5.xml:1813 msgid "Default: false;" msgstr "Voreinstellung: false;" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1701 +#: sssd-ldap.5.xml:1819 msgid "ldap_krb5_keytab (string)" msgstr "ldap_krb5_keytab (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1704 +#: sssd-ldap.5.xml:1822 msgid "Specify the keytab to use when using SASL/GSSAPI." msgstr "gibt die Keytab an, wenn SASL/GSSAPI benutzt wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1707 +#: sssd-ldap.5.xml:1825 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" "Voreinstellung: Keytab des Systems, normalerweise <filename>/etc/krb5." "keytab</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1713 +#: sssd-ldap.5.xml:1831 msgid "ldap_krb5_init_creds (boolean)" msgstr "ldap_krb5_init_creds (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1716 +#: sssd-ldap.5.xml:1834 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -6484,28 +6712,28 @@ msgstr "" "ausgewählte Mechnaismus GSSAPI ist." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1728 +#: sssd-ldap.5.xml:1846 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "ldap_krb5_ticket_lifetime (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1731 +#: sssd-ldap.5.xml:1849 msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." msgstr "" "gibt die Lebensdauer eines TGT in Sekunden an, falls GSSAPI benutzt wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1735 sssd-ad.5.xml:914 +#: sssd-ldap.5.xml:1853 sssd-ad.5.xml:934 msgid "Default: 86400 (24 hours)" msgstr "Voreinstellung: 86400 (24 Stunden)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1741 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1859 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "krb5_server, krb5_backup_server (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1744 +#: sssd-ldap.5.xml:1862 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -6524,7 +6752,7 @@ msgstr "" "Weitere Informationen finden Sie im Abschnitt »DIENSTSUCHE«." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1756 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1874 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -6535,7 +6763,7 @@ msgstr "" "Protokoll angeben. Falls keine gefunden werden, weicht es auf _tcp aus." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1761 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1879 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -6547,29 +6775,29 @@ msgstr "" "migrieren." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1770 sssd-ipa.5.xml:432 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1888 sssd-ipa.5.xml:428 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "krb5_realm (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1773 +#: sssd-ldap.5.xml:1891 msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." msgstr "gibt den Kerberos-REALM an (für SASL/GSSAPI-Authentifizierung)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1776 +#: sssd-ldap.5.xml:1894 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" "Voreinstellung: Systemvoreinstellungen, siehe <filename>/etc/krb5.conf</" "filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1782 sssd-krb5.5.xml:462 +#: sssd-ldap.5.xml:1900 sssd-krb5.5.xml:462 msgid "krb5_canonicalize (boolean)" msgstr "krb5_canonicalize (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1785 +#: sssd-ldap.5.xml:1903 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" @@ -6579,12 +6807,12 @@ msgstr "" "Kerberos >= 1.7 verfügbar." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1797 sssd-krb5.5.xml:477 +#: sssd-ldap.5.xml:1915 sssd-krb5.5.xml:477 msgid "krb5_use_kdcinfo (boolean)" msgstr "krb5_use_kdcinfo (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1800 sssd-krb5.5.xml:480 +#: sssd-ldap.5.xml:1918 sssd-krb5.5.xml:480 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -6600,7 +6828,7 @@ msgstr "" "manvolnum> </citerefentry> einrichten." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1811 sssd-krb5.5.xml:491 +#: sssd-ldap.5.xml:1929 sssd-krb5.5.xml:491 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -6611,12 +6839,12 @@ msgstr "" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1825 +#: sssd-ldap.5.xml:1943 msgid "ldap_pwd_policy (string)" msgstr "ldap_pwd_policy (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1828 +#: sssd-ldap.5.xml:1946 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" @@ -6625,7 +6853,7 @@ msgstr "" "Passworts abgeschätzt werden soll. Die folgenden Werte sind erlaubt:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1833 +#: sssd-ldap.5.xml:1951 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." @@ -6634,7 +6862,7 @@ msgstr "" "kann keine Server-seitigen Passwortregelwerke deaktivieren." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1838 +#: sssd-ldap.5.xml:1956 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -6645,7 +6873,7 @@ msgstr "" "manvolnum></citerefentry>, um abzuschätzen, ob das Passwort erloschen ist." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1844 +#: sssd-ldap.5.xml:1962 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -6657,7 +6885,7 @@ msgstr "" "Passwort geändert wurde." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1853 +#: sssd-ldap.5.xml:1971 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." @@ -6667,17 +6895,17 @@ msgstr "" "festgelegten Regel." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1861 +#: sssd-ldap.5.xml:1979 msgid "ldap_referrals (boolean)" msgstr "ldap_referrals (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1864 +#: sssd-ldap.5.xml:1982 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "gibt an, ob automatische Verweisverfolgung aktiviert werden soll." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1868 +#: sssd-ldap.5.xml:1986 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." @@ -6686,7 +6914,7 @@ msgstr "" "mit OpenLDAP Version 2.4.13 oder höher kompiliert wurde." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1873 +#: sssd-ldap.5.xml:1991 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -6700,28 +6928,28 @@ msgstr "" "merkliche Leistungsverbesserung bringen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1887 +#: sssd-ldap.5.xml:2005 msgid "ldap_dns_service_name (string)" msgstr "ldap_dns_service_name (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1890 +#: sssd-ldap.5.xml:2008 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" "gibt an, welcher Dienstname bei aktivierter Dienstsuche benutzt werden soll." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1894 +#: sssd-ldap.5.xml:2012 msgid "Default: ldap" msgstr "Voreinstellung: ldap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1900 +#: sssd-ldap.5.xml:2018 msgid "ldap_chpass_dns_service_name (string)" msgstr "ldap_chpass_dns_service_name (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1903 +#: sssd-ldap.5.xml:2021 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." @@ -6730,17 +6958,17 @@ msgstr "" "soll, der Passwortänderungen bei aktivierter Dienstsuche ermöglicht." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1908 +#: sssd-ldap.5.xml:2026 msgid "Default: not set, i.e. service discovery is disabled" msgstr "Voreinstellung: nicht gesetzt, d.h. Dienstsuche ist deaktiviert" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1914 +#: sssd-ldap.5.xml:2032 msgid "ldap_chpass_update_last_change (bool)" msgstr "ldap_chpass_update_last_change (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1917 +#: sssd-ldap.5.xml:2035 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." @@ -6749,12 +6977,12 @@ msgstr "" "Passwortänderung mit Unix-Zeit geändert wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1929 +#: sssd-ldap.5.xml:2047 msgid "ldap_access_filter (string)" msgstr "ldap_access_filter (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1932 +#: sssd-ldap.5.xml:2050 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -6784,12 +7012,12 @@ msgstr "" "refentrytitle><manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1952 +#: sssd-ldap.5.xml:2070 msgid "Example:" msgstr "Beispiel:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1955 +#: sssd-ldap.5.xml:2073 #, no-wrap msgid "" "access_provider = ldap\n" @@ -6801,7 +7029,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1959 +#: sssd-ldap.5.xml:2077 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." @@ -6810,7 +7038,7 @@ msgstr "" "beschränkt, deren employeeType-Attribut auf »admin« gesetzt ist." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1964 +#: sssd-ldap.5.xml:2082 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -6819,17 +7047,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1972 sssd-ldap.5.xml:2029 +#: sssd-ldap.5.xml:2090 sssd-ldap.5.xml:2147 msgid "Default: Empty" msgstr "Voreinstellung: leer" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1978 +#: sssd-ldap.5.xml:2096 msgid "ldap_account_expire_policy (string)" msgstr "ldap_account_expire_policy (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1981 +#: sssd-ldap.5.xml:2099 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." @@ -6838,7 +7066,7 @@ msgstr "" "Zugriffssteuerungsattribute aktiviert werden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1985 +#: sssd-ldap.5.xml:2103 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -6849,12 +7077,12 @@ msgstr "" "einem geeigneten Fehlercode zurückweisen, wenn das Passwort korrekt ist." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1992 +#: sssd-ldap.5.xml:2110 msgid "The following values are allowed:" msgstr "Die folgenden Werte sind erlaubt:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1995 +#: sssd-ldap.5.xml:2113 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." @@ -6863,7 +7091,7 @@ msgstr "" "»ldap_user_shadow_expire«, um zu bestimmen, ob das Konto abgelaufen ist." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2000 +#: sssd-ldap.5.xml:2118 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -6876,7 +7104,7 @@ msgstr "" "gewährt. Außerdem wird die Ablaufzeit des Kontos geprüft." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2007 +#: sssd-ldap.5.xml:2125 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -6887,7 +7115,7 @@ msgstr "" "Zugriff erlaubt wird oder nicht." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2013 +#: sssd-ldap.5.xml:2131 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -6900,7 +7128,7 @@ msgstr "" "Zugriff gewährt wird. Falls diese Attribute fehlen, wird Zugriff erteilt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2022 +#: sssd-ldap.5.xml:2140 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -6911,24 +7139,24 @@ msgstr "" "»ldap_account_expire_policy« funktioniert." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2035 +#: sssd-ldap.5.xml:2153 msgid "ldap_access_order (string)" msgstr "ldap_access_order (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2038 +#: sssd-ldap.5.xml:2156 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" "durch Kommata getrennte Liste von Zugriffssteuerungsoptionen. Folgende Werte " "sind erlaubt:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2042 +#: sssd-ldap.5.xml:2160 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "<emphasis>filter</emphasis>: verwendet »ldap_access_filter«." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2045 +#: sssd-ldap.5.xml:2163 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6938,14 +7166,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2055 +#: sssd-ldap.5.xml:2173 msgid "" "<emphasis> Please note that this option is superseded by the <quote>ppolicy</" "quote> option and might be removed in a future release. </emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2062 +#: sssd-ldap.5.xml:2180 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6958,12 +7186,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2079 +#: sssd-ldap.5.xml:2197 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "<emphasis>expire</emphasis>: verwendet »ldap_account_expire_policy«." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2083 +#: sssd-ldap.5.xml:2201 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " @@ -6973,7 +7201,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2093 +#: sssd-ldap.5.xml:2211 msgid "" "The difference between these options is the action taken if user password is " "expired: pwd_expire_policy_reject - user is denied to log in, " @@ -6983,20 +7211,20 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2101 +#: sssd-ldap.5.xml:2219 msgid "" "Note If user password is expired no explicit message is prompted by SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2105 +#: sssd-ldap.5.xml:2223 msgid "" "Please note that 'access_provider = ldap' must be set for this feature to " "work. Also 'ldap_pwd_policy' must be set to an appropriate password policy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2110 +#: sssd-ldap.5.xml:2228 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" @@ -7005,14 +7233,14 @@ msgstr "" "»authorizedService«, um zu bestimmen, ob Zugriff gewährt wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2115 +#: sssd-ldap.5.xml:2233 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" "<emphasis>host</emphasis>: verwendet das Attribut »host«, um zu bestimmen, " "ob Zugriff gewährt wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2119 +#: sssd-ldap.5.xml:2237 #, fuzzy #| msgid "" #| "<emphasis>host</emphasis>: use the host attribute to determine access" @@ -7024,19 +7252,19 @@ msgstr "" "ob Zugriff gewährt wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2123 +#: sssd-ldap.5.xml:2241 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control option" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2128 +#: sssd-ldap.5.xml:2246 msgid "Default: filter" msgstr "Voreinstellung: filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2131 +#: sssd-ldap.5.xml:2249 msgid "" "Please note that it is a configuration error if a value is used more than " "once." @@ -7045,12 +7273,12 @@ msgstr "" "mehr als einmal benutzt wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2138 +#: sssd-ldap.5.xml:2256 msgid "ldap_pwdlockout_dn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2141 +#: sssd-ldap.5.xml:2259 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " @@ -7059,22 +7287,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2149 +#: sssd-ldap.5.xml:2267 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2152 +#: sssd-ldap.5.xml:2270 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2158 +#: sssd-ldap.5.xml:2276 msgid "ldap_deref (string)" msgstr "ldap_deref (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2161 +#: sssd-ldap.5.xml:2279 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" @@ -7083,12 +7311,12 @@ msgstr "" "folgenden Optionen sind erlaubt:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2166 +#: sssd-ldap.5.xml:2284 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "<emphasis>never</emphasis>: Alias werden nie dereferenziert." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2170 +#: sssd-ldap.5.xml:2288 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." @@ -7098,7 +7326,7 @@ msgstr "" "Suche." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2175 +#: sssd-ldap.5.xml:2293 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." @@ -7107,7 +7335,7 @@ msgstr "" "der Suche dereferenziert." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2180 +#: sssd-ldap.5.xml:2298 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." @@ -7116,7 +7344,7 @@ msgstr "" "Orten des Basisobjekts der Suche dereferenziert." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2185 +#: sssd-ldap.5.xml:2303 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" @@ -7125,12 +7353,12 @@ msgstr "" "<emphasis>never</emphasis> gehandhabt.)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2193 +#: sssd-ldap.5.xml:2311 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "ldap_rfc2307_fallback_to_local_users (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2196 +#: sssd-ldap.5.xml:2314 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." @@ -7139,7 +7367,7 @@ msgstr "" "beizubehalten, die das Schema RFC2307 benutzen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2200 +#: sssd-ldap.5.xml:2318 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -7157,7 +7385,7 @@ msgstr "" "getpw*() oder initgroups() abzurufen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2211 +#: sssd-ldap.5.xml:2329 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -7168,26 +7396,26 @@ msgstr "" "die lokalen Benutzer um zusätzliche LDAP-Gruppen erweitert werden." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2223 sssd-ifp.5.xml:136 +#: sssd-ldap.5.xml:2341 sssd-ifp.5.xml:136 #, fuzzy #| msgid "ldap_opt_timeout (integer)" msgid "wildcard_limit (integer)" msgstr "ldap_opt_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2226 +#: sssd-ldap.5.xml:2344 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2230 +#: sssd-ldap.5.xml:2348 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2234 +#: sssd-ldap.5.xml:2352 msgid "Default: 1000 (often the size of one page)" msgstr "" @@ -7207,12 +7435,12 @@ msgstr "" "type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2244 +#: sssd-ldap.5.xml:2362 msgid "SUDO OPTIONS" msgstr "SUDO-OPTIONEN" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2246 +#: sssd-ldap.5.xml:2364 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -7223,52 +7451,52 @@ msgstr "" "<manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2257 +#: sssd-ldap.5.xml:2375 msgid "ldap_sudorule_object_class (string)" msgstr "ldap_sudorule_object_class (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2260 +#: sssd-ldap.5.xml:2378 msgid "The object class of a sudo rule entry in LDAP." msgstr "die Objektklasse eines Sudo-Regeleintrags in LDAP" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2263 +#: sssd-ldap.5.xml:2381 msgid "Default: sudoRole" msgstr "Voreinstellung: sudoRole" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2269 +#: sssd-ldap.5.xml:2387 msgid "ldap_sudorule_name (string)" msgstr "ldap_sudorule_name (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2272 +#: sssd-ldap.5.xml:2390 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "das LDAP-Attribut, das dem Namen der Sudo-Regel entspricht" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2282 +#: sssd-ldap.5.xml:2400 msgid "ldap_sudorule_command (string)" msgstr "ldap_sudorule_command (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2285 +#: sssd-ldap.5.xml:2403 msgid "The LDAP attribute that corresponds to the command name." msgstr "das LDAP-Attribut, das dem Namen des Befehls entspricht" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2289 +#: sssd-ldap.5.xml:2407 msgid "Default: sudoCommand" msgstr "Voreinstellung: sudoCommand" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2295 +#: sssd-ldap.5.xml:2413 msgid "ldap_sudorule_host (string)" msgstr "ldap_sudorule_host (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2298 +#: sssd-ldap.5.xml:2416 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" @@ -7277,17 +7505,17 @@ msgstr "" "Netzwerk oder des Netzwerkgruppe des Rechners) entspricht" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2303 +#: sssd-ldap.5.xml:2421 msgid "Default: sudoHost" msgstr "Voreinstellung: sudoHost" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2309 +#: sssd-ldap.5.xml:2427 msgid "ldap_sudorule_user (string)" msgstr "ldap_sudorule_user (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2312 +#: sssd-ldap.5.xml:2430 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" @@ -7296,32 +7524,32 @@ msgstr "" "oder der Netzwerkgruppe des Benutzers) entspricht" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2316 +#: sssd-ldap.5.xml:2434 msgid "Default: sudoUser" msgstr "Voreinstellung: sudoUser" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2322 +#: sssd-ldap.5.xml:2440 msgid "ldap_sudorule_option (string)" msgstr "ldap_sudorule_option (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2325 +#: sssd-ldap.5.xml:2443 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "das LDAP-Attribut, das den Sudo-Optionen entspricht" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2329 +#: sssd-ldap.5.xml:2447 msgid "Default: sudoOption" msgstr "Voreinstellung: sudoOption" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2335 +#: sssd-ldap.5.xml:2453 msgid "ldap_sudorule_runasuser (string)" msgstr "ldap_sudorule_runasuser (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2338 +#: sssd-ldap.5.xml:2456 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." @@ -7330,17 +7558,17 @@ msgstr "" "ausgeführt werden können" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2342 +#: sssd-ldap.5.xml:2460 msgid "Default: sudoRunAsUser" msgstr "Voreinstellung: sudoRunAsUser" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2348 +#: sssd-ldap.5.xml:2466 msgid "ldap_sudorule_runasgroup (string)" msgstr "ldap_sudorule_runasgroup (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2351 +#: sssd-ldap.5.xml:2469 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." @@ -7349,17 +7577,17 @@ msgstr "" "worunter Befehle ausgeführt werden können" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2355 +#: sssd-ldap.5.xml:2473 msgid "Default: sudoRunAsGroup" msgstr "Voreinstellung: sudoRunAsGroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2361 +#: sssd-ldap.5.xml:2479 msgid "ldap_sudorule_notbefore (string)" msgstr "ldap_sudorule_notbefore (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2364 +#: sssd-ldap.5.xml:2482 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." @@ -7368,17 +7596,17 @@ msgstr "" "Sudo-Regel gültig wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2368 +#: sssd-ldap.5.xml:2486 msgid "Default: sudoNotBefore" msgstr "Voreinstellung: sudoNotBefore" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2374 +#: sssd-ldap.5.xml:2492 msgid "ldap_sudorule_notafter (string)" msgstr "ldap_sudorule_notafter (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2377 +#: sssd-ldap.5.xml:2495 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." @@ -7387,32 +7615,32 @@ msgstr "" "der die Sudo-Regel nicht länger gültig ist." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2382 +#: sssd-ldap.5.xml:2500 msgid "Default: sudoNotAfter" msgstr "Voreinstellung: sudoNotAfter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2388 +#: sssd-ldap.5.xml:2506 msgid "ldap_sudorule_order (string)" msgstr "ldap_sudorule_order (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2391 +#: sssd-ldap.5.xml:2509 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "das LDAP-Attribut, das dem Reihenfolgenindex der Regel entspricht" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2395 +#: sssd-ldap.5.xml:2513 msgid "Default: sudoOrder" msgstr "Voreinstellung: sudoOrder" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2401 +#: sssd-ldap.5.xml:2519 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "ldap_sudo_full_refresh_interval (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2404 +#: sssd-ldap.5.xml:2522 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." @@ -7422,7 +7650,7 @@ msgstr "" "heruntergeladen werden)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2409 +#: sssd-ldap.5.xml:2527 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" @@ -7431,17 +7659,17 @@ msgstr "" "emphasis> sein." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2414 +#: sssd-ldap.5.xml:2532 msgid "Default: 21600 (6 hours)" msgstr "Voreinstellung: 21600 (6 Stunden)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2420 +#: sssd-ldap.5.xml:2538 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "ldap_sudo_smart_refresh_interval (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2423 +#: sssd-ldap.5.xml:2541 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest USN " @@ -7452,7 +7680,7 @@ msgstr "" "höchste USN der zwischengespeicherten Regeln haben, heruntergeladen werden)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2429 +#: sssd-ldap.5.xml:2547 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." @@ -7461,12 +7689,12 @@ msgstr "" "das Attribut »modifyTimestamp« benutzt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2439 +#: sssd-ldap.5.xml:2557 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "ldap_sudo_use_host_filter (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2442 +#: sssd-ldap.5.xml:2560 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." @@ -7476,12 +7704,12 @@ msgstr "" "Netzwerkadressen und Rechnernamen)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2453 +#: sssd-ldap.5.xml:2571 msgid "ldap_sudo_hostnames (string)" msgstr "ldap_sudo_hostnames (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2456 +#: sssd-ldap.5.xml:2574 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." @@ -7490,7 +7718,7 @@ msgstr "" "Domain-Namen, die zum Filtern der Regeln benutzt werden sollen" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2461 +#: sssd-ldap.5.xml:2579 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." @@ -7499,8 +7727,8 @@ msgstr "" "voll qualifizierten Domain-Namen automatisch herauszufinden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2466 sssd-ldap.5.xml:2489 sssd-ldap.5.xml:2507 -#: sssd-ldap.5.xml:2525 +#: sssd-ldap.5.xml:2584 sssd-ldap.5.xml:2607 sssd-ldap.5.xml:2625 +#: sssd-ldap.5.xml:2643 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." @@ -7509,17 +7737,17 @@ msgstr "" "emphasis> ist, hat diese Option keine Auswirkungen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2471 sssd-ldap.5.xml:2494 +#: sssd-ldap.5.xml:2589 sssd-ldap.5.xml:2612 msgid "Default: not specified" msgstr "Voreinstellung: nicht angegeben" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2477 +#: sssd-ldap.5.xml:2595 msgid "ldap_sudo_ip (string)" msgstr "ldap_sudo_ip (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2480 +#: sssd-ldap.5.xml:2598 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." @@ -7528,7 +7756,7 @@ msgstr "" "Netzwerkadressen, die zum Filtern der Regeln benutzt werden sollen" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2485 +#: sssd-ldap.5.xml:2603 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." @@ -7537,12 +7765,12 @@ msgstr "" "herauszufinden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2500 +#: sssd-ldap.5.xml:2618 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "ldap_sudo_include_netgroups (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2503 +#: sssd-ldap.5.xml:2621 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." @@ -7551,12 +7779,12 @@ msgstr "" "eine Netzgruppe im Attribut »sudoHost« enthält." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2518 +#: sssd-ldap.5.xml:2636 msgid "ldap_sudo_include_regexp (boolean)" msgstr "ldap_sudo_include_regexp (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2521 +#: sssd-ldap.5.xml:2639 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." @@ -7565,7 +7793,7 @@ msgstr "" "einen Platzhalter im Attribut »sudoHost« enthält." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2537 +#: sssd-ldap.5.xml:2655 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -7578,87 +7806,87 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2547 +#: sssd-ldap.5.xml:2665 msgid "AUTOFS OPTIONS" msgstr "AUTOFS-OPTIONEN" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2549 +#: sssd-ldap.5.xml:2667 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2555 +#: sssd-ldap.5.xml:2673 msgid "ldap_autofs_map_master_name (string)" msgstr "ldap_autofs_map_master_name (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2558 +#: sssd-ldap.5.xml:2676 msgid "The name of the automount master map in LDAP." msgstr "Der Name der Automount-Master-Abbildung in LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2561 +#: sssd-ldap.5.xml:2679 msgid "Default: auto.master" msgstr "Voreinstellung: auto.master" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2568 +#: sssd-ldap.5.xml:2686 msgid "ldap_autofs_map_object_class (string)" msgstr "ldap_autofs_map_object_class (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2571 +#: sssd-ldap.5.xml:2689 msgid "The object class of an automount map entry in LDAP." msgstr "die Objektklasse eines Automount-Abbildungseintrags in LDAP" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2574 +#: sssd-ldap.5.xml:2692 msgid "Default: nisMap (rfc2307, autofs_provider=ad), otherwise automountMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2582 +#: sssd-ldap.5.xml:2700 msgid "ldap_autofs_map_name (string)" msgstr "ldap_autofs_map_name (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2585 +#: sssd-ldap.5.xml:2703 msgid "The name of an automount map entry in LDAP." msgstr "der Name eines Automount-Abbildungseintrags in LDAP" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2588 +#: sssd-ldap.5.xml:2706 msgid "" "Default: nisMapName (rfc2307, autofs_provider=ad), otherwise automountMapName" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2596 +#: sssd-ldap.5.xml:2714 msgid "ldap_autofs_entry_object_class (string)" msgstr "ldap_autofs_entry_object_class (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2599 +#: sssd-ldap.5.xml:2717 msgid "" "The object class of an automount entry in LDAP. The entry usually " "corresponds to a mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2604 +#: sssd-ldap.5.xml:2722 msgid "Default: nisObject (rfc2307, autofs_provider=ad), otherwise automount" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2612 +#: sssd-ldap.5.xml:2730 msgid "ldap_autofs_entry_key (string)" msgstr "ldap_autofs_entry_key (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2615 sssd-ldap.5.xml:2630 +#: sssd-ldap.5.xml:2733 sssd-ldap.5.xml:2748 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." @@ -7667,24 +7895,24 @@ msgstr "" "Eintrag einem Einhängepunkt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2619 +#: sssd-ldap.5.xml:2737 msgid "Default: cn (rfc2307, autofs_provider=ad), otherwise automountKey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2627 +#: sssd-ldap.5.xml:2745 msgid "ldap_autofs_entry_value (string)" msgstr "ldap_autofs_entry_value (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2634 +#: sssd-ldap.5.xml:2752 msgid "" "Default: nisMapEntry (rfc2307, autofs_provider=ad), otherwise " "automountInformation" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2553 +#: sssd-ldap.5.xml:2671 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " @@ -7697,32 +7925,32 @@ msgstr "" "\"variablelist\" id=\"4\"/> <placeholder type=\"variablelist\" id=\"5\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2645 +#: sssd-ldap.5.xml:2763 msgid "ADVANCED OPTIONS" msgstr "ERWEITERTE OPTIONEN" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2652 +#: sssd-ldap.5.xml:2770 msgid "ldap_netgroup_search_base (string)" msgstr "ldap_netgroup_search_base (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2657 +#: sssd-ldap.5.xml:2775 msgid "ldap_user_search_base (string)" msgstr "ldap_user_search_base (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2662 +#: sssd-ldap.5.xml:2780 msgid "ldap_group_search_base (string)" msgstr "ldap_group_search_base (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> -#: sssd-ldap.5.xml:2667 +#: sssd-ldap.5.xml:2785 msgid "<note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> -#: sssd-ldap.5.xml:2669 +#: sssd-ldap.5.xml:2787 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " @@ -7731,22 +7959,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist> -#: sssd-ldap.5.xml:2676 +#: sssd-ldap.5.xml:2794 msgid "</note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2678 +#: sssd-ldap.5.xml:2796 msgid "ldap_sudo_search_base (string)" msgstr "ldap_sudo_search_base (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2683 +#: sssd-ldap.5.xml:2801 msgid "ldap_autofs_search_base (string)" msgstr "ldap_autofs_search_base (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2647 +#: sssd-ldap.5.xml:2765 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -7755,14 +7983,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2698 sssd-simple.5.xml:131 sssd-ipa.5.xml:717 -#: sssd-ad.5.xml:1018 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 +#: sssd-ldap.5.xml:2816 sssd-simple.5.xml:131 sssd-ipa.5.xml:736 +#: sssd-ad.5.xml:1038 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 #: sssd-files.5.xml:71 sssd-session-recording.5.xml:144 msgid "EXAMPLE" msgstr "BEISPIEL" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2700 +#: sssd-ldap.5.xml:2818 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -7773,7 +8001,7 @@ msgstr "" "gesetzt ist." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2706 +#: sssd-ldap.5.xml:2824 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -7786,27 +8014,27 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2705 sssd-ldap.5.xml:2723 sssd-simple.5.xml:139 -#: sssd-ipa.5.xml:725 sssd-ad.5.xml:1026 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 +#: sssd-ldap.5.xml:2823 sssd-ldap.5.xml:2841 sssd-simple.5.xml:139 +#: sssd-ipa.5.xml:744 sssd-ad.5.xml:1046 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 #: sssd-files.5.xml:78 sssd-session-recording.5.xml:150 #: include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "<placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2717 +#: sssd-ldap.5.xml:2835 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2719 +#: sssd-ldap.5.xml:2837 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2724 +#: sssd-ldap.5.xml:2842 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -7822,13 +8050,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2739 sssd_krb5_locator_plugin.8.xml:61 sssd-simple.5.xml:148 -#: sssd-ad.5.xml:1041 sssd.8.xml:195 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2857 sssd_krb5_locator_plugin.8.xml:61 sssd-simple.5.xml:148 +#: sssd-ad.5.xml:1061 sssd.8.xml:230 sss_seed.8.xml:163 msgid "NOTES" msgstr "ANMERKUNGEN" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2741 +#: sssd-ldap.5.xml:2859 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -8332,7 +8560,7 @@ msgstr "" "Lokale Gruppen werden nicht ausgewertet." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:70 sssd-ipa.5.xml:76 sssd-ad.5.xml:100 +#: sssd-simple.5.xml:70 sssd-ipa.5.xml:82 sssd-ad.5.xml:113 msgid "" "Refer to the section <quote>DOMAIN SECTIONS</quote> of the <citerefentry> " "<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" @@ -9202,7 +9430,7 @@ msgstr "" #: sss-certmap.5.xml:577 msgid "" "This template will add the OID which is stored in the registeredID component " -"of the SAN as as dotted-decimal string." +"of the SAN as a dotted-decimal string." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> @@ -9303,6 +9531,14 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:67 msgid "" +"If <quote>auth_provider=ipa</quote> or <quote>access_provider=ipa</quote> is " +"configured in sssd.conf then the id_provider must also be set to <quote>ipa</" +"quote>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:73 +msgid "" "The IPA provider will use the PAC responder if the Kerberos tickets of users " "from trusted realms contain a PAC. To make configuration easier the PAC " "responder is started automatically if the IPA ID provider is configured." @@ -9313,12 +9549,12 @@ msgstr "" "falls der IPA-ID-Anbieter konfiguriert ist." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:83 +#: sssd-ipa.5.xml:89 msgid "ipa_domain (string)" msgstr "ipa_domain (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:86 +#: sssd-ipa.5.xml:92 msgid "" "Specifies the name of the IPA domain. This is optional. If not provided, " "the configuration domain name is used." @@ -9327,12 +9563,12 @@ msgstr "" "wird der Domain-Name der Konfiguration benutzt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:94 +#: sssd-ipa.5.xml:100 msgid "ipa_server, ipa_backup_server (string)" msgstr "ipa_server, ipa_backup_server (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:97 +#: sssd-ipa.5.xml:103 msgid "" "The comma-separated list of IP addresses or hostnames of the IPA servers to " "which SSSD should connect in the order of preference. For more information " @@ -9348,12 +9584,12 @@ msgstr "" "»DIENSTSUCHE«." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:110 +#: sssd-ipa.5.xml:116 msgid "ipa_hostname (string)" msgstr "ipa_hostname (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:113 +#: sssd-ipa.5.xml:119 #, fuzzy #| msgid "" #| "Optional. May be set on machines where the hostname(5) does not reflect " @@ -9368,12 +9604,12 @@ msgstr "" "zu identifizieren." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:122 sssd-ad.5.xml:843 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:863 msgid "dyndns_update (boolean)" msgstr "dyndns_update (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:125 +#: sssd-ipa.5.xml:131 msgid "" "Optional. This option tells SSSD to automatically update the DNS server " "built into FreeIPA with the IP address of this client. The update is secured " @@ -9383,7 +9619,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:134 sssd-ad.5.xml:857 +#: sssd-ipa.5.xml:140 sssd-ad.5.xml:877 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -9393,7 +9629,7 @@ msgstr "" "funktioniert." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:139 +#: sssd-ipa.5.xml:145 msgid "" "NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_update</" "emphasis> option, users should migrate to using <emphasis>dyndns_update</" @@ -9405,12 +9641,12 @@ msgstr "" "Konfigurationsdatei migrieren." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:151 sssd-ad.5.xml:868 +#: sssd-ipa.5.xml:157 sssd-ad.5.xml:888 msgid "dyndns_ttl (integer)" msgstr "dyndns_ttl (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:154 sssd-ad.5.xml:871 +#: sssd-ipa.5.xml:160 sssd-ad.5.xml:891 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -9422,7 +9658,7 @@ msgstr "" "Administrator gesetzt wurde." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:159 +#: sssd-ipa.5.xml:165 msgid "" "NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_ttl</" "emphasis> option, users should migrate to using <emphasis>dyndns_ttl</" @@ -9434,17 +9670,17 @@ msgstr "" "migrieren." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:165 +#: sssd-ipa.5.xml:171 msgid "Default: 1200 (seconds)" msgstr "Voreinstellung: 1200 (Sekunden)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:171 sssd-ad.5.xml:882 +#: sssd-ipa.5.xml:177 sssd-ad.5.xml:902 msgid "dyndns_iface (string)" msgstr "dyndns_iface (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:174 sssd-ad.5.xml:885 +#: sssd-ipa.5.xml:180 sssd-ad.5.xml:905 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " @@ -9453,7 +9689,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:181 +#: sssd-ipa.5.xml:187 msgid "" "NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_iface</" "emphasis> option, users should migrate to using <emphasis>dyndns_iface</" @@ -9465,24 +9701,24 @@ msgstr "" "Konfigurationsdatei migrieren." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:187 +#: sssd-ipa.5.xml:193 msgid "" "Default: Use the IP addresses of the interface which is used for IPA LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:191 sssd-ad.5.xml:896 +#: sssd-ipa.5.xml:197 sssd-ad.5.xml:916 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:197 sssd-ad.5.xml:947 +#: sssd-ipa.5.xml:203 sssd-ad.5.xml:967 msgid "dyndns_auth (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:200 sssd-ad.5.xml:950 +#: sssd-ipa.5.xml:206 sssd-ad.5.xml:970 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " @@ -9490,22 +9726,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:206 sssd-ad.5.xml:956 +#: sssd-ipa.5.xml:212 sssd-ad.5.xml:976 msgid "Default: GSS-TSIG" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:212 +#: sssd-ipa.5.xml:218 msgid "ipa_enable_dns_sites (boolean)" msgstr "ipa_enable_dns_sites (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:215 sssd-ad.5.xml:197 +#: sssd-ipa.5.xml:221 sssd-ad.5.xml:210 msgid "Enables DNS sites - location based service discovery." msgstr "aktiviert DNS-Sites – standortbasierte Dienstsuche" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:219 +#: sssd-ipa.5.xml:225 msgid "" "If true and service discovery (see Service Discovery paragraph at the bottom " "of the man page) is enabled, then the SSSD will first attempt location " @@ -9525,12 +9761,12 @@ msgstr "" "gefundenen als Sicherungsserver." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:238 sssd-ad.5.xml:902 +#: sssd-ipa.5.xml:244 sssd-ad.5.xml:922 msgid "dyndns_refresh_interval (integer)" msgstr "dyndns_refresh_interval (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:241 +#: sssd-ipa.5.xml:247 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -9541,12 +9777,12 @@ msgstr "" "Diese Option ist optional und nur anwendbar, wenn »dyndns_update« »true« ist." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:254 sssd-ad.5.xml:920 +#: sssd-ipa.5.xml:260 sssd-ad.5.xml:940 msgid "dyndns_update_ptr (bool)" msgstr "dyndns_update_ptr (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:257 sssd-ad.5.xml:923 +#: sssd-ipa.5.xml:263 sssd-ad.5.xml:943 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -9556,7 +9792,7 @@ msgstr "" "»dyndns_update« »true« ist" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:262 +#: sssd-ipa.5.xml:268 msgid "" "This option should be False in most IPA deployments as the IPA server " "generates the PTR records automatically when forward records are changed." @@ -9566,17 +9802,17 @@ msgstr "" "Weiterleitungsdatensätze ändern." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:268 +#: sssd-ipa.5.xml:274 msgid "Default: False (disabled)" msgstr "Voreinstellung: False (deaktiviert)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:274 sssd-ad.5.xml:934 +#: sssd-ipa.5.xml:280 sssd-ad.5.xml:954 msgid "dyndns_force_tcp (bool)" msgstr "dyndns_force_tcp (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:277 sssd-ad.5.xml:937 +#: sssd-ipa.5.xml:283 sssd-ad.5.xml:957 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." @@ -9585,50 +9821,50 @@ msgstr "" "DNS-Server verwenden soll" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:281 sssd-ad.5.xml:941 +#: sssd-ipa.5.xml:287 sssd-ad.5.xml:961 msgid "Default: False (let nsupdate choose the protocol)" msgstr "Voreinstellung: False (lässt Nsupdate das Protokoll auswählen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:287 sssd-ad.5.xml:962 +#: sssd-ipa.5.xml:293 sssd-ad.5.xml:982 msgid "dyndns_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:290 sssd-ad.5.xml:965 +#: sssd-ipa.5.xml:296 sssd-ad.5.xml:985 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:295 sssd-ad.5.xml:970 +#: sssd-ipa.5.xml:301 sssd-ad.5.xml:990 msgid "" "Setting this option makes sense for environments where the DNS server is " "different from the identity server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:300 sssd-ad.5.xml:975 +#: sssd-ipa.5.xml:306 sssd-ad.5.xml:995 msgid "" "Please note that this option will be only used in fallback attempt when " "previous attempt using autodetected settings failed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:305 sssd-ad.5.xml:980 +#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1000 msgid "Default: None (let nsupdate choose the server)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:311 +#: sssd-ipa.5.xml:317 #, fuzzy #| msgid "ipa_host_search_base (string)" msgid "ipa_deskprofile_search_base (string)" msgstr "ipa_host_search_base (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:314 +#: sssd-ipa.5.xml:320 #, fuzzy #| msgid "" #| "Optional. Use the given string as search base for HBAC related objects." @@ -9640,112 +9876,95 @@ msgstr "" "bezogene Objekte" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:318 sssd-ipa.5.xml:331 +#: sssd-ipa.5.xml:324 sssd-ipa.5.xml:337 msgid "Default: Use base DN" msgstr "Voreinstellung: verwendet Basis-DN" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:324 +#: sssd-ipa.5.xml:330 msgid "ipa_hbac_search_base (string)" msgstr "ipa_hbac_search_base (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:327 +#: sssd-ipa.5.xml:333 msgid "Optional. Use the given string as search base for HBAC related objects." msgstr "" "optional, verwendet die angegebene Zeichenkette als Suchgrundlage für HBAC-" "bezogene Objekte" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:337 +#: sssd-ipa.5.xml:343 msgid "ipa_host_search_base (string)" msgstr "ipa_host_search_base (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:340 -msgid "Optional. Use the given string as search base for host objects." -msgstr "" -"optional, verwendet die angegebene Zeichenkette als Suchgrundlage für " -"Rechnerobjekte" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:344 sssd-ipa.5.xml:363 sssd-ipa.5.xml:382 sssd-ipa.5.xml:401 -#: sssd-ipa.5.xml:420 -msgid "" -"See <quote>ldap_search_base</quote> for information about configuring " -"multiple search bases." +#: sssd-ipa.5.xml:346 +msgid "Deprecated. Use ldap_host_search_base instead." msgstr "" -"Informationen über das Konfigurieren mehrerer Suchgrundlagen finden Sie " -"unter »ldap_search_base«." - -#. type: Content of: <listitem><para> -#: sssd-ipa.5.xml:349 sssd-ipa.5.xml:368 include/ldap_search_bases.xml:27 -msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" -msgstr "Voreinstellung: der Wert von <emphasis>ldap_search_base</emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:356 +#: sssd-ipa.5.xml:352 msgid "ipa_selinux_search_base (string)" msgstr "ipa_selinux_search_base (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:359 +#: sssd-ipa.5.xml:355 msgid "Optional. Use the given string as search base for SELinux user maps." msgstr "" "optional, verwendet die angegebene Zeichenkette als Suchgrundlage für " "SELinux-Benutzerabbildungen" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:375 +#: sssd-ipa.5.xml:371 msgid "ipa_subdomains_search_base (string)" msgstr "ipa_subdomains_search_base (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:378 +#: sssd-ipa.5.xml:374 msgid "Optional. Use the given string as search base for trusted domains." msgstr "" "optional, verwendet die angegebene Zeichenkette als Suchgrundlage für " "vertrauenswürdige Domains" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:387 +#: sssd-ipa.5.xml:383 msgid "Default: the value of <emphasis>cn=trusts,%basedn</emphasis>" msgstr "Voreinstellung: der Wert von <emphasis>cn=trusts,%basedn</emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:394 +#: sssd-ipa.5.xml:390 msgid "ipa_master_domain_search_base (string)" msgstr "ipa_master_domain_search_base (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:397 +#: sssd-ipa.5.xml:393 msgid "Optional. Use the given string as search base for master domain object." msgstr "" "optional, verwendet die angegebene Zeichenkette als Suchgrundlage für das " "Master-Domain-Objekt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:406 +#: sssd-ipa.5.xml:402 msgid "Default: the value of <emphasis>cn=ad,cn=etc,%basedn</emphasis>" msgstr "Voreinstellung: der Wert von <emphasis>cn=ad,cn=etc,%basedn</emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:413 +#: sssd-ipa.5.xml:409 msgid "ipa_views_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:416 +#: sssd-ipa.5.xml:412 msgid "Optional. Use the given string as search base for views containers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:425 +#: sssd-ipa.5.xml:421 msgid "Default: the value of <emphasis>cn=views,cn=accounts,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:435 +#: sssd-ipa.5.xml:431 msgid "" "The name of the Kerberos realm. This is optional and defaults to the value " "of <quote>ipa_domain</quote>." @@ -9754,7 +9973,7 @@ msgstr "" "Wert von »ipa_domain«." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:439 +#: sssd-ipa.5.xml:435 msgid "" "The name of the Kerberos realm has a special meaning in IPA - it is " "converted into the base DN to use for performing LDAP operations." @@ -9764,39 +9983,39 @@ msgstr "" "zu verwenden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:447 sssd-ad.5.xml:989 +#: sssd-ipa.5.xml:443 sssd-ad.5.xml:1009 msgid "krb5_confd_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:450 sssd-ad.5.xml:992 +#: sssd-ipa.5.xml:446 sssd-ad.5.xml:1012 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:454 sssd-ad.5.xml:996 +#: sssd-ipa.5.xml:450 sssd-ad.5.xml:1016 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:458 sssd-ad.5.xml:1000 +#: sssd-ipa.5.xml:454 sssd-ad.5.xml:1020 msgid "" "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:465 +#: sssd-ipa.5.xml:461 #, fuzzy #| msgid "ipa_hbac_refresh (integer)" msgid "ipa_deskprofile_refresh (integer)" msgstr "ipa_hbac_refresh (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:468 +#: sssd-ipa.5.xml:464 #, fuzzy #| msgid "" #| "The amount of time between lookups of the HBAC rules against the IPA " @@ -9812,19 +10031,19 @@ msgstr "" "Zugriffssteuerungsanfragen in einer kurzen Zeitspanne ankommen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:475 sssd-ipa.5.xml:505 sssd-ipa.5.xml:521 sssd-ad.5.xml:408 +#: sssd-ipa.5.xml:471 sssd-ipa.5.xml:501 sssd-ipa.5.xml:517 sssd-ad.5.xml:428 msgid "Default: 5 (seconds)" msgstr "Voreinstellung: 5 (Sekunden)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:481 +#: sssd-ipa.5.xml:477 #, fuzzy #| msgid "ldap_sudo_full_refresh_interval (integer)" msgid "ipa_deskprofile_request_interval (integer)" msgstr "ldap_sudo_full_refresh_interval (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:484 +#: sssd-ipa.5.xml:480 #, fuzzy #| msgid "" #| "The amount of time between lookups of the HBAC rules against the IPA " @@ -9839,19 +10058,19 @@ msgstr "" "Zugriffssteuerungsanfragen in einer kurzen Zeitspanne ankommen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:489 +#: sssd-ipa.5.xml:485 #, fuzzy #| msgid "Default: 900 (15 minutes)" msgid "Default: 60 (minutes)" msgstr "Voreinstellung: 900 (15 Minuten)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:495 +#: sssd-ipa.5.xml:491 msgid "ipa_hbac_refresh (integer)" msgstr "ipa_hbac_refresh (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:498 +#: sssd-ipa.5.xml:494 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server. " "This will reduce the latency and load on the IPA server if there are many " @@ -9862,12 +10081,12 @@ msgstr "" "Zugriffssteuerungsanfragen in einer kurzen Zeitspanne ankommen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:511 +#: sssd-ipa.5.xml:507 msgid "ipa_hbac_selinux (integer)" msgstr "ipa_hbac_selinux (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:514 +#: sssd-ipa.5.xml:510 msgid "" "The amount of time between lookups of the SELinux maps against the IPA " "server. This will reduce the latency and load on the IPA server if there are " @@ -9878,192 +10097,214 @@ msgstr "" "viele Benutzeranmeldeanfragen in einer kurzen Zeitspanne ankommen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:527 +#: sssd-ipa.5.xml:523 msgid "ipa_server_mode (boolean)" msgstr "ipa_server_mode (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:530 +#: sssd-ipa.5.xml:526 msgid "" "This option will be set by the IPA installer (ipa-server-install) " "automatically and denotes if SSSD is running on an IPA server or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:535 +#: sssd-ipa.5.xml:531 msgid "" "On an IPA server SSSD will lookup users and groups from trusted domains " "directly while on a client it will ask an IPA server." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:536 +msgid "" +"NOTE: There are currently some assumptions that must be met when SSSD is " +"running on an IPA server." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ipa.5.xml:541 +msgid "" +"The <quote>ipa_server</quote> option must be configured to point to the IPA " +"server itself. This is already the default set by the IPA installer, so no " +"manual change is required." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ipa.5.xml:550 +msgid "" +"The <quote>full_name_format</quote> option must not be tweaked to only print " +"short names for users from trusted domains." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:546 +#: sssd-ipa.5.xml:565 msgid "ipa_automount_location (string)" msgstr "ipa_automount_location (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:549 +#: sssd-ipa.5.xml:568 msgid "The automounter location this IPA client will be using" msgstr "der Ort des Automounters, den dieser IPA-Client benutzen wird" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:552 +#: sssd-ipa.5.xml:571 msgid "Default: The location named \"default\"" msgstr "Voreinstellung: der Ort namens »default«" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:560 +#: sssd-ipa.5.xml:579 msgid "VIEWS AND OVERRIDES" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:569 +#: sssd-ipa.5.xml:588 msgid "ipa_view_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:572 +#: sssd-ipa.5.xml:591 msgid "Objectclass of the view container." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:575 +#: sssd-ipa.5.xml:594 msgid "Default: nsContainer" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:581 +#: sssd-ipa.5.xml:600 msgid "ipa_view_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:584 +#: sssd-ipa.5.xml:603 msgid "Name of the attribute holding the name of the view." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:594 +#: sssd-ipa.5.xml:613 msgid "ipa_override_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:597 +#: sssd-ipa.5.xml:616 msgid "Objectclass of the override objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:600 +#: sssd-ipa.5.xml:619 msgid "Default: ipaOverrideAnchor" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:606 +#: sssd-ipa.5.xml:625 msgid "ipa_anchor_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:609 +#: sssd-ipa.5.xml:628 msgid "" "Name of the attribute containing the reference to the original object in a " "remote domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:613 +#: sssd-ipa.5.xml:632 msgid "Default: ipaAnchorUUID" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:619 +#: sssd-ipa.5.xml:638 msgid "ipa_user_override_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:622 +#: sssd-ipa.5.xml:641 msgid "" "Name of the objectclass for user overrides. It is used to determine if the " "found override object is related to a user or a group." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:627 +#: sssd-ipa.5.xml:646 msgid "User overrides can contain attributes given by" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:630 +#: sssd-ipa.5.xml:649 msgid "ldap_user_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:633 +#: sssd-ipa.5.xml:652 msgid "ldap_user_uid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:636 +#: sssd-ipa.5.xml:655 msgid "ldap_user_gid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:639 +#: sssd-ipa.5.xml:658 msgid "ldap_user_gecos" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:642 +#: sssd-ipa.5.xml:661 msgid "ldap_user_home_directory" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:645 +#: sssd-ipa.5.xml:664 msgid "ldap_user_shell" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:648 +#: sssd-ipa.5.xml:667 msgid "ldap_user_ssh_public_key" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:653 +#: sssd-ipa.5.xml:672 msgid "Default: ipaUserOverride" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:659 +#: sssd-ipa.5.xml:678 msgid "ipa_group_override_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:662 +#: sssd-ipa.5.xml:681 msgid "" "Name of the objectclass for group overrides. It is used to determine if the " "found override object is related to a user or a group." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:667 +#: sssd-ipa.5.xml:686 msgid "Group overrides can contain attributes given by" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:670 +#: sssd-ipa.5.xml:689 msgid "ldap_group_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:673 +#: sssd-ipa.5.xml:692 msgid "ldap_group_gid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:678 +#: sssd-ipa.5.xml:697 msgid "Default: ipaGroupOverride" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:562 +#: sssd-ipa.5.xml:581 msgid "" "SSSD can handle views and overrides which are offered by FreeIPA 4.1 and " "later version. Since all paths and objectclasses are fixed on the server " @@ -10073,12 +10314,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ipa.5.xml:690 +#: sssd-ipa.5.xml:709 msgid "SUBDOMAINS PROVIDER" msgstr "ANBIETER VON UNTER-DOMAINS" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:692 +#: sssd-ipa.5.xml:711 msgid "" "The IPA subdomains provider behaves slightly differently if it is configured " "explicitly or implicitly." @@ -10087,7 +10328,7 @@ msgstr "" "ob er explizit oder implizit konfiguriert wurde." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:696 +#: sssd-ipa.5.xml:715 msgid "" "If the option 'subdomains_provider = ipa' is found in the domain section of " "sssd.conf, the IPA subdomains provider is configured explicitly, and all " @@ -10098,7 +10339,7 @@ msgstr "" "und alle Subdomain-Anfragen werden, falls nötig, an den IPA-Server gesandt." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:702 +#: sssd-ipa.5.xml:721 msgid "" "If the option 'subdomains_provider' is not set in the domain section of sssd." "conf but there is the option 'id_provider = ipa', the IPA subdomains " @@ -10117,7 +10358,7 @@ msgstr "" "online gegangen ist, wird der Subdomain-Anbieter erneut aktiviert." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:719 +#: sssd-ipa.5.xml:738 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -10129,7 +10370,7 @@ msgstr "" "Optionen von IPA." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:726 +#: sssd-ipa.5.xml:745 #, no-wrap msgid "" "[domain/example.com]\n" @@ -10170,7 +10411,7 @@ msgid "" "This provider requires that the machine be joined to the AD domain and a " "keytab is available. Back end communication occurs over a GSSAPI-encrypted " "channel, SSL/TLS options should not be used with the AD provider and will be " -"superceded by Kerberos usage." +"superseded by Kerberos usage." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> @@ -10221,8 +10462,16 @@ msgid "" "side." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ad.5.xml:79 +msgid "" +"If <quote>auth_provider=ad</quote> or <quote>access_provider=ad</quote> is " +"configured in sssd.conf then the id_provider must also be set to <quote>ad</" +"quote>." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:85 +#: sssd-ad.5.xml:91 #, no-wrap msgid "" "ldap_id_mapping = False\n" @@ -10232,16 +10481,31 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:79 +#: sssd-ad.5.xml:85 +#, fuzzy +#| msgid "" +#| "By default, the AD provider will map UID and GID values from the " +#| "objectSID parameter in Active Directory. For details on this, see the " +#| "<quote>ID MAPPING</quote> section below. If you want to disable ID " +#| "mapping and instead rely on POSIX attributes defined in Active Directory, " +#| "you should set <placeholder type=\"programlisting\" id=\"0\"/> In order " +#| "to retrieve users and groups using POSIX attributes from trusted domains, " +#| "the AD administrator must make sure that the POSIX attributes are " +#| "replicated to the Global Catalog." msgid "" "By default, the AD provider will map UID and GID values from the objectSID " "parameter in Active Directory. For details on this, see the <quote>ID " "MAPPING</quote> section below. If you want to disable ID mapping and instead " "rely on POSIX attributes defined in Active Directory, you should set " -"<placeholder type=\"programlisting\" id=\"0\"/> In order to retrieve users " -"and groups using POSIX attributes from trusted domains, the AD administrator " -"must make sure that the POSIX attributes are replicated to the Global " -"Catalog." +"<placeholder type=\"programlisting\" id=\"0\"/> If POSIX attributes should " +"be used, it is recommended for performance reasons that the attributes are " +"also replicated to the Global Catalog. If POSIX attributes are replicated, " +"SSSD will attempt to locate the domain of a requested numerical ID with the " +"help of the Global Catalog and only search that domain. In contrast, if " +"POSIX attributes are not replicated to the Global Catalog, SSSD must search " +"all the domains in the forest sequentially. Please note that the " +"<quote>cache_first</quote> option might be also helpful in speeding up " +"domainless searches." msgstr "" "Standardmäßig bildet der Active-Directory-Anbieter die Werte für Benutzer- " "und Gruppen-ID des objectSID-Parameters in Active Directory ab. Details " @@ -10254,7 +10518,7 @@ msgstr "" "Globalen Katalog repliziert werden." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:92 +#: sssd-ad.5.xml:105 msgid "" "Users, groups and other entities served by SSSD are always treated as case-" "insensitive in the AD provider for compatibility with Active Directory's " @@ -10265,12 +10529,12 @@ msgstr "" "Implementation in Active Directory zu gewährleisten." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:107 +#: sssd-ad.5.xml:120 msgid "ad_domain (string)" msgstr "ad_domain (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:110 +#: sssd-ad.5.xml:123 msgid "" "Specifies the name of the Active Directory domain. This is optional. If not " "provided, the configuration domain name is used." @@ -10279,7 +10543,7 @@ msgstr "" "nicht angegeben, wird der Name der konfigurierten Domain benutzt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:115 +#: sssd-ad.5.xml:128 msgid "" "For proper operation, this option should be specified as the lower-case " "version of the long version of the Active Directory domain." @@ -10289,7 +10553,7 @@ msgstr "" "angegeben werden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:120 +#: sssd-ad.5.xml:133 msgid "" "The short domain name (also known as the NetBIOS or the flat name) is " "autodetected by the SSSD." @@ -10298,12 +10562,12 @@ msgstr "" "SSSD automatisch ermittelt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:127 +#: sssd-ad.5.xml:140 msgid "ad_enabled_domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:130 +#: sssd-ad.5.xml:143 msgid "" "A comma-separated list of enabled Active Directory domains. If provided, " "SSSD will ignore any domains not listed in this option. If left unset, all " @@ -10311,7 +10575,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:140 +#: sssd-ad.5.xml:153 #, no-wrap msgid "" "ad_enabled_domains = sales.example.com, eng.example.com\n" @@ -10319,7 +10583,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:136 +#: sssd-ad.5.xml:149 msgid "" "For proper operation, this option must be specified in all lower-case and as " "the fully qualified domain name of the Active Directory domain. For example: " @@ -10327,19 +10591,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:144 +#: sssd-ad.5.xml:157 msgid "" "The short domain name (also known as the NetBIOS or the flat name) will be " "autodetected by SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:154 +#: sssd-ad.5.xml:167 msgid "ad_server, ad_backup_server (string)" msgstr "ad_server, ad_backup_server (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:157 +#: sssd-ad.5.xml:170 msgid "" "The comma-separated list of hostnames of the AD servers to which SSSD should " "connect in order of preference. For more information on failover and server " @@ -10347,26 +10611,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:164 +#: sssd-ad.5.xml:177 msgid "" "This is optional if autodiscovery is enabled. For more information on " "service discovery, refer to the <quote>SERVICE DISCOVERY</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:169 +#: sssd-ad.5.xml:182 msgid "" "Note: Trusted domains will always auto-discover servers even if the primary " "server is explicitly defined in the ad_server option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:177 +#: sssd-ad.5.xml:190 msgid "ad_hostname (string)" msgstr "ad_hostname (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:180 +#: sssd-ad.5.xml:193 msgid "" "Optional. May be set on machines where the hostname(5) does not reflect the " "fully qualified name used in the Active Directory domain to identify this " @@ -10377,7 +10641,7 @@ msgstr "" "werden, um sie zu identifizieren." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:186 +#: sssd-ad.5.xml:199 msgid "" "This field is used to determine the host principal in use in the keytab. It " "must match the hostname for which the keytab was issued." @@ -10387,12 +10651,12 @@ msgstr "" "ausgegeben wurde." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:194 +#: sssd-ad.5.xml:207 msgid "ad_enable_dns_sites (boolean)" msgstr "ad_enable_dns_sites (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:201 +#: sssd-ad.5.xml:214 msgid "" "If true and service discovery (see Service Discovery paragraph at the bottom " "of the man page) is enabled, the SSSD will first attempt to discover the " @@ -10410,12 +10674,12 @@ msgstr "" "Aufdeckung verwendet." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:217 +#: sssd-ad.5.xml:230 msgid "ad_access_filter (string)" msgstr "ad_access_filter (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:220 +#: sssd-ad.5.xml:233 msgid "" "This option specifies LDAP access control filter that the user must match in " "order to be allowed access. Please note that the <quote>access_provider</" @@ -10428,7 +10692,7 @@ msgstr "" "quote> gesetzt werden muss, damit sie wirksam ist." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:228 +#: sssd-ad.5.xml:241 msgid "" "The option also supports specifying different filters per domain or forest. " "This extended filter would consist of: <quote>KEYWORD:NAME:FILTER</quote>. " @@ -10441,7 +10705,7 @@ msgstr "" "<quote>FOREST</quote> sein oder auch weggelassen werden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:236 +#: sssd-ad.5.xml:249 msgid "" "If the keyword equals to <quote>DOM</quote> or is missing, then <quote>NAME</" "quote> specifies the domain or subdomain the filter applies to. If the " @@ -10455,7 +10719,7 @@ msgstr "" "<quote>NAME</quote> angegeben ist." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:244 +#: sssd-ad.5.xml:257 msgid "" "Multiple filters can be separated with the <quote>?</quote> character, " "similarly to how search bases work." @@ -10464,7 +10728,7 @@ msgstr "" "so wie es auch in Suchmaschinen üblich ist." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:249 +#: sssd-ad.5.xml:262 msgid "" "Nested group membership must be searched for using a special OID " "<quote>:1.2.840.113556.1.4.1941:</quote> in addition to the full DOM:domain." @@ -10477,7 +10741,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:262 +#: sssd-ad.5.xml:275 msgid "" "The most specific match is always used. For example, if the option specified " "filter for a domain the user is a member of and a global filter, the per-" @@ -10491,7 +10755,7 @@ msgstr "" "der erste verwendet." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ad.5.xml:273 +#: sssd-ad.5.xml:286 #, no-wrap msgid "" "# apply filter on domain called dom1 only:\n" @@ -10509,24 +10773,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:292 +#: sssd-ad.5.xml:305 msgid "ad_site (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:295 +#: sssd-ad.5.xml:308 msgid "" "Specify AD site to which client should try to connect. If this option is " "not provided, the AD site will be auto-discovered." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:306 +#: sssd-ad.5.xml:319 msgid "ad_enable_gc (boolean)" msgstr "ad_enable_gc (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:309 +#: sssd-ad.5.xml:322 msgid "" "By default, the SSSD connects to the Global Catalog first to retrieve users " "from trusted domains and uses the LDAP port to retrieve group memberships or " @@ -10540,7 +10804,7 @@ msgstr "" "dem LDAP-Port des aktuellen Servers." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:317 +#: sssd-ad.5.xml:330 msgid "" "Please note that disabling Global Catalog support does not disable " "retrieving users from trusted domains. The SSSD would connect to the LDAP " @@ -10555,12 +10819,12 @@ msgstr "" "können." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:331 +#: sssd-ad.5.xml:344 msgid "ad_gpo_access_control (string)" msgstr "ad_gpo_access_control (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:334 +#: sssd-ad.5.xml:347 msgid "" "This option specifies the operation mode for GPO-based access control " "functionality: whether it operates in disabled mode, enforcing mode, or " @@ -10574,7 +10838,7 @@ msgstr "" "auf <quote>ad</quote> gesetzt werden muss, damit sie wirksam ist." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:343 +#: sssd-ad.5.xml:356 msgid "" "GPO-based access control functionality uses GPO policy settings to determine " "whether or not a particular user is allowed to logon to a particular host." @@ -10584,7 +10848,15 @@ msgstr "" "anmelden darf." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:349 +#: sssd-ad.5.xml:362 +msgid "" +"NOTE: The current version of SSSD does not support host (computer) entries " +"in the GPO 'Security Filtering' list. Only user and group entries are " +"supported. Host entries in the list have no effect." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:369 msgid "" "NOTE: If the operation mode is set to enforcing, it is possible that users " "that were previously allowed logon access will now be denied logon access " @@ -10607,12 +10879,12 @@ msgstr "" "»enforcing« gesetzt wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:362 +#: sssd-ad.5.xml:382 msgid "There are three supported values for this option:" msgstr "Für diese Option werden drei Werte unterstützt:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:366 +#: sssd-ad.5.xml:386 msgid "" "disabled: GPO-based access control rules are neither evaluated nor enforced." msgstr "" @@ -10620,14 +10892,14 @@ msgstr "" "deren Anwendung erzwungen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:372 +#: sssd-ad.5.xml:392 msgid "enforcing: GPO-based access control rules are evaluated and enforced." msgstr "" "enforcing: GPO-basierte Zugriffskontrollregeln werden sowohl ausgewertet als " "auch deren Anwendung erzwungen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:378 +#: sssd-ad.5.xml:398 msgid "" "permissive: GPO-based access control rules are evaluated, but not enforced. " "Instead, a syslog message will be emitted indicating that the user would " @@ -10639,22 +10911,22 @@ msgstr "" "verweigert werden würde, wenn die Option auf »enforcing« gesetzt wäre." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:389 +#: sssd-ad.5.xml:409 msgid "Default: permissive" msgstr "Voreinstellung: permissive" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:392 +#: sssd-ad.5.xml:412 msgid "Default: enforcing" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:398 +#: sssd-ad.5.xml:418 msgid "ad_gpo_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:401 +#: sssd-ad.5.xml:421 msgid "" "The amount of time between lookups of GPO policy files against the AD " "server. This will reduce the latency and load on the AD server if there are " @@ -10662,12 +10934,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:414 +#: sssd-ad.5.xml:434 msgid "ad_gpo_map_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:417 +#: sssd-ad.5.xml:437 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the InteractiveLogonRight and " @@ -10675,14 +10947,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:423 +#: sssd-ad.5.xml:443 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on locally\" and \"Deny log on locally\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:437 +#: sssd-ad.5.xml:457 #, no-wrap msgid "" "ad_gpo_map_interactive = +my_pam_service, -login\n" @@ -10690,7 +10962,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:428 +#: sssd-ad.5.xml:448 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10702,78 +10974,78 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:441 sssd-ad.5.xml:537 sssd-ad.5.xml:583 sssd-ad.5.xml:628 -#: sssd-ad.5.xml:694 +#: sssd-ad.5.xml:461 sssd-ad.5.xml:557 sssd-ad.5.xml:603 sssd-ad.5.xml:648 +#: sssd-ad.5.xml:714 msgid "Default: the default set of PAM service names includes:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:445 +#: sssd-ad.5.xml:465 msgid "login" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:450 +#: sssd-ad.5.xml:470 msgid "su" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:455 +#: sssd-ad.5.xml:475 msgid "su-l" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:460 +#: sssd-ad.5.xml:480 msgid "gdm-fingerprint" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:465 +#: sssd-ad.5.xml:485 msgid "gdm-password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:470 +#: sssd-ad.5.xml:490 msgid "gdm-smartcard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:475 +#: sssd-ad.5.xml:495 msgid "kdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:480 +#: sssd-ad.5.xml:500 msgid "lightdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:485 +#: sssd-ad.5.xml:505 msgid "lxdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:490 +#: sssd-ad.5.xml:510 msgid "sddm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:495 +#: sssd-ad.5.xml:515 msgid "unity" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:500 +#: sssd-ad.5.xml:520 msgid "xdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:509 +#: sssd-ad.5.xml:529 msgid "ad_gpo_map_remote_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:512 +#: sssd-ad.5.xml:532 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the RemoteInteractiveLogonRight and " @@ -10781,7 +11053,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:518 +#: sssd-ad.5.xml:538 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on through Remote Desktop Services\" and \"Deny log on through Remote " @@ -10789,7 +11061,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:533 +#: sssd-ad.5.xml:553 #, no-wrap msgid "" "ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n" @@ -10797,7 +11069,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:524 +#: sssd-ad.5.xml:544 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10809,22 +11081,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:541 +#: sssd-ad.5.xml:561 msgid "sshd" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:546 +#: sssd-ad.5.xml:566 msgid "cockpit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:555 +#: sssd-ad.5.xml:575 msgid "ad_gpo_map_network (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:558 +#: sssd-ad.5.xml:578 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the NetworkLogonRight and " @@ -10832,7 +11104,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:564 +#: sssd-ad.5.xml:584 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Access " "this computer from the network\" and \"Deny access to this computer from the " @@ -10840,7 +11112,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:579 +#: sssd-ad.5.xml:599 #, no-wrap msgid "" "ad_gpo_map_network = +my_pam_service, -ftp\n" @@ -10848,7 +11120,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:570 +#: sssd-ad.5.xml:590 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10860,22 +11132,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:587 +#: sssd-ad.5.xml:607 msgid "ftp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:592 +#: sssd-ad.5.xml:612 msgid "samba" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:601 +#: sssd-ad.5.xml:621 msgid "ad_gpo_map_batch (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:604 +#: sssd-ad.5.xml:624 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " @@ -10883,14 +11155,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:610 +#: sssd-ad.5.xml:630 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a batch job\" and \"Deny log on as a batch job\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:624 +#: sssd-ad.5.xml:644 #, no-wrap msgid "" "ad_gpo_map_batch = +my_pam_service, -crond\n" @@ -10898,7 +11170,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:615 +#: sssd-ad.5.xml:635 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10910,17 +11182,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:632 +#: sssd-ad.5.xml:652 msgid "crond" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:641 +#: sssd-ad.5.xml:661 msgid "ad_gpo_map_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:644 +#: sssd-ad.5.xml:664 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the ServiceLogonRight and " @@ -10928,14 +11200,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:650 +#: sssd-ad.5.xml:670 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a service\" and \"Deny log on as a service\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:663 +#: sssd-ad.5.xml:683 #, no-wrap msgid "" "ad_gpo_map_service = +my_pam_service\n" @@ -10943,7 +11215,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:655 sssd-ad.5.xml:730 +#: sssd-ad.5.xml:675 sssd-ad.5.xml:750 msgid "" "It is possible to add a PAM service name to the default set by using <quote>" "+service_name</quote>. Since the default set is empty, it is not possible " @@ -10954,19 +11226,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:673 +#: sssd-ad.5.xml:693 msgid "ad_gpo_map_permit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:676 +#: sssd-ad.5.xml:696 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always granted, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:690 +#: sssd-ad.5.xml:710 #, no-wrap msgid "" "ad_gpo_map_permit = +my_pam_service, -sudo\n" @@ -10974,7 +11246,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:681 +#: sssd-ad.5.xml:701 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10986,39 +11258,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:698 +#: sssd-ad.5.xml:718 msgid "polkit-1" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:703 +#: sssd-ad.5.xml:723 msgid "sudo" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:708 +#: sssd-ad.5.xml:728 msgid "sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:713 +#: sssd-ad.5.xml:733 msgid "systemd-user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:722 +#: sssd-ad.5.xml:742 msgid "ad_gpo_map_deny (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:725 +#: sssd-ad.5.xml:745 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always denied, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:738 +#: sssd-ad.5.xml:758 #, no-wrap msgid "" "ad_gpo_map_deny = +my_pam_service\n" @@ -11026,12 +11298,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:748 +#: sssd-ad.5.xml:768 msgid "ad_gpo_default_right (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:751 +#: sssd-ad.5.xml:771 msgid "" "This option defines how access control is evaluated for PAM service names " "that are not explicitly listed in one of the ad_gpo_map_* options. This " @@ -11044,57 +11316,57 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:764 +#: sssd-ad.5.xml:784 msgid "Supported values for this option include:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:768 +#: sssd-ad.5.xml:788 msgid "interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:773 +#: sssd-ad.5.xml:793 msgid "remote_interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:778 +#: sssd-ad.5.xml:798 msgid "network" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:783 +#: sssd-ad.5.xml:803 msgid "batch" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:788 +#: sssd-ad.5.xml:808 msgid "service" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:793 +#: sssd-ad.5.xml:813 msgid "permit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:798 +#: sssd-ad.5.xml:818 msgid "deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:804 +#: sssd-ad.5.xml:824 msgid "Default: deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:810 +#: sssd-ad.5.xml:830 msgid "ad_maximum_machine_account_password_age (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:813 +#: sssd-ad.5.xml:833 msgid "" "SSSD will check once a day if the machine account password is older than the " "given age in days and try to renew it. A value of 0 will disable the renewal " @@ -11102,17 +11374,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:819 +#: sssd-ad.5.xml:839 msgid "Default: 30 days" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:825 +#: sssd-ad.5.xml:845 msgid "ad_machine_account_password_renewal_opts (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:828 +#: sssd-ad.5.xml:848 msgid "" "This option should only be used to test the machine account renewal task. " "The option expects 2 integers separated by a colon (':'). The first integer " @@ -11122,12 +11394,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:837 +#: sssd-ad.5.xml:857 msgid "Default: 86400:750 (24h and 15m)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:846 +#: sssd-ad.5.xml:866 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -11145,19 +11417,19 @@ msgstr "" "»dyndns_iface« angegeben wurde." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:876 +#: sssd-ad.5.xml:896 msgid "Default: 3600 (seconds)" msgstr "Voreinstellung: 3600 (Sekunden)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:892 +#: sssd-ad.5.xml:912 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:905 +#: sssd-ad.5.xml:925 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -11167,12 +11439,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:928 sss_rpcidmapd.5.xml:76 +#: sssd-ad.5.xml:948 sss_rpcidmapd.5.xml:76 msgid "Default: True" msgstr "Voreinstellung: True" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1020 +#: sssd-ad.5.xml:1040 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -11184,7 +11456,7 @@ msgstr "" "Optionen von AD." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1027 +#: sssd-ad.5.xml:1047 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -11208,7 +11480,7 @@ msgstr "" "ad_domain = example.com\n" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1047 +#: sssd-ad.5.xml:1067 #, no-wrap msgid "" "access_provider = ldap\n" @@ -11220,7 +11492,7 @@ msgstr "" "ldap_account_expire_policy = ad\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1043 +#: sssd-ad.5.xml:1063 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -11231,7 +11503,7 @@ msgstr "" "<placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1053 +#: sssd-ad.5.xml:1073 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -11241,7 +11513,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1061 +#: sssd-ad.5.xml:1081 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " @@ -11650,33 +11922,92 @@ msgstr "" "<filename>/var/log/sssd</filename> gespeichert. Dort gibt es separate " "Protokolldateien für jeden SSSD-Dienst und jede Domain." +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:94 +msgid "" +"This option is deprecated. It is replaced by <option>--logger=files</option>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sssd.8.xml:101 +#, fuzzy +#| msgid "<option>--debug-timestamps=</option><replaceable>mode</replaceable>" +msgid "<option>--logger=</option><replaceable>value</replaceable>" +msgstr "<option>--debug-timestamps=</option><replaceable>Modus</replaceable>" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:105 +msgid "" +"Location where SSSD will send log messages. This option overrides the value " +"of the deprecated option <option>--debug-to-files</option>. The deprecated " +"option will still work if the <option>--logger</option> is not used." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:112 +#, fuzzy +#| msgid "<emphasis>1</emphasis>: Add a timestamp to the debug messages" +msgid "" +"<emphasis>stderr</emphasis>: Redirect debug messages to standard error " +"output." +msgstr "" +"<emphasis>1</emphasis>: Den Debug-Nachrichten wird ein Zeitstempel " +"hinzugefügt." + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:116 +#, fuzzy +#| msgid "" +#| "Send the debug output to files instead of stderr. By default, the log " +#| "files are stored in <filename>/var/log/sssd</filename> and there are " +#| "separate log files for every SSSD service and domain." +msgid "" +"<emphasis>files</emphasis>: Redirect debug messages to the log files. By " +"default, the log files are stored in <filename>/var/log/sssd</filename> and " +"there are separate log files for every SSSD service and domain." +msgstr "" +"sendet die Ausgabe der Fehlersuche in Dateien statt auf die " +"Standardfehlerausgabe. Standardmäßig werden die Protokolldateien in " +"<filename>/var/log/sssd</filename> gespeichert. Dort gibt es separate " +"Protokolldateien für jeden SSSD-Dienst und jede Domain." + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:122 +#, fuzzy +#| msgid "<emphasis>1</emphasis>: Add a timestamp to the debug messages" +msgid "" +"<emphasis>journald</emphasis>: Redirect debug messages to systemd-journald" +msgstr "" +"<emphasis>1</emphasis>: Den Debug-Nachrichten wird ein Zeitstempel " +"hinzugefügt." + #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:97 +#: sssd.8.xml:132 msgid "<option>-D</option>,<option>--daemon</option>" msgstr "<option>-D</option>,<option>--daemon</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:101 +#: sssd.8.xml:136 msgid "Become a daemon after starting up." msgstr "wird nach dem Start ein Daemon." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:107 sss_seed.8.xml:136 +#: sssd.8.xml:142 sss_seed.8.xml:136 msgid "<option>-i</option>,<option>--interactive</option>" msgstr "<option>-i</option>,<option>--interactive</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:111 +#: sssd.8.xml:146 msgid "Run in the foreground, don't become a daemon." msgstr "läuft im Vordergrund und wird kein Daemon." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:117 +#: sssd.8.xml:152 msgid "<option>-c</option>,<option>--config</option>" msgstr "<option>-c</option>,<option>--config</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:121 +#: sssd.8.xml:156 msgid "" "Specify a non-default config file. The default is <filename>/etc/sssd/sssd." "conf</filename>. For reference on the config file syntax and options, " @@ -11690,27 +12021,27 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:135 +#: sssd.8.xml:170 msgid "<option>--version</option>" msgstr "<option>--version</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:139 +#: sssd.8.xml:174 msgid "Print version number and exit." msgstr "gibt die Versionsnummer aus und beendet sich." #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.8.xml:147 +#: sssd.8.xml:182 msgid "Signals" msgstr "Signale" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:150 +#: sssd.8.xml:185 msgid "SIGTERM/SIGINT" msgstr "SIGTERM/SIGINT" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:153 +#: sssd.8.xml:188 msgid "" "Informs the SSSD to gracefully terminate all of its child processes and then " "shut down the monitor." @@ -11719,12 +12050,12 @@ msgstr "" "Überwachungsprogramm herunterfahren soll." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:159 +#: sssd.8.xml:194 msgid "SIGHUP" msgstr "SIGHUP" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:162 +#: sssd.8.xml:197 msgid "" "Tells the SSSD to stop writing to its current debug file descriptors and to " "close and reopen them. This is meant to facilitate log rolling with programs " @@ -11736,12 +12067,12 @@ msgstr "" "erleichtern." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:170 +#: sssd.8.xml:205 msgid "SIGUSR1" msgstr "SIGUSR1" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:173 +#: sssd.8.xml:208 msgid "" "Tells the SSSD to simulate offline operation for the duration of the " "<quote>offline_timeout</quote> parameter. This is useful for testing. The " @@ -11750,12 +12081,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:182 +#: sssd.8.xml:217 msgid "SIGUSR2" msgstr "SIGUSR2" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:185 +#: sssd.8.xml:220 msgid "" "Tells the SSSD to go online immediately. This is useful for testing. The " "signal can be sent to either the sssd process or any sssd_be process " @@ -11763,7 +12094,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.8.xml:197 +#: sssd.8.xml:232 msgid "" "If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", client " "applications will not use the fast in memory cache." @@ -14518,7 +14849,7 @@ msgid "" "project was born to deal with this problem in cloud like environments, but " "we found the idea compelling even at a single system level. As a security " "service, SSSD is ideal to host this capability while offering the same API " -"via a Unix Socket. This will make it possible to use local calls and have " +"via a UNIX Socket. This will make it possible to use local calls and have " "them transparently routed to a local or a remote key management store like " "IPA Vault for storage, escrow and recovery." msgstr "" @@ -17326,6 +17657,13 @@ msgstr "" msgid "ldap_group_external_member = ipaExternalMember" msgstr "" +#~ msgid "" +#~ "Determines if a domain can be enumerated. This parameter can have one of " +#~ "the following values:" +#~ msgstr "" +#~ "bestimmt, ob eine Domain aufgezählt werden kann. Dieser Parameter kann " +#~ "einen der folgenden Werte haben:" + #~ msgid "" #~ "<command>sss_debuglevel</command> changes debug level of SSSD monitor and " #~ "providers to <replaceable>NEW_DEBUG_LEVEL</replaceable> while SSSD is " diff --git a/src/man/po/es.po b/src/man/po/es.po index 54d531d0883..4d5621925fa 100644 --- a/src/man/po/es.po +++ b/src/man/po/es.po @@ -15,7 +15,7 @@ msgid "" msgstr "" "Project-Id-Version: sssd-docs 1.15.3\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2017-10-20 16:15+0200\n" +"POT-Creation-Date: 2018-03-09 12:30+0100\n" "PO-Revision-Date: 2014-12-14 11:54-0500\n" "Last-Translator: Copied by Zanata <copied-by-zanata@zanata.org>\n" "Language-Team: Spanish (http://www.transifex.com/projects/p/sssd/language/" @@ -330,9 +330,9 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:133 sssd.conf.5.xml:543 sssd.conf.5.xml:837 -#: sssd.conf.5.xml:1467 sssd-ldap.5.xml:1722 sssd-ldap.5.xml:1819 -#: sssd-ldap.5.xml:1881 sssd-ldap.5.xml:2447 sssd-ldap.5.xml:2512 -#: sssd-ldap.5.xml:2530 sssd-ad.5.xml:211 sssd-ad.5.xml:325 sssd-ad.5.xml:862 +#: sssd.conf.5.xml:1474 sssd-ldap.5.xml:1840 sssd-ldap.5.xml:1937 +#: sssd-ldap.5.xml:1999 sssd-ldap.5.xml:2565 sssd-ldap.5.xml:2630 +#: sssd-ldap.5.xml:2648 sssd-ad.5.xml:224 sssd-ad.5.xml:338 sssd-ad.5.xml:882 #: sssd-krb5.5.xml:499 sssd-secrets.5.xml:351 sssd-secrets.5.xml:364 msgid "Default: true" msgstr "Predeterminado: true" @@ -351,16 +351,16 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:146 sssd.conf.5.xml:540 sssd.conf.5.xml:721 -#: sssd.conf.5.xml:1400 sssd.conf.5.xml:2865 sssd-ldap.5.xml:708 -#: sssd-ldap.5.xml:1596 sssd-ldap.5.xml:1615 sssd-ldap.5.xml:1791 -#: sssd-ldap.5.xml:2217 sssd-ipa.5.xml:145 sssd-ipa.5.xml:232 -#: sssd-ipa.5.xml:540 sssd-krb5.5.xml:266 sssd-krb5.5.xml:300 +#: sssd.conf.5.xml:1407 sssd.conf.5.xml:2925 sssd-ldap.5.xml:708 +#: sssd-ldap.5.xml:1714 sssd-ldap.5.xml:1733 sssd-ldap.5.xml:1909 +#: sssd-ldap.5.xml:2335 sssd-ipa.5.xml:151 sssd-ipa.5.xml:238 +#: sssd-ipa.5.xml:559 sssd-krb5.5.xml:266 sssd-krb5.5.xml:300 #: sssd-krb5.5.xml:471 msgid "Default: false" msgstr "Predeterminado: false" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2255 +#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2373 #: sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 sssd-systemtap.5.xml:210 #: sssd-systemtap.5.xml:248 sssd-systemtap.5.xml:304 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" @@ -385,8 +385,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:169 sssd.conf.5.xml:1352 sssd.conf.5.xml:2881 -#: sssd-ldap.5.xml:1467 include/ldap_id_mapping.xml:264 +#: sssd.conf.5.xml:169 sssd.conf.5.xml:1359 sssd.conf.5.xml:2941 +#: sssd-ldap.5.xml:1585 include/ldap_id_mapping.xml:264 msgid "Default: 10" msgstr "Predeterminado: 10" @@ -401,7 +401,7 @@ msgid "The [sssd] section" msgstr "La sección [sssd]" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:191 sssd.conf.5.xml:2970 +#: sssd.conf.5.xml:191 sssd.conf.5.xml:3030 msgid "Section parameters" msgstr "Parámetros de sección" @@ -429,7 +429,7 @@ msgstr "servicios" msgid "" "Comma separated list of services that are started when sssd itself starts. " "<phrase condition=\"have_systemd\"> The services' list is optional on " -"platforms where systemd is supported, as they will either be socket or dbus " +"platforms where systemd is supported, as they will either be socket or D-Bus " "activated when needed. </phrase>" msgstr "" @@ -485,7 +485,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:259 sssd.conf.5.xml:2508 +#: sssd.conf.5.xml:259 sssd.conf.5.xml:2539 msgid "re_expression (string)" msgstr "re_expression (cadena)" @@ -507,12 +507,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:276 sssd.conf.5.xml:2559 +#: sssd.conf.5.xml:276 sssd.conf.5.xml:2590 msgid "full_name_format (string)" msgstr "full_name_format (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:279 sssd.conf.5.xml:2562 +#: sssd.conf.5.xml:279 sssd.conf.5.xml:2593 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -520,39 +520,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:290 sssd.conf.5.xml:2573 +#: sssd.conf.5.xml:290 sssd.conf.5.xml:2604 msgid "%1$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:291 sssd.conf.5.xml:2574 +#: sssd.conf.5.xml:291 sssd.conf.5.xml:2605 msgid "user name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:294 sssd.conf.5.xml:2577 +#: sssd.conf.5.xml:294 sssd.conf.5.xml:2608 msgid "%2$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:297 sssd.conf.5.xml:2580 +#: sssd.conf.5.xml:297 sssd.conf.5.xml:2611 msgid "domain name as specified in the SSSD config file." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:303 sssd.conf.5.xml:2586 +#: sssd.conf.5.xml:303 sssd.conf.5.xml:2617 msgid "%3$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:306 sssd.conf.5.xml:2589 +#: sssd.conf.5.xml:306 sssd.conf.5.xml:2620 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:287 sssd.conf.5.xml:2570 +#: sssd.conf.5.xml:287 sssd.conf.5.xml:2601 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -703,12 +703,13 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:418 sssd.conf.5.xml:1156 sssd-ldap.5.xml:679 -#: sssd-ldap.5.xml:1555 sssd-ldap.5.xml:1567 sssd-ldap.5.xml:1649 -#: sssd-ad.5.xml:667 sssd-ad.5.xml:742 sssd-krb5.5.xml:410 sssd-krb5.5.xml:556 -#: sssd-secrets.5.xml:339 sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 -#: sssd-secrets.5.xml:404 sssd-secrets.5.xml:415 -#: include/ldap_id_mapping.xml:205 include/ldap_id_mapping.xml:216 +#: sssd.conf.5.xml:418 sssd.conf.5.xml:1163 sssd-ldap.5.xml:679 +#: sssd-ldap.5.xml:1319 sssd-ldap.5.xml:1673 sssd-ldap.5.xml:1685 +#: sssd-ldap.5.xml:1767 sssd-ad.5.xml:687 sssd-ad.5.xml:762 sssd.8.xml:126 +#: sssd-krb5.5.xml:410 sssd-krb5.5.xml:556 sssd-secrets.5.xml:339 +#: sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 sssd-secrets.5.xml:404 +#: sssd-secrets.5.xml:415 include/ldap_id_mapping.xml:205 +#: include/ldap_id_mapping.xml:216 msgid "Default: not set" msgstr "Predeterminado: no definido" @@ -895,8 +896,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:587 sssd.conf.5.xml:1364 sssd.conf.5.xml:2931 -#: sssd-ad.5.xml:148 sssd-ad.5.xml:286 sssd-ad.5.xml:300 +#: sssd.conf.5.xml:587 sssd.conf.5.xml:1371 sssd.conf.5.xml:2991 +#: sssd-ad.5.xml:161 sssd-ad.5.xml:299 sssd-ad.5.xml:313 msgid "Default: Not set" msgstr "" @@ -987,7 +988,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:655 sssd.conf.5.xml:687 sssd.conf.5.xml:968 -#: sssd.conf.5.xml:1222 sssd-ldap.5.xml:1294 +#: sssd.conf.5.xml:1229 sssd-ldap.5.xml:1412 msgid "Default: 60" msgstr "Predeterminado: 60" @@ -1042,12 +1043,12 @@ msgid "" "resource exhaustion on the system. The minimum acceptable value for this " "option is 60 seconds. Setting this option to 0 (zero) means that no timeout " "will be set up to the responder. This option only has effect when SSSD is " -"built with systemd support and when services are either socket or dbus " +"built with systemd support and when services are either socket or D-Bus " "activated." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:709 sssd.conf.5.xml:980 sssd.conf.5.xml:1559 +#: sssd.conf.5.xml:709 sssd.conf.5.xml:981 sssd.conf.5.xml:1566 #: sssd-ldap.5.xml:722 msgid "Default: 300" msgstr "Predeterminado: 300" @@ -1142,7 +1143,7 @@ msgstr "" "segundos. (0 deshabilita esta función)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:775 sssd.conf.5.xml:1421 +#: sssd.conf.5.xml:775 sssd.conf.5.xml:1428 msgid "Default: 50" msgstr "Predeterminado: 50" @@ -1163,7 +1164,7 @@ msgstr "" "entradas no existentes) antes de preguntar al punto final otra vez." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:789 sssd.conf.5.xml:1445 +#: sssd.conf.5.xml:789 sssd.conf.5.xml:1452 msgid "Default: 15" msgstr "Predeterminado: 15" @@ -1180,7 +1181,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:802 sssd.conf.5.xml:1210 sssd.conf.5.xml:2815 sssd.8.xml:79 +#: sssd.conf.5.xml:802 sssd.conf.5.xml:1217 sssd.conf.5.xml:2846 sssd.8.xml:79 msgid "Default: 0" msgstr "Predeterminado: 0" @@ -1258,7 +1259,7 @@ msgstr "" " " #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:856 sssd.conf.5.xml:1289 sssd.conf.5.xml:1308 +#: sssd.conf.5.xml:856 sssd.conf.5.xml:1296 sssd.conf.5.xml:1315 #: sssd-krb5.5.xml:539 include/override_homedir.xml:59 msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "ejemplo: <placeholder type=\"programlisting\" id=\"0\"/>" @@ -1407,12 +1408,12 @@ msgstr "" "normalmente /bin/sh)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:961 sssd.conf.5.xml:1215 +#: sssd.conf.5.xml:961 sssd.conf.5.xml:1222 msgid "get_domains_timeout (int)" msgstr "get_domains_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:964 sssd.conf.5.xml:1218 +#: sssd.conf.5.xml:964 sssd.conf.5.xml:1225 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." @@ -1429,23 +1430,30 @@ msgstr "memcache_timeout (entero)" #: sssd.conf.5.xml:976 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " -"valid." +"valid. Setting this option to zero will disable the in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:983 +#: sssd.conf.5.xml:984 +msgid "" +"WARNING: Disabling the in-memory cache will have significant negative impact " +"on SSSD's performance and should only be used for testing." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:990 msgid "" "NOTE: If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", " "client applications will not use the fast in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:991 sssd-ifp.5.xml:74 +#: sssd.conf.5.xml:998 sssd-ifp.5.xml:74 msgid "user_attributes (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:994 +#: sssd.conf.5.xml:1001 msgid "" "Some of the additional NSS responder requests can return more attributes " "than just the POSIX ones defined by the NSS interface. The list of " @@ -1456,48 +1464,48 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1007 +#: sssd.conf.5.xml:1014 msgid "" "To make configuration more easy the NSS responder will check the InfoPipe " "option if it is not set for the NSS responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1012 +#: sssd.conf.5.xml:1019 msgid "Default: not set, fallback to InfoPipe option" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1017 +#: sssd.conf.5.xml:1024 msgid "pwfield (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1020 +#: sssd.conf.5.xml:1027 msgid "" "The value that NSS operations that return users or groups will return for " "the <quote>password</quote> field." msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:1025 include/override_homedir.xml:56 +#: sssd.conf.5.xml:1032 include/override_homedir.xml:56 msgid "This option can also be set per-domain." msgstr "Esta opción puede ser también fijada por dominio." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1028 +#: sssd.conf.5.xml:1035 msgid "" "Default: <quote>*</quote> (remote domains) or <quote>x</quote> (the files " "domain)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1036 +#: sssd.conf.5.xml:1043 msgid "PAM configuration options" msgstr "Opciones de configuración PAM" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1038 +#: sssd.conf.5.xml:1045 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." @@ -1506,12 +1514,12 @@ msgstr "" "Authentication Module (PAM)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1043 +#: sssd.conf.5.xml:1050 msgid "offline_credentials_expiration (integer)" msgstr "offline_credentials_expiration (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1046 +#: sssd.conf.5.xml:1053 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." @@ -1520,17 +1528,17 @@ msgstr "" "los accesos escondidos (en días desde el último login en línea con éxito)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1051 sssd.conf.5.xml:1064 +#: sssd.conf.5.xml:1058 sssd.conf.5.xml:1071 msgid "Default: 0 (No limit)" msgstr "Predeterminado: 0 (Sin límite)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1057 +#: sssd.conf.5.xml:1064 msgid "offline_failed_login_attempts (integer)" msgstr "offline_failed_login_attempts (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1060 +#: sssd.conf.5.xml:1067 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." @@ -1539,12 +1547,12 @@ msgstr "" "login fallados están permitidos." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1070 +#: sssd.conf.5.xml:1077 msgid "offline_failed_login_delay (integer)" msgstr "offline_failed_login_delay (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1073 +#: sssd.conf.5.xml:1080 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." @@ -1554,7 +1562,7 @@ msgstr "" "intento de login sea posible." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1078 +#: sssd.conf.5.xml:1085 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -1565,17 +1573,17 @@ msgstr "" "éxito puede habilitar otra vez la autenticación fuera de línea." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1084 sssd.conf.5.xml:1182 +#: sssd.conf.5.xml:1091 sssd.conf.5.xml:1189 msgid "Default: 5" msgstr "Predeterminado: 5" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1090 +#: sssd.conf.5.xml:1097 msgid "pam_verbosity (integer)" msgstr "pam_verbosity (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1093 +#: sssd.conf.5.xml:1100 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." @@ -1584,44 +1592,44 @@ msgstr "" "autenticación. Cuanto mayor sea el número de mensajes más aparecen." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1098 +#: sssd.conf.5.xml:1105 msgid "Currently sssd supports the following values:" msgstr "Actualmente sssd soporta los siguientes valores:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1101 +#: sssd.conf.5.xml:1108 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "<emphasis>0</emphasis>: no mostrar ningún mensaje" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1104 +#: sssd.conf.5.xml:1111 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "<emphasis>1</emphasis>: mostrar sólo mensajes importantes" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1108 +#: sssd.conf.5.xml:1115 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "<emphasis>2</emphasis>: mostrar mensajes informativos" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1111 +#: sssd.conf.5.xml:1118 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" "<emphasis>3</emphasis>: mostrar todos los mensajes e información de " "depuración" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1115 sssd.8.xml:63 +#: sssd.conf.5.xml:1122 sssd.8.xml:63 msgid "Default: 1" msgstr "Predeterminado: 1" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1121 +#: sssd.conf.5.xml:1128 msgid "pam_response_filter (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1124 +#: sssd.conf.5.xml:1131 msgid "" "A comma separated list of strings which allows to remove (filter) data sent " "by the PAM responder to pam_sss PAM module. There are different kind of " @@ -1630,61 +1638,61 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1132 +#: sssd.conf.5.xml:1139 msgid "" "While messages already can be controlled with the help of the pam_verbosity " "option this option allows to filter out other kind of responses as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1139 +#: sssd.conf.5.xml:1146 msgid "ENV" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1140 +#: sssd.conf.5.xml:1147 msgid "Do not send any environment variables to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1143 +#: sssd.conf.5.xml:1150 msgid "ENV:var_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1144 +#: sssd.conf.5.xml:1151 msgid "Do not send environment variable var_name to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1148 +#: sssd.conf.5.xml:1155 msgid "ENV:var_name:service" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1149 +#: sssd.conf.5.xml:1156 msgid "Do not send environment variable var_name to service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1137 +#: sssd.conf.5.xml:1144 msgid "" "Currently the following filters are supported: <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1159 +#: sssd.conf.5.xml:1166 msgid "Example: ENV:KRB5CCNAME:sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1165 +#: sssd.conf.5.xml:1172 msgid "pam_id_timeout (integer)" msgstr "pam_id_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1168 +#: sssd.conf.5.xml:1175 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1696,7 +1704,7 @@ msgstr "" "información más actual." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1174 +#: sssd.conf.5.xml:1181 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -1710,17 +1718,17 @@ msgstr "" "proveedor de identidad." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1188 +#: sssd.conf.5.xml:1195 msgid "pam_pwd_expiration_warning (integer)" msgstr "pam_pwd_expiration_warning (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1191 sssd.conf.5.xml:2010 +#: sssd.conf.5.xml:1198 sssd.conf.5.xml:2028 msgid "Display a warning N days before the password expires." msgstr "Mostrar una advertencia N días antes que la contraseña caduque." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1194 +#: sssd.conf.5.xml:1201 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1731,7 +1739,7 @@ msgstr "" "información desaparece, sssd no podrá mostrar un aviso." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1200 sssd.conf.5.xml:2013 +#: sssd.conf.5.xml:1207 sssd.conf.5.xml:2031 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." @@ -1741,7 +1749,7 @@ msgstr "" "automáticamente." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1205 +#: sssd.conf.5.xml:1212 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." @@ -1750,12 +1758,12 @@ msgstr "" "<emphasis>pwd_expiration_warning</emphasis> para un dominio concreto." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:1234 msgid "pam_trusted_users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1230 +#: sssd.conf.5.xml:1237 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to run PAM conversations against trusted domains. Users not " @@ -1765,74 +1773,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1240 +#: sssd.conf.5.xml:1247 msgid "Default: All users are considered trusted by default" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1244 +#: sssd.conf.5.xml:1251 msgid "" "Please note that UID 0 is always allowed to access the PAM responder even in " "case it is not in the pam_trusted_users list." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1251 +#: sssd.conf.5.xml:1258 msgid "pam_public_domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1254 +#: sssd.conf.5.xml:1261 msgid "" "Specifies the comma-separated list of domain names that are accessible even " "to untrusted users." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1258 +#: sssd.conf.5.xml:1265 msgid "Two special values for pam_public_domains option are defined:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1262 +#: sssd.conf.5.xml:1269 msgid "" "all (Untrusted users are allowed to access all domains in PAM responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1266 +#: sssd.conf.5.xml:1273 msgid "" "none (Untrusted users are not allowed to access any domains PAM in " "responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1270 sssd.conf.5.xml:1295 sssd.conf.5.xml:1314 -#: sssd.conf.5.xml:1807 sssd.conf.5.xml:2751 sssd-ldap.5.xml:1850 +#: sssd.conf.5.xml:1277 sssd.conf.5.xml:1302 sssd.conf.5.xml:1321 +#: sssd.conf.5.xml:1825 sssd.conf.5.xml:2782 sssd-ldap.5.xml:1968 msgid "Default: none" msgstr "Predeterminado: none" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1275 +#: sssd.conf.5.xml:1282 msgid "pam_account_expired_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1278 +#: sssd.conf.5.xml:1285 msgid "" "Allows a custom expiration message to be set, replacing the default " "'Permission denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1283 +#: sssd.conf.5.xml:1290 msgid "" "Note: Please be aware that message is only printed for the SSH service " "unless pam_verbosity is set to 3 (show all messages and debug information)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1291 +#: sssd.conf.5.xml:1298 #, no-wrap msgid "" "pam_account_expired_message = Account expired, please contact help desk.\n" @@ -1840,19 +1848,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1300 +#: sssd.conf.5.xml:1307 msgid "pam_account_locked_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1303 +#: sssd.conf.5.xml:1310 msgid "" "Allows a custom lockout message to be set, replacing the default 'Permission " "denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1310 +#: sssd.conf.5.xml:1317 #, no-wrap msgid "" "pam_account_locked_message = Account locked, please contact help desk.\n" @@ -1860,12 +1868,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1319 +#: sssd.conf.5.xml:1326 msgid "pam_cert_auth (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1322 +#: sssd.conf.5.xml:1329 msgid "" "Enable certificate based Smartcard authentication. Since this requires " "additional communication with the Smartcard which will delay the " @@ -1873,58 +1881,58 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1328 sssd-ldap.5.xml:1078 sssd-ldap.5.xml:1105 -#: sssd-ldap.5.xml:1396 sssd-ldap.5.xml:1417 sssd-ldap.5.xml:1923 -#: include/ldap_id_mapping.xml:244 +#: sssd.conf.5.xml:1335 sssd.conf.5.xml:2875 sssd-ldap.5.xml:1087 +#: sssd-ldap.5.xml:1114 sssd-ldap.5.xml:1514 sssd-ldap.5.xml:1535 +#: sssd-ldap.5.xml:2041 include/ldap_id_mapping.xml:244 msgid "Default: False" msgstr "Por defecto: False" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1333 +#: sssd.conf.5.xml:1340 msgid "pam_cert_db_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1336 +#: sssd.conf.5.xml:1343 msgid "" "The path to the certificate database which contain the PKCS#11 modules to " "access the Smartcard." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1340 +#: sssd.conf.5.xml:1347 msgid "Default: /etc/pki/nssdb (NSS version)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1345 +#: sssd.conf.5.xml:1352 msgid "p11_child_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1348 +#: sssd.conf.5.xml:1355 msgid "How many seconds will pam_sss wait for p11_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1357 +#: sssd.conf.5.xml:1364 msgid "pam_app_services (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1360 +#: sssd.conf.5.xml:1367 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1373 +#: sssd.conf.5.xml:1380 msgid "SUDO configuration options" msgstr "SUDO opciones de configuración" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1375 +#: sssd.conf.5.xml:1382 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -1935,12 +1943,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1392 +#: sssd.conf.5.xml:1399 msgid "sudo_timed (bool)" msgstr "sudo_timed (booleano)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1395 +#: sssd.conf.5.xml:1402 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." @@ -1949,14 +1957,14 @@ msgstr "" "entradas de sudoers dependientes del tiempo." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1407 +#: sssd.conf.5.xml:1414 #, fuzzy #| msgid "ldap_deref_threshold (integer)" msgid "sudo_threshold (integer)" msgstr "ldap_deref_threshold (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1410 +#: sssd.conf.5.xml:1417 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -1966,22 +1974,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1429 +#: sssd.conf.5.xml:1436 msgid "AUTOFS configuration options" msgstr "Opciones de configuración AUTOFS" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1431 +#: sssd.conf.5.xml:1438 msgid "These options can be used to configure the autofs service." msgstr "Estas opciones pueden ser usadas para configurar el servicio autofs." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1435 +#: sssd.conf.5.xml:1442 msgid "autofs_negative_timeout (integer)" msgstr "autofs_negative_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1438 +#: sssd.conf.5.xml:1445 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -1992,22 +2000,22 @@ msgstr "" "existentes) antes de preguntar al punto final otra vez." #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1454 +#: sssd.conf.5.xml:1461 msgid "SSH configuration options" msgstr "Opciones de configuración SSH" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1456 +#: sssd.conf.5.xml:1463 msgid "These options can be used to configure the SSH service." msgstr "Estas opciones se pueden usar para configurar el servicio SSH." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1460 +#: sssd.conf.5.xml:1467 msgid "ssh_hash_known_hosts (bool)" msgstr "ssh_hash_known_hosts (booleano)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1463 +#: sssd.conf.5.xml:1470 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." @@ -2016,12 +2024,12 @@ msgstr "" "known_host. " #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1472 +#: sssd.conf.5.xml:1479 msgid "ssh_known_hosts_timeout (integer)" msgstr "ssh_known_hosts_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1475 +#: sssd.conf.5.xml:1482 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." @@ -2030,34 +2038,34 @@ msgstr "" "después de que se hayan pedido sus claves de host." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1479 +#: sssd.conf.5.xml:1486 msgid "Default: 180" msgstr "Por defecto: 180" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1484 +#: sssd.conf.5.xml:1491 msgid "ca_db (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1487 +#: sssd.conf.5.xml:1494 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1492 +#: sssd.conf.5.xml:1499 msgid "Default: /etc/pki/nssdb" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1500 +#: sssd.conf.5.xml:1507 msgid "PAC responder configuration options" msgstr "Opciones de configuración del respondedor PAC" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1502 +#: sssd.conf.5.xml:1509 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -2068,7 +2076,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1511 +#: sssd.conf.5.xml:1518 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -2079,24 +2087,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1519 +#: sssd.conf.5.xml:1526 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1525 +#: sssd.conf.5.xml:1532 msgid "These options can be used to configure the PAC responder." msgstr "Estas opciones pueden ser usadas para configurar el respondedor PAC." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1529 sssd-ifp.5.xml:50 +#: sssd.conf.5.xml:1536 sssd-ifp.5.xml:50 msgid "allowed_uids (string)" msgstr "allowed_uids (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1532 +#: sssd.conf.5.xml:1539 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -2106,14 +2114,14 @@ msgstr "" "usuario que tiene el acceso permitido al respondedor PAC." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1538 +#: sssd.conf.5.xml:1545 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" "Por defecto: 0 (sólo el usuario root tiene permitido el acceso al " "respondedor PAC)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1542 +#: sssd.conf.5.xml:1549 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -2126,26 +2134,26 @@ msgstr "" "lista de UIDs permitidas también." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1551 +#: sssd.conf.5.xml:1558 msgid "pac_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1554 +#: sssd.conf.5.xml:1561 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1567 +#: sssd.conf.5.xml:1574 #, fuzzy #| msgid "PAC responder configuration options" msgid "Session recording configuration options" msgstr "Opciones de configuración del respondedor PAC" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1569 +#: sssd.conf.5.xml:1576 #, fuzzy #| msgid "" #| "This manual page describes the configuration of the AD provider for " @@ -2169,36 +2177,36 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1582 +#: sssd.conf.5.xml:1589 #, fuzzy #| msgid "These options can be used to configure any service." msgid "These options can be used to configure session recording." msgstr "Estas opciones pueden usarse para configurar cualquier servicio." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1586 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:1593 sssd-session-recording.5.xml:64 #, fuzzy #| msgid "sudo_provider (string)" msgid "scope (string)" msgstr "sudo_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1593 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:1600 sssd-session-recording.5.xml:71 msgid "\"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1596 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:1603 sssd-session-recording.5.xml:74 msgid "No users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1601 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:1608 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1604 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:1611 sssd-session-recording.5.xml:82 #, fuzzy #| msgid "" #| "Append this user to groups specified by the <replaceable>GROUPS</" @@ -2213,17 +2221,17 @@ msgstr "" "replaceable> es una lista separada por comas de nombres de grupo." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1613 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:1620 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1616 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:1623 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1589 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:1596 sssd-session-recording.5.xml:67 #, fuzzy #| msgid "" #| "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" @@ -2236,21 +2244,21 @@ msgstr "" "\"0\"/>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1623 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:1630 sssd-session-recording.5.xml:101 #, fuzzy #| msgid "Default: none" msgid "Default: \"none\"" msgstr "Predeterminado: none" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1628 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:1635 sssd-session-recording.5.xml:106 #, fuzzy #| msgid "skel_dir (string)" msgid "users (string)" msgstr "skel_dir (cadena)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1631 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:1638 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording enabled. " "Matches user names as returned by NSS. I.e. after the possible space " @@ -2258,21 +2266,21 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1637 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:1644 sssd-session-recording.5.xml:115 #, fuzzy #| msgid "Default: empty, i.e. ldap_uri is used." msgid "Default: Empty. Matches no users." msgstr "Por defecto: vacio, esto es ldap_uri se está usando." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1642 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:1649 sssd-session-recording.5.xml:120 #, fuzzy #| msgid "ldap_group_name (string)" msgid "groups (string)" msgstr "ldap_group_name (cadena)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1645 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:1652 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " @@ -2280,7 +2288,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1651 sssd-session-recording.5.xml:129 +#: sssd.conf.5.xml:1658 sssd-session-recording.5.xml:129 msgid "" "NOTE: using this option (having it set to anything) has a considerable " "performance cost, because each uncached request for a user requires " @@ -2288,22 +2296,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1658 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:1665 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1668 +#: sssd.conf.5.xml:1675 msgid "DOMAIN SECTIONS" msgstr "SECCIONES DE DOMINIO" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1675 +#: sssd.conf.5.xml:1682 msgid "domain_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1678 +#: sssd.conf.5.xml:1685 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " @@ -2312,14 +2320,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1686 +#: sssd.conf.5.xml:1693 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1690 +#: sssd.conf.5.xml:1697 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " @@ -2328,31 +2336,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1698 +#: sssd.conf.5.xml:1705 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1702 +#: sssd.conf.5.xml:1709 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1706 +#: sssd.conf.5.xml:1713 msgid "Default: posix" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1712 +#: sssd.conf.5.xml:1719 msgid "min_id,max_id (integer)" msgstr "min_id, max_id (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1715 +#: sssd.conf.5.xml:1722 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." @@ -2361,7 +2369,7 @@ msgstr "" "está fuera de estos límites, ésta es ignorada." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1720 +#: sssd.conf.5.xml:1727 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -2374,48 +2382,64 @@ msgstr "" "reportados como en espera." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1727 +#: sssd.conf.5.xml:1734 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1731 +#: sssd.conf.5.xml:1738 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "Predeterminado: 1 para min_id, 0 (sin límite) para max_id" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1737 +#: sssd.conf.5.xml:1744 msgid "enumerate (bool)" msgstr "enumerar (bool)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1740 +#: sssd.conf.5.xml:1747 msgid "" -"Determines if a domain can be enumerated. This parameter can have one of the " -"following values:" +"Determines if a domain can be enumerated, that is, whether the domain can " +"list all the users and group it contains. Note that it is not required to " +"enable enumeration in order for secondary groups to be displayed. This " +"parameter can have one of the following values:" msgstr "" -"Determina si un dominio puede ser enumerado. Este parámetro puede tener uno " -"de los siguientes valores:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1744 +#: sssd.conf.5.xml:1755 msgid "TRUE = Users and groups are enumerated" msgstr "TRUE = Usuarios y grupos son enumerados" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1747 +#: sssd.conf.5.xml:1758 msgid "FALSE = No enumerations for this domain" msgstr "FALSE = Sin enumeraciones para este dominio" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1750 sssd.conf.5.xml:1965 sssd.conf.5.xml:2132 +#: sssd.conf.5.xml:1761 sssd.conf.5.xml:1983 sssd.conf.5.xml:2150 msgid "Default: FALSE" msgstr "Predeterminado: FALSE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1753 +#: sssd.conf.5.xml:1764 +msgid "" +"Enumerating a domain requires SSSD to download and store ALL user and group " +"entries from the remote server." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1769 +#, fuzzy +#| msgid "" +#| "Note: Enabling enumeration has a moderate performance impact on SSSD " +#| "while enumeration is running. It may take up to several minutes after " +#| "SSSD startup to fully complete enumerations. During this time, " +#| "individual requests for information will go directly to LDAP, though it " +#| "may be slow, due to the heavy enumeration processing. Saving a large " +#| "number of entries to cache after the enumeration completes might also be " +#| "CPU intensive as the memberships have to be recomputed." msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -2423,7 +2447,9 @@ msgid "" "information will go directly to LDAP, though it may be slow, due to the " "heavy enumeration processing. Saving a large number of entries to cache " "after the enumeration completes might also be CPU intensive as the " -"memberships have to be recomputed." +"memberships have to be recomputed. This can lead to the <quote>sssd_be</" +"quote> process becoming unresponsive or even restarted by the internal " +"watchdog." msgstr "" "Nota: Habilitar la enumeración tiene un impacto en el rendimiento moderado " "sobre SSSD mientras la enumeración está corriendo. Puede tomar varios " @@ -2435,7 +2461,7 @@ msgstr "" "las afiliaciones deben ser recalculadas." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1766 +#: sssd.conf.5.xml:1784 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." @@ -2445,7 +2471,7 @@ msgstr "" "completen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1771 +#: sssd.conf.5.xml:1789 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -2459,7 +2485,7 @@ msgstr "" "específico id_provider en uso." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1779 +#: sssd.conf.5.xml:1797 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." @@ -2468,32 +2494,32 @@ msgstr "" "especialmente en entornos grandes." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1787 +#: sssd.conf.5.xml:1805 msgid "subdomain_enumerate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1794 +#: sssd.conf.5.xml:1812 msgid "all" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1795 +#: sssd.conf.5.xml:1813 msgid "All discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1798 +#: sssd.conf.5.xml:1816 msgid "none" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1799 +#: sssd.conf.5.xml:1817 msgid "No discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1790 +#: sssd.conf.5.xml:1808 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -2502,12 +2528,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1813 +#: sssd.conf.5.xml:1831 msgid "entry_cache_timeout (integer)" msgstr "entry_cache_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1816 +#: sssd.conf.5.xml:1834 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" @@ -2516,7 +2542,7 @@ msgstr "" "volver a consultar al backend" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1820 +#: sssd.conf.5.xml:1838 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -2527,17 +2553,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1833 +#: sssd.conf.5.xml:1851 msgid "Default: 5400" msgstr "Predeterminado: 5400" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1839 +#: sssd.conf.5.xml:1857 msgid "entry_cache_user_timeout (integer)" msgstr "entry_cache_user_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1842 +#: sssd.conf.5.xml:1860 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" @@ -2546,19 +2572,19 @@ msgstr "" "antes de preguntar al punto final otra vez." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1846 sssd.conf.5.xml:1859 sssd.conf.5.xml:1872 -#: sssd.conf.5.xml:1885 sssd.conf.5.xml:1898 sssd.conf.5.xml:1912 -#: sssd.conf.5.xml:1926 +#: sssd.conf.5.xml:1864 sssd.conf.5.xml:1877 sssd.conf.5.xml:1890 +#: sssd.conf.5.xml:1903 sssd.conf.5.xml:1916 sssd.conf.5.xml:1930 +#: sssd.conf.5.xml:1944 msgid "Default: entry_cache_timeout" msgstr "Por defecto: entry_cache_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1852 +#: sssd.conf.5.xml:1870 msgid "entry_cache_group_timeout (integer)" msgstr "entry_cache_group_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1855 +#: sssd.conf.5.xml:1873 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" @@ -2567,12 +2593,12 @@ msgstr "" "antes de preguntar al punto final otra vez." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1865 +#: sssd.conf.5.xml:1883 msgid "entry_cache_netgroup_timeout (integer)" msgstr "entry_cache_netgroup_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1868 +#: sssd.conf.5.xml:1886 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" @@ -2581,12 +2607,12 @@ msgstr "" "válidas antes de preguntar al punto final otra vez." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1878 +#: sssd.conf.5.xml:1896 msgid "entry_cache_service_timeout (integer)" msgstr "entry_cache_service_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1881 +#: sssd.conf.5.xml:1899 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" @@ -2595,12 +2621,12 @@ msgstr "" "antes de preguntar al punto final otra vez." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1891 +#: sssd.conf.5.xml:1909 msgid "entry_cache_sudo_timeout (integer)" msgstr "entry_cache_sudo_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1894 +#: sssd.conf.5.xml:1912 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" @@ -2609,12 +2635,12 @@ msgstr "" "preguntar al backend otra vez." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1904 +#: sssd.conf.5.xml:1922 msgid "entry_cache_autofs_timeout (integer)" msgstr "entry_cache_autofs_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1907 +#: sssd.conf.5.xml:1925 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" @@ -2623,71 +2649,71 @@ msgstr "" "automontaje válidos antes de preguntar al punto final otra vez." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1918 +#: sssd.conf.5.xml:1936 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1921 +#: sssd.conf.5.xml:1939 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1932 +#: sssd.conf.5.xml:1950 msgid "refresh_expired_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1935 +#: sssd.conf.5.xml:1953 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1940 +#: sssd.conf.5.xml:1958 msgid "" "The background refresh will process users, groups and netgroups in the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1944 +#: sssd.conf.5.xml:1962 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1948 sssd-ldap.5.xml:746 sssd-ipa.5.xml:248 +#: sssd.conf.5.xml:1966 sssd-ldap.5.xml:746 sssd-ipa.5.xml:254 msgid "Default: 0 (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1954 +#: sssd.conf.5.xml:1972 msgid "cache_credentials (bool)" msgstr "cache_credentials (bool)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1957 +#: sssd.conf.5.xml:1975 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" "Determina si las credenciales del usuario están también escondidas en el " "cache LDB local" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1961 +#: sssd.conf.5.xml:1979 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" "Las credenciales de usuario son almacenadas en un hash SHA512, no en texto " "plano" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1971 +#: sssd.conf.5.xml:1989 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1974 +#: sssd.conf.5.xml:1992 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " @@ -2695,24 +2721,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1981 +#: sssd.conf.5.xml:1999 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1986 +#: sssd.conf.5.xml:2004 msgid "Default: 8" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1992 +#: sssd.conf.5.xml:2010 msgid "account_cache_expiration (integer)" msgstr "account_cache_expiration (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1995 +#: sssd.conf.5.xml:2013 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -2725,17 +2751,17 @@ msgstr "" "grande o igual que offline_credentials_expiration." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2002 +#: sssd.conf.5.xml:2020 msgid "Default: 0 (unlimited)" msgstr "Predeterminado: 0 (ilimitado)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2007 +#: sssd.conf.5.xml:2025 msgid "pwd_expiration_warning (integer)" msgstr "pwd_expiration_warning (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2018 +#: sssd.conf.5.xml:2036 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -2748,17 +2774,17 @@ msgstr "" "configurar un proveedor de autorización para el backend." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2025 +#: sssd.conf.5.xml:2043 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "Por defecto: 7 (Kerberos), 0 (LDAP)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2031 +#: sssd.conf.5.xml:2049 msgid "id_provider (string)" msgstr "id_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2034 +#: sssd.conf.5.xml:2052 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" @@ -2766,17 +2792,17 @@ msgstr "" "soportados son:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2038 +#: sssd.conf.5.xml:2056 msgid "<quote>proxy</quote>: Support a legacy NSS provider" msgstr "<quote>proxy</quote>: Soporta un proveedor NSS legado" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2041 sssd.conf.5.xml:2178 +#: sssd.conf.5.xml:2059 sssd.conf.5.xml:2196 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "<quote>local</quote>: Proveedor interno SSSD para usuarios locales" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2045 +#: sssd.conf.5.xml:2063 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -2787,8 +2813,8 @@ msgstr "" "información sobre la configuración de LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2053 sssd.conf.5.xml:2158 sssd.conf.5.xml:2213 -#: sssd.conf.5.xml:2276 +#: sssd.conf.5.xml:2071 sssd.conf.5.xml:2176 sssd.conf.5.xml:2231 +#: sssd.conf.5.xml:2294 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -2801,8 +2827,8 @@ msgstr "" "configuración de FreeIPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2062 sssd.conf.5.xml:2167 sssd.conf.5.xml:2222 -#: sssd.conf.5.xml:2285 +#: sssd.conf.5.xml:2080 sssd.conf.5.xml:2185 sssd.conf.5.xml:2240 +#: sssd.conf.5.xml:2303 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2814,12 +2840,12 @@ msgstr "" "Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2073 +#: sssd.conf.5.xml:2091 msgid "use_fully_qualified_names (bool)" msgstr "use_fully_qualified_names (bool)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2076 +#: sssd.conf.5.xml:2094 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." @@ -2829,7 +2855,7 @@ msgstr "" "NSS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2081 +#: sssd.conf.5.xml:2099 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -2843,7 +2869,7 @@ msgstr "" "command> lo haría." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2089 +#: sssd.conf.5.xml:2107 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -2851,22 +2877,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2096 +#: sssd.conf.5.xml:2114 msgid "Default: FALSE (TRUE if default_domain_suffix is used)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2102 +#: sssd.conf.5.xml:2120 msgid "ignore_group_members (bool)" msgstr "ignore_group_members (bool)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2105 +#: sssd.conf.5.xml:2123 msgid "Do not return group members for group lookups." msgstr "No devuelve miembros de grupo para búsquedas de grupo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2108 +#: sssd.conf.5.xml:2126 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -2878,7 +2904,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2126 +#: sssd.conf.5.xml:2144 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " @@ -2886,12 +2912,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2137 +#: sssd.conf.5.xml:2155 msgid "auth_provider (string)" msgstr "auth_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2140 +#: sssd.conf.5.xml:2158 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" @@ -2900,7 +2926,7 @@ msgstr "" "autenticación soportados son:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2144 sssd.conf.5.xml:2206 +#: sssd.conf.5.xml:2162 sssd.conf.5.xml:2224 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2911,7 +2937,7 @@ msgstr "" "citerefentry> para más información sobre la configuración LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2151 +#: sssd.conf.5.xml:2169 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2922,7 +2948,7 @@ msgstr "" "citerefentry> para más información sobre la configuración de Kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2175 +#: sssd.conf.5.xml:2193 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" @@ -2930,12 +2956,12 @@ msgstr "" "objetivo PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2182 +#: sssd.conf.5.xml:2200 msgid "<quote>none</quote> disables authentication explicitly." msgstr "<quote>none</quote> deshabilita la autenticación explícitamente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2185 +#: sssd.conf.5.xml:2203 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." @@ -2944,12 +2970,12 @@ msgstr "" "manejar las peticiones de autenticación." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2191 +#: sssd.conf.5.xml:2209 msgid "access_provider (string)" msgstr "access_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2194 +#: sssd.conf.5.xml:2212 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -2960,7 +2986,7 @@ msgstr "" "proveedores especiales internos son:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2200 +#: sssd.conf.5.xml:2218 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." @@ -2969,12 +2995,12 @@ msgstr "" "sólo permitido para un dominio local." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2203 +#: sssd.conf.5.xml:2221 msgid "<quote>deny</quote> always deny access." msgstr "<quote>deny</quote> siempre niega el acceso." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2230 +#: sssd.conf.5.xml:2248 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -2987,7 +3013,7 @@ msgstr "" "configuración del módulo de acceso sencillo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2237 +#: sssd.conf.5.xml:2255 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum></" @@ -2995,22 +3021,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2244 +#: sssd.conf.5.xml:2262 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2247 +#: sssd.conf.5.xml:2265 msgid "Default: <quote>permit</quote>" msgstr "Predeterminado: <quote>permit</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2252 +#: sssd.conf.5.xml:2270 msgid "chpass_provider (string)" msgstr "chpass_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2255 +#: sssd.conf.5.xml:2273 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" @@ -3019,7 +3045,7 @@ msgstr "" "el dominio. Los proveedores de cambio de passweord soportados son:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2260 +#: sssd.conf.5.xml:2278 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -3027,7 +3053,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2268 +#: sssd.conf.5.xml:2286 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3038,7 +3064,7 @@ msgstr "" "citerefentry> para más información sobre configurar Kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2293 +#: sssd.conf.5.xml:2311 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" @@ -3046,13 +3072,13 @@ msgstr "" "otros objetivos PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2297 +#: sssd.conf.5.xml:2315 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" "<quote>none</quote> deniega explícitamente los cambios en la contraseña." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2300 +#: sssd.conf.5.xml:2318 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." @@ -3061,18 +3087,18 @@ msgstr "" "puede manejar las peticiones de cambio de password." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2307 +#: sssd.conf.5.xml:2325 msgid "sudo_provider (string)" msgstr "sudo_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2310 +#: sssd.conf.5.xml:2328 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" "El proveedor SUDO usado por el dominio. Los proveedores SUDO soportados son:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2314 +#: sssd.conf.5.xml:2332 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3083,33 +3109,33 @@ msgstr "" "citerefentry> para más información sobre la configuración LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2322 +#: sssd.conf.5.xml:2340 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2326 +#: sssd.conf.5.xml:2344 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2330 +#: sssd.conf.5.xml:2348 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "<quote>none</quote>deshabilita SUDO explícitamente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2333 sssd.conf.5.xml:2411 sssd.conf.5.xml:2476 -#: sssd.conf.5.xml:2501 +#: sssd.conf.5.xml:2351 sssd.conf.5.xml:2437 sssd.conf.5.xml:2507 +#: sssd.conf.5.xml:2532 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" "Por defecto: el valor de <quote>id_provider</quote> se usa si está fijado." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2337 +#: sssd.conf.5.xml:2355 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -3119,13 +3145,22 @@ msgid "" "<manvolnum>5</manvolnum> </citerefentry>." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2370 +msgid "" +"<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " +"background unless the sudo provider is explicitly disabled. Set " +"<emphasis>sudo_provider = None</emphasis> to disable all sudo-related " +"activity in SSSD if you do not want to use sudo with SSSD at all." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2354 +#: sssd.conf.5.xml:2380 msgid "selinux_provider (string)" msgstr "selinux_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2357 +#: sssd.conf.5.xml:2383 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -3136,7 +3171,7 @@ msgstr "" "finalice. Los proveedores selinux soportados son:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2363 +#: sssd.conf.5.xml:2389 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3148,14 +3183,14 @@ msgstr "" "IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2371 +#: sssd.conf.5.xml:2397 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" "<quote>none</quote> deshabilita ir a buscar los ajustes selinux " "explícitamente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2374 +#: sssd.conf.5.xml:2400 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." @@ -3164,12 +3199,12 @@ msgstr "" "manejar las peticiones de carga selinux." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2380 +#: sssd.conf.5.xml:2406 msgid "subdomains_provider (string)" msgstr "subdomains_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2383 +#: sssd.conf.5.xml:2409 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" @@ -3179,7 +3214,7 @@ msgstr "" "soportados son:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2389 +#: sssd.conf.5.xml:2415 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3191,7 +3226,7 @@ msgstr "" "configuración de IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2398 +#: sssd.conf.5.xml:2424 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -3200,20 +3235,20 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2407 +#: sssd.conf.5.xml:2433 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" "<quote>none</quote> deshabilita el buscador de subdominios explícitamente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2417 +#: sssd.conf.5.xml:2443 #, fuzzy #| msgid "selinux_provider (string)" msgid "session_provider (string)" msgstr "selinux_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2420 +#: sssd.conf.5.xml:2446 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " @@ -3221,18 +3256,18 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2427 +#: sssd.conf.5.xml:2453 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2431 +#: sssd.conf.5.xml:2457 msgid "" "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2435 +#: sssd.conf.5.xml:2461 #, fuzzy #| msgid "" #| "Default: <quote>id_provider</quote> is used if it is set and can handle " @@ -3244,13 +3279,20 @@ msgstr "" "Por defecto: <quote>id_provider</quote> se usa si está fijado y puede " "manejar las peticiones de carga selinux." +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2465 +msgid "" +"<emphasis>NOTE:</emphasis> In order to have this feature working as expected " +"SSSD must be running as \"root\" and not as the unprivileged user." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2442 +#: sssd.conf.5.xml:2473 msgid "autofs_provider (string)" msgstr "autofs_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2445 +#: sssd.conf.5.xml:2476 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" @@ -3258,7 +3300,7 @@ msgstr "" "son:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2449 +#: sssd.conf.5.xml:2480 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3270,7 +3312,7 @@ msgstr "" "LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2456 +#: sssd.conf.5.xml:2487 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3282,7 +3324,7 @@ msgstr "" "IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2464 +#: sssd.conf.5.xml:2495 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3290,17 +3332,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2473 +#: sssd.conf.5.xml:2504 msgid "<quote>none</quote> disables autofs explicitly." msgstr "<quote>none</quote> deshabilita autofs explícitamente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2483 +#: sssd.conf.5.xml:2514 msgid "hostid_provider (string)" msgstr "hostid_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2486 +#: sssd.conf.5.xml:2517 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" @@ -3309,7 +3351,7 @@ msgstr "" "proveedores de hostid soportados son:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2490 +#: sssd.conf.5.xml:2521 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3321,12 +3363,12 @@ msgstr "" "configuración de IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2498 +#: sssd.conf.5.xml:2529 msgid "<quote>none</quote> disables hostid explicitly." msgstr "<quote>none</quote> deshabilita hostid explícitamente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2511 +#: sssd.conf.5.xml:2542 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -3336,7 +3378,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2520 +#: sssd.conf.5.xml:2551 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -3349,22 +3391,22 @@ msgstr "" "nombres de usuario:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2525 +#: sssd.conf.5.xml:2556 msgid "username" msgstr "nombre de usuario" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2528 +#: sssd.conf.5.xml:2559 msgid "username@domain.name" msgstr "username@domain.name" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2531 +#: sssd.conf.5.xml:2562 msgid "domain\\username" msgstr "dominio/nombre_de_usuario" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2534 +#: sssd.conf.5.xml:2565 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." @@ -3374,7 +3416,7 @@ msgstr "" "dominios Windows." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2539 +#: sssd.conf.5.xml:2570 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -3385,7 +3427,7 @@ msgstr "" "el nombre, el dominio es el resto detrás de este signo\"" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2545 +#: sssd.conf.5.xml:2576 msgid "" "PLEASE NOTE: the support for non-unique named subpatterns is not available " "on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre " @@ -3397,7 +3439,7 @@ msgstr "" "subplantillas sin nombre único." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2552 +#: sssd.conf.5.xml:2583 msgid "" "PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?" "P<name>) to label subpatterns." @@ -3406,17 +3448,17 @@ msgstr "" "soportan la sintaxis Python (?P<name>) para identificar subpatrones." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2599 +#: sssd.conf.5.xml:2630 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "Predeterminado: <quote>%1$s@%2$s</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2605 +#: sssd.conf.5.xml:2636 msgid "lookup_family_order (string)" msgstr "lookup_family_order (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2608 +#: sssd.conf.5.xml:2639 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." @@ -3425,42 +3467,42 @@ msgstr "" "a usar cuando se lleven a cabo búsquedas DNS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2612 +#: sssd.conf.5.xml:2643 msgid "Supported values:" msgstr "Valores soportados:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2615 +#: sssd.conf.5.xml:2646 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "ipv4_first: Intenta buscar dirección IPv4, si falla, intenta IPv6" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2618 +#: sssd.conf.5.xml:2649 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "ipv4_only: Sólo intenta resolver nombres de host a direccones IPv4." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2621 +#: sssd.conf.5.xml:2652 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "ipv6_first: Intenta buscar dirección IPv6, si falla, intenta IPv4" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2624 +#: sssd.conf.5.xml:2655 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "ipv6_only: Sólo intenta resolver nombres de host a direccones IPv6." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2627 +#: sssd.conf.5.xml:2658 msgid "Default: ipv4_first" msgstr "Predeterminado: ipv4_first" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2633 +#: sssd.conf.5.xml:2664 msgid "dns_resolver_timeout (integer)" msgstr "dns_resolver_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2636 +#: sssd.conf.5.xml:2667 #, fuzzy #| msgid "" #| "Defines the amount of time (in seconds) to wait for a reply from the DNS " @@ -3477,25 +3519,25 @@ msgstr "" "espera, el dominio continuará operativo en modo fuera de línea." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2643 +#: sssd.conf.5.xml:2674 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2648 sssd-ldap.5.xml:1278 sssd-ldap.5.xml:1320 -#: sssd-ldap.5.xml:1338 sssd-krb5.5.xml:248 +#: sssd.conf.5.xml:2679 sssd-ldap.5.xml:1396 sssd-ldap.5.xml:1438 +#: sssd-ldap.5.xml:1456 sssd-krb5.5.xml:248 msgid "Default: 6" msgstr "Predeterminado: 6" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2654 +#: sssd.conf.5.xml:2685 msgid "dns_discovery_domain (string)" msgstr "dns_discovery_domain (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2657 +#: sssd.conf.5.xml:2688 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." @@ -3504,53 +3546,53 @@ msgstr "" "de dominio de la pregunta al descubridor de servicio DNS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2661 +#: sssd.conf.5.xml:2692 msgid "Default: Use the domain part of machine's hostname" msgstr "" "Predeterminado: Utilizar la parte del dominio del nombre de host del equipo" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2667 +#: sssd.conf.5.xml:2698 msgid "override_gid (integer)" msgstr "override_gid (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2670 +#: sssd.conf.5.xml:2701 msgid "Override the primary GID value with the one specified." msgstr "Anula el valor primario GID con el especificado." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2676 +#: sssd.conf.5.xml:2707 msgid "case_sensitive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2684 +#: sssd.conf.5.xml:2715 msgid "True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2687 +#: sssd.conf.5.xml:2718 msgid "Case sensitive. This value is invalid for AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2693 +#: sssd.conf.5.xml:2724 msgid "False" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2695 +#: sssd.conf.5.xml:2726 msgid "Case insensitive." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2699 +#: sssd.conf.5.xml:2730 msgid "Preserving" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2702 +#: sssd.conf.5.xml:2733 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " @@ -3558,7 +3600,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2679 +#: sssd.conf.5.xml:2710 msgid "" "Treat user and group names as case sensitive. At the moment, this option is " "not supported in the local provider. Possible option values are: " @@ -3566,17 +3608,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2714 +#: sssd.conf.5.xml:2745 msgid "Default: True (False for AD provider)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2720 +#: sssd.conf.5.xml:2751 msgid "subdomain_inherit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2723 +#: sssd.conf.5.xml:2754 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " @@ -3584,34 +3626,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2729 +#: sssd.conf.5.xml:2760 msgid "ignore_group_members" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2732 +#: sssd.conf.5.xml:2763 msgid "ldap_purge_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2735 sssd-ldap.5.xml:1111 +#: sssd.conf.5.xml:2766 sssd-ldap.5.xml:1120 msgid "ldap_use_tokengroups" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2738 +#: sssd.conf.5.xml:2769 msgid "ldap_user_principal" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2741 +#: sssd.conf.5.xml:2772 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:2747 +#: sssd.conf.5.xml:2778 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" @@ -3619,32 +3661,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2745 sssd-secrets.5.xml:448 +#: sssd.conf.5.xml:2776 sssd-secrets.5.xml:448 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2754 +#: sssd.conf.5.xml:2785 msgid "Note: This option only works with the IPA and AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2761 +#: sssd.conf.5.xml:2792 msgid "subdomain_homedir (string)" msgstr "subdomain_homedir (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2772 +#: sssd.conf.5.xml:2803 msgid "%F" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2773 +#: sssd.conf.5.xml:2804 msgid "flat (NetBIOS) name of a subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2764 +#: sssd.conf.5.xml:2795 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -3654,7 +3696,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2778 +#: sssd.conf.5.xml:2809 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" @@ -3662,28 +3704,28 @@ msgstr "" "emphasis>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2782 +#: sssd.conf.5.xml:2813 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "Por defecto: <filename>/home/%d/%u</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2787 +#: sssd.conf.5.xml:2818 msgid "realmd_tags (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2790 +#: sssd.conf.5.xml:2821 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2796 +#: sssd.conf.5.xml:2827 msgid "cached_auth_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2799 +#: sssd.conf.5.xml:2830 msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " @@ -3691,20 +3733,58 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2805 +#: sssd.conf.5.xml:2836 msgid "Special value 0 implies that this feature is disabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2809 +#: sssd.conf.5.xml:2840 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " "<quote>initgroups.</quote>" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2851 +#, fuzzy +#| msgid "autofs_provider (string)" +msgid "auto_private_groups (string)" +msgstr "autofs_provider (cadena)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2854 +msgid "" +"If this option is enabled, SSSD will automatically create user private " +"groups based on user's UID number. The GID number is ignored in this case." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2859 +msgid "" +"For POSIX subdomains, setting the option in the main domain is inherited in " +"the subdomain." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2863 +msgid "" +"For ID-mapping subdomains, auto_private_groups is already enabled for the " +"subdomains and setting it to false will not have any effect for the " +"subdomain." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2868 +msgid "" +"NOTE: Because the GID number and the user private group are inferred from " +"the UID number, it is not supported to have multiple entries with the same " +"UID or GID number with this option. In other words, enabling this option " +"enforces uniqueness across the ID space." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1670 +#: sssd.conf.5.xml:1677 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -3716,17 +3796,17 @@ msgstr "" "id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2827 +#: sssd.conf.5.xml:2887 msgid "proxy_pam_target (string)" msgstr "proxy_pam_target (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2830 +#: sssd.conf.5.xml:2890 msgid "The proxy target PAM proxies to." msgstr "El proxy de destino PAM próximo a." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2833 +#: sssd.conf.5.xml:2893 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." @@ -3735,12 +3815,12 @@ msgstr "" "pam existente o crear una nueva y añadir el nombre de servicio aquí." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2841 +#: sssd.conf.5.xml:2901 msgid "proxy_lib_name (string)" msgstr "proxy_lib_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2844 +#: sssd.conf.5.xml:2904 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -3751,12 +3831,12 @@ msgstr "" "$(function), por ejemplo _nss_files_getpwent." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2854 +#: sssd.conf.5.xml:2914 msgid "proxy_fast_alias (boolean)" msgstr "proxy_fast_alias (booleano)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2857 +#: sssd.conf.5.xml:2917 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -3770,12 +3850,12 @@ msgstr "" "razones de rendimiento." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2871 +#: sssd.conf.5.xml:2931 msgid "proxy_max_children (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2874 +#: sssd.conf.5.xml:2934 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " @@ -3783,7 +3863,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:2823 +#: sssd.conf.5.xml:2883 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" @@ -3792,12 +3872,12 @@ msgstr "" "\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2890 +#: sssd.conf.5.xml:2950 msgid "Application domains" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2892 +#: sssd.conf.5.xml:2952 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> <refentrytitle>sssd-ifp</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) is appealing to " @@ -3814,7 +3894,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2912 +#: sssd.conf.5.xml:2972 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " @@ -3822,17 +3902,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:2918 +#: sssd.conf.5.xml:2978 msgid "Application domain parameters" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2920 +#: sssd.conf.5.xml:2980 msgid "inherit_from (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2923 +#: sssd.conf.5.xml:2983 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " @@ -3841,7 +3921,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2937 +#: sssd.conf.5.xml:2997 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " @@ -3851,7 +3931,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:2945 +#: sssd.conf.5.xml:3005 #, no-wrap msgid "" "[sssd]\n" @@ -3871,12 +3951,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2963 +#: sssd.conf.5.xml:3023 msgid "The local domain section" msgstr "La sección de dominio local" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2965 +#: sssd.conf.5.xml:3025 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -3887,29 +3967,29 @@ msgstr "" "utiliza <replaceable>id_provider=local</replaceable>." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2972 +#: sssd.conf.5.xml:3032 msgid "default_shell (string)" msgstr "default_shell (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2975 +#: sssd.conf.5.xml:3035 msgid "The default shell for users created with SSSD userspace tools." msgstr "" "El shell predeterminado para los usuarios creados con herramientas de " "espacio de usuario SSSD." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2979 +#: sssd.conf.5.xml:3039 msgid "Default: <filename>/bin/bash</filename>" msgstr "Predeterminado: <filename>/bin/bash</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2984 +#: sssd.conf.5.xml:3044 msgid "base_directory (string)" msgstr "base_directory (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2987 +#: sssd.conf.5.xml:3047 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." @@ -3919,17 +3999,17 @@ msgstr "" "de inicio." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2992 +#: sssd.conf.5.xml:3052 msgid "Default: <filename>/home</filename>" msgstr "Predeterminado: <filename>/home</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2997 +#: sssd.conf.5.xml:3057 msgid "create_homedir (bool)" msgstr "create_homedir (bool)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3000 +#: sssd.conf.5.xml:3060 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." @@ -3938,17 +4018,17 @@ msgstr "" "Puede ser anulado desde la línea de comando." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3004 sssd.conf.5.xml:3016 +#: sssd.conf.5.xml:3064 sssd.conf.5.xml:3076 msgid "Default: TRUE" msgstr "Predeterminado: TRUE" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3009 +#: sssd.conf.5.xml:3069 msgid "remove_homedir (bool)" msgstr "remove_homedir (bool)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3012 +#: sssd.conf.5.xml:3072 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." @@ -3957,12 +4037,12 @@ msgstr "" "borrados. Puede ser anulado desde la línea de comando." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3021 +#: sssd.conf.5.xml:3081 msgid "homedir_umask (integer)" msgstr "homedir_umask (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3024 +#: sssd.conf.5.xml:3084 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -3973,17 +4053,17 @@ msgstr "" "predeterminados en un directorio de inicio recién creado." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3032 +#: sssd.conf.5.xml:3092 msgid "Default: 077" msgstr "Predeterminado: 077" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3037 +#: sssd.conf.5.xml:3097 msgid "skel_dir (string)" msgstr "skel_dir (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3040 +#: sssd.conf.5.xml:3100 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -3996,17 +4076,17 @@ msgstr "" "<manvolnum>8</manvolnum></citerefentry>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3050 +#: sssd.conf.5.xml:3110 msgid "Default: <filename>/etc/skel</filename>" msgstr "Predeterminado: <filename>/etc/skel</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3055 +#: sssd.conf.5.xml:3115 msgid "mail_dir (string)" msgstr "mail_dir (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3058 +#: sssd.conf.5.xml:3118 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -4017,17 +4097,17 @@ msgstr "" "Si no se especifica, se utiliza un valor por defecto." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3065 +#: sssd.conf.5.xml:3125 msgid "Default: <filename>/var/mail</filename>" msgstr "Predeterminado: <filename>/var/mail</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3070 +#: sssd.conf.5.xml:3130 msgid "userdel_cmd (string)" msgstr "userdel_cmd (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3073 +#: sssd.conf.5.xml:3133 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -4038,17 +4118,17 @@ msgstr "" "único parámetro. El código de retorno del comando no es tenido en cuenta." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3079 +#: sssd.conf.5.xml:3139 msgid "Default: None, no command is run" msgstr "Predeterminado: None, no se ejecuta comando" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3089 +#: sssd.conf.5.xml:3149 msgid "TRUSTED DOMAIN SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3091 +#: sssd.conf.5.xml:3151 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called <quote>[domain/" @@ -4059,64 +4139,64 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3098 +#: sssd.conf.5.xml:3158 msgid "ldap_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3099 +#: sssd.conf.5.xml:3159 msgid "ldap_user_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3100 +#: sssd.conf.5.xml:3160 msgid "ldap_group_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3101 +#: sssd.conf.5.xml:3161 msgid "ldap_netgroup_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3102 +#: sssd.conf.5.xml:3162 msgid "ldap_service_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3103 +#: sssd.conf.5.xml:3163 msgid "ad_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3104 +#: sssd.conf.5.xml:3164 msgid "ad_backup_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3105 +#: sssd.conf.5.xml:3165 msgid "ad_site," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3106 +#: sssd.conf.5.xml:3166 msgid "use_fully_qualified_names" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3108 +#: sssd.conf.5.xml:3168 msgid "" "For more details about these options see their individual description in the " "manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3114 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:3174 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3120 +#: sssd.conf.5.xml:3180 #, no-wrap msgid "" "[sssd]\n" @@ -4170,7 +4250,7 @@ msgstr "" "enumerate = False\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3116 +#: sssd.conf.5.xml:3176 #, fuzzy #| msgid "" #| "The following example shows a typical SSSD config. It does not describe " @@ -4189,7 +4269,7 @@ msgstr "" "\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3153 +#: sssd.conf.5.xml:3213 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" @@ -4197,7 +4277,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3147 +#: sssd.conf.5.xml:3207 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -4257,7 +4337,7 @@ msgstr "" "información sobre la utilización de LDAP como proveedor de acceso." #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:75 sssd-ad.5.xml:99 +#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:81 sssd-ad.5.xml:112 #: sssd-krb5.5.xml:63 sssd-ifp.5.xml:44 sssd-files.5.xml:57 #: sssd-secrets.5.xml:120 sssd-session-recording.5.xml:58 sssd-kcm.8.xml:139 msgid "CONFIGURATION OPTIONS" @@ -4378,7 +4458,7 @@ msgstr "" "http://www.ietf.org/rfc/rfc2254.txt" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:662 sssd-ad.5.xml:270 +#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:662 sssd-ad.5.xml:283 #: sss_override.8.xml:137 sss_override.8.xml:234 msgid "Examples:" msgstr "Ejemplos:" @@ -4608,7 +4688,7 @@ msgid "The LDAP attribute that corresponds to the user's primary group id." msgstr "El atributo LDAP que corresponde al id del grupo primario del usuario." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:297 sssd-ldap.5.xml:920 +#: sssd-ldap.5.xml:297 sssd-ldap.5.xml:929 msgid "Default: gidNumber" msgstr "Predeterminado: gidNumber" @@ -4689,7 +4769,7 @@ msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:364 sssd-ldap.5.xml:946 +#: sssd-ldap.5.xml:364 sssd-ldap.5.xml:955 msgid "" "Default: not set in the general case, objectGUID for AD and ipaUniqueID for " "IPA" @@ -4710,7 +4790,7 @@ msgstr "" "es normalmente sólo necesario para servidores ActiveDirectory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:379 sssd-ldap.5.xml:961 +#: sssd-ldap.5.xml:379 sssd-ldap.5.xml:970 msgid "Default: objectSid for ActiveDirectory, not set for other servers." msgstr "" @@ -4720,7 +4800,7 @@ msgid "ldap_user_modify_timestamp (string)" msgstr "ldap_user_modify_timestamp (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:389 sssd-ldap.5.xml:971 sssd-ldap.5.xml:1194 +#: sssd-ldap.5.xml:389 sssd-ldap.5.xml:980 sssd-ldap.5.xml:1203 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." @@ -4729,7 +4809,7 @@ msgstr "" "objeto primario." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:393 sssd-ldap.5.xml:975 sssd-ldap.5.xml:1201 +#: sssd-ldap.5.xml:393 sssd-ldap.5.xml:984 sssd-ldap.5.xml:1210 msgid "Default: modifyTimestamp" msgstr "Predeterminado: modifyTimestamp" @@ -5107,7 +5187,7 @@ msgid "The LDAP attribute that contains the user's SSH public keys." msgstr "El atributo LDAP que contiene las claves públicas SSH del usuario." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:692 +#: sssd-ldap.5.xml:692 sssd-ldap.5.xml:1306 msgid "Default: sshPublicKey" msgstr "" @@ -5179,8 +5259,8 @@ msgid "The LDAP attribute that corresponds to the user's full name." msgstr "El atributo LDAP que corresponde al nombre completo del usuario." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:759 sssd-ldap.5.xml:1152 sssd-ldap.5.xml:1226 -#: sssd-ldap.5.xml:2276 sssd-ipa.5.xml:588 +#: sssd-ldap.5.xml:759 sssd-ldap.5.xml:1161 sssd-ldap.5.xml:1235 +#: sssd-ldap.5.xml:1344 sssd-ldap.5.xml:2394 sssd-ipa.5.xml:607 msgid "Default: cn" msgstr "Predeterminado: cn" @@ -5195,7 +5275,7 @@ msgid "The LDAP attribute that lists the user's group memberships." msgstr "El atributo LDAP que lista los afiliación a grupo de usario." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:772 +#: sssd-ldap.5.xml:772 sssd-ldap.5.xml:1274 msgid "Default: memberOf" msgstr "Predeterminado: memberOf" @@ -5355,81 +5435,91 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:881 +msgid "" +"Note: If an email address of a user conflicts with an email address or fully " +"qualified name of another user, then SSSD will not be able to serve those " +"users properly. If for some reason several users need to share the same " +"email address then set this option to a nonexistent attribute name in order " +"to disable user lookup/login by email." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:890 msgid "Default: mail" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:887 +#: sssd-ldap.5.xml:896 msgid "ldap_group_object_class (string)" msgstr "ldap_group_object_class (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:890 +#: sssd-ldap.5.xml:899 msgid "The object class of a group entry in LDAP." msgstr "La clase de objeto de una entrada de grupo LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:893 +#: sssd-ldap.5.xml:902 msgid "Default: posixGroup" msgstr "Por defecto: posixGroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:899 +#: sssd-ldap.5.xml:908 msgid "ldap_group_name (string)" msgstr "ldap_group_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:902 +#: sssd-ldap.5.xml:911 msgid "The LDAP attribute that corresponds to the group name." msgstr "El atributo LDAP que corresponde al nombre de grupo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:906 +#: sssd-ldap.5.xml:915 msgid "Default: cn (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:913 +#: sssd-ldap.5.xml:922 msgid "ldap_group_gid_number (string)" msgstr "ldap_group_gid_number (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:916 +#: sssd-ldap.5.xml:925 msgid "The LDAP attribute that corresponds to the group's id." msgstr "El atributo LDAP que corresponde al id del grupo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:926 +#: sssd-ldap.5.xml:935 msgid "ldap_group_member (string)" msgstr "ldap_group_member (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:929 +#: sssd-ldap.5.xml:938 msgid "The LDAP attribute that contains the names of the group's members." msgstr "El atributo LDAP que contiene los nombres de los miembros del grupo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:933 +#: sssd-ldap.5.xml:942 msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" msgstr "Valor predeterminado: memberuid (rfc2307) / member (rfc2307bis)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:939 +#: sssd-ldap.5.xml:948 msgid "ldap_group_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:942 +#: sssd-ldap.5.xml:951 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:953 +#: sssd-ldap.5.xml:962 msgid "ldap_group_objectsid (string)" msgstr "ldap_group_objectsid (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:956 +#: sssd-ldap.5.xml:965 msgid "" "The LDAP attribute that contains the objectSID of an LDAP group object. This " "is usually only necessary for ActiveDirectory servers." @@ -5438,24 +5528,24 @@ msgstr "" "normalmente sólo necesario para servidores ActiveDirectory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:968 +#: sssd-ldap.5.xml:977 msgid "ldap_group_modify_timestamp (string)" msgstr "ldap_group_modify_timestamp (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:981 +#: sssd-ldap.5.xml:990 msgid "ldap_group_type (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:984 +#: sssd-ldap.5.xml:993 msgid "" "The LDAP attribute that contains an integer value indicating the type of the " "group and maybe other flags." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:989 +#: sssd-ldap.5.xml:998 msgid "" "This attribute is currently only used by the AD provider to determine if a " "group is a domain local groups and has to be filtered out for trusted " @@ -5463,34 +5553,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:995 +#: sssd-ldap.5.xml:1004 msgid "Default: groupType in the AD provider, otherwise not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1002 +#: sssd-ldap.5.xml:1011 msgid "ldap_group_external_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1005 +#: sssd-ldap.5.xml:1014 msgid "" "The LDAP attribute that references group members that are defined in an " "external domain. At the moment, only IPA's external members are supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1011 +#: sssd-ldap.5.xml:1020 msgid "Default: ipaExternalMember in the IPA provider, otherwise unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1018 +#: sssd-ldap.5.xml:1027 msgid "ldap_group_nesting_level (integer)" msgstr "ldap_group_nesting_level (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1021 +#: sssd-ldap.5.xml:1030 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -5502,7 +5592,7 @@ msgstr "" "esquema RFC2307." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1028 +#: sssd-ldap.5.xml:1037 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -5512,7 +5602,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1037 +#: sssd-ldap.5.xml:1046 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " @@ -5522,17 +5612,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1046 +#: sssd-ldap.5.xml:1055 msgid "Default: 2" msgstr "Predeterminado: 2" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1052 +#: sssd-ldap.5.xml:1061 msgid "ldap_groups_use_matching_rule_in_chain" msgstr "ldap_groups_use_matching_rule_in_chain" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1055 +#: sssd-ldap.5.xml:1064 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which may speed up group lookup operations on deployments with " @@ -5543,7 +5633,7 @@ msgstr "" "despliegues con grupos complejos o profundamente anidados." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1061 +#: sssd-ldap.5.xml:1070 msgid "" "In most common cases, it is best to leave this option disabled. It generally " "only provides a performance increase on very complex nestings." @@ -5553,7 +5643,7 @@ msgstr "" "muy complejos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1066 sssd-ldap.5.xml:1093 +#: sssd-ldap.5.xml:1075 sssd-ldap.5.xml:1102 msgid "" "If this option is enabled, SSSD will use it if it detects that the server " "supports it during initial connection. So \"True\" here essentially means " @@ -5564,7 +5654,7 @@ msgstr "" "esencialmente “auto-detect”." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1072 sssd-ldap.5.xml:1099 +#: sssd-ldap.5.xml:1081 sssd-ldap.5.xml:1108 msgid "" "Note: This feature is currently known to work only with Active Directory " "2008 R1 and later. See <ulink url=\"http://msdn.microsoft.com/en-us/library/" @@ -5577,12 +5667,12 @@ msgstr "" "documentation</ulink> para más detalles." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1084 +#: sssd-ldap.5.xml:1093 msgid "ldap_initgroups_use_matching_rule_in_chain" msgstr "ldap_initgroups_use_matching_rule_in_chain" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1087 +#: sssd-ldap.5.xml:1096 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which might speed up initgroups operations (most notably when " @@ -5593,80 +5683,80 @@ msgstr "" "notable cuando se trata con grupos complejos o profundamente anidados)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1114 +#: sssd-ldap.5.xml:1123 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1119 +#: sssd-ldap.5.xml:1128 msgid "Default: True for AD and IPA otherwise False." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1125 +#: sssd-ldap.5.xml:1134 msgid "ldap_netgroup_object_class (string)" msgstr "ldap_netgroup_object_class (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1128 +#: sssd-ldap.5.xml:1137 msgid "The object class of a netgroup entry in LDAP." msgstr "La clase de objeto de una entrada netgroup en LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1131 +#: sssd-ldap.5.xml:1140 msgid "In IPA provider, ipa_netgroup_object_class should be used instead." msgstr "En proveedor IPA, ipa_netgroup_object_class, se usaría en su lugar." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1135 +#: sssd-ldap.5.xml:1144 msgid "Default: nisNetgroup" msgstr "Predeterminado: nisNetgroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1141 +#: sssd-ldap.5.xml:1150 msgid "ldap_netgroup_name (string)" msgstr "ldap_netgroup_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1144 +#: sssd-ldap.5.xml:1153 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "El atributo LDAP que corresponde al nombre del netgroup." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1148 +#: sssd-ldap.5.xml:1157 msgid "In IPA provider, ipa_netgroup_name should be used instead." msgstr "Un proveedor IPA, ipa_netgroup_name sería usado en su lugar." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1158 +#: sssd-ldap.5.xml:1167 msgid "ldap_netgroup_member (string)" msgstr "ldap_netgroup_member (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1161 +#: sssd-ldap.5.xml:1170 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "" "El atributo LDAP que contiene los nombres de los miembros de grupo de red." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1165 +#: sssd-ldap.5.xml:1174 msgid "In IPA provider, ipa_netgroup_member should be used instead." msgstr "Un proveedor IPA, ipa_netgroup_member sería usado en su lugar." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1169 +#: sssd-ldap.5.xml:1178 msgid "Default: memberNisNetgroup" msgstr "Predeterminado: memberNisNetgroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1175 +#: sssd-ldap.5.xml:1184 msgid "ldap_netgroup_triple (string)" msgstr "ldap_netgroup_triple (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1178 +#: sssd-ldap.5.xml:1187 msgid "" "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" @@ -5674,42 +5764,176 @@ msgstr "" "de red." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1182 sssd-ldap.5.xml:1198 +#: sssd-ldap.5.xml:1191 sssd-ldap.5.xml:1207 msgid "This option is not available in IPA provider." msgstr "Esta opción no está disponible en el proveedor IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1185 +#: sssd-ldap.5.xml:1194 msgid "Default: nisNetgroupTriple" msgstr "Predeterminado: nisNetgroupTriple" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1191 +#: sssd-ldap.5.xml:1200 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "ldap_netgroup_modify_timestamp (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1207 -msgid "ldap_service_object_class (string)" -msgstr "ldap_service_object_class (cadena)" +#: sssd-ldap.5.xml:1216 +#, fuzzy +#| msgid "ldap_user_object_class (string)" +msgid "ldap_host_object_class (string)" +msgstr "ldap_user_object_class (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1210 -msgid "The object class of a service entry in LDAP." -msgstr "La clase objeto de una entrada de servicio en LDAP." +#: sssd-ldap.5.xml:1219 +#, fuzzy +#| msgid "The object class of a user entry in LDAP." +msgid "The object class of a host entry in LDAP." +msgstr "La clase de objeto de una entrada de usuario en LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1213 +#: sssd-ldap.5.xml:1222 sssd-ldap.5.xml:1331 msgid "Default: ipService" msgstr "Por defecto: ipService" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1219 +#: sssd-ldap.5.xml:1228 +#, fuzzy +#| msgid "ad_hostname (string)" +msgid "ldap_host_name (string)" +msgstr "ad_hostname (cadena)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1231 sssd-ldap.5.xml:1257 +#, fuzzy +#| msgid "The LDAP attribute that corresponds to the group name." +msgid "The LDAP attribute that corresponds to the host's name." +msgstr "El atributo LDAP que corresponde al nombre de grupo." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1241 +#, fuzzy +#| msgid "ldap_sudo_hostnames (string)" +msgid "ldap_host_fqdn (string)" +msgstr "ldap_sudo_hostnames (cadena)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1244 +#, fuzzy +#| msgid "The LDAP attribute that corresponds to the user's full name." +msgid "" +"The LDAP attribute that corresponds to the host's fully-qualified domain " +"name." +msgstr "El atributo LDAP que corresponde al nombre completo del usuario." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1248 +#, fuzzy +#| msgid "Default: cn" +msgid "Default: fqdn" +msgstr "Predeterminado: cn" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1254 +#, fuzzy +#| msgid "ldap_dns_service_name (string)" +msgid "ldap_host_serverhostname (string)" +msgstr "ldap_dns_service_name (cadena)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1261 +#, fuzzy +#| msgid "Default: sudoHost" +msgid "Default: serverHostname" +msgstr "Por defecto: sudoHost" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1267 +#, fuzzy +#| msgid "ldap_user_member_of (string)" +msgid "ldap_host_member_of (string)" +msgstr "ldap_user_member_of (cadena)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1270 +#, fuzzy +#| msgid "The LDAP attribute that lists the user's group memberships." +msgid "The LDAP attribute that lists the host's group memberships." +msgstr "El atributo LDAP que lista los afiliación a grupo de usario." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1280 +#, fuzzy +#| msgid "ipa_host_search_base (string)" +msgid "ldap_host_search_base (string)" +msgstr "ipa_host_search_base (cadena)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1283 +msgid "Optional. Use the given string as search base for host objects." +msgstr "Opcional. Usa la cadena dada como base de búsqueda para objetos host." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1287 sssd-ipa.5.xml:359 sssd-ipa.5.xml:378 +#: sssd-ipa.5.xml:397 sssd-ipa.5.xml:416 +msgid "" +"See <quote>ldap_search_base</quote> for information about configuring " +"multiple search bases." +msgstr "" +"Vea <quote>ldap_search_base</quote> para información sobre la configuración " +"de múltiples bases de búsqueda." + +#. type: Content of: <listitem><para> +#: sssd-ldap.5.xml:1292 sssd-ipa.5.xml:364 include/ldap_search_bases.xml:27 +msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" +msgstr "Predeterminado: el valor de <emphasis>ldap_search_base</emphasis>" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1299 +#, fuzzy +#| msgid "ldap_user_ssh_public_key (string)" +msgid "ldap_host_ssh_public_key (string)" +msgstr "ldap_user_ssh_public_key (cadena)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1302 +#, fuzzy +#| msgid "The LDAP attribute that contains the user's SSH public keys." +msgid "The LDAP attribute that contains the host's SSH public keys." +msgstr "El atributo LDAP que contiene las claves públicas SSH del usuario." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1312 +#, fuzzy +#| msgid "ldap_sasl_authid (string)" +msgid "ldap_host_uuid (string)" +msgstr "ldap_sasl_authid (cadena)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1315 +#, fuzzy +#| msgid "The LDAP attribute that contains the port managed by this service." +msgid "The LDAP attribute that contains the UUID/GUID of an LDAP host object." +msgstr "El atributo LDAP que contiene el puerto manejado por este servicio." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1325 +msgid "ldap_service_object_class (string)" +msgstr "ldap_service_object_class (cadena)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1328 +msgid "The object class of a service entry in LDAP." +msgstr "La clase objeto de una entrada de servicio en LDAP." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1337 msgid "ldap_service_name (string)" msgstr "ldap_service_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1222 +#: sssd-ldap.5.xml:1340 msgid "" "The LDAP attribute that contains the name of service attributes and their " "aliases." @@ -5717,49 +5941,49 @@ msgstr "" "El atributo LDAP que contiene el nombre de servicio de atributos y sus alias." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1232 +#: sssd-ldap.5.xml:1350 msgid "ldap_service_port (string)" msgstr "ldap_service_port (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1235 +#: sssd-ldap.5.xml:1353 msgid "The LDAP attribute that contains the port managed by this service." msgstr "El atributo LDAP que contiene el puerto manejado por este servicio." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1239 +#: sssd-ldap.5.xml:1357 msgid "Default: ipServicePort" msgstr "Por defecto: ipServicePort" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1245 +#: sssd-ldap.5.xml:1363 msgid "ldap_service_proto (string)" msgstr "ldap_service_proto (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1248 +#: sssd-ldap.5.xml:1366 msgid "" "The LDAP attribute that contains the protocols understood by this service." msgstr "" "El atributo LDAP que contiene los protocolos entendidos por este servicio." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1252 +#: sssd-ldap.5.xml:1370 msgid "Default: ipServiceProtocol" msgstr "Por defecto: ipServiceProtocol" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1258 +#: sssd-ldap.5.xml:1376 msgid "ldap_service_search_base (string)" msgstr "ldap_service_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1263 +#: sssd-ldap.5.xml:1381 msgid "ldap_search_timeout (integer)" msgstr "ldap_search_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1266 +#: sssd-ldap.5.xml:1384 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -5770,7 +5994,7 @@ msgstr "" "escondidos devueltos (y se entra en modo fuera de línea)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1272 +#: sssd-ldap.5.xml:1390 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -5781,12 +6005,12 @@ msgstr "" "espera para tipos específicos de búsqueda." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1284 +#: sssd-ldap.5.xml:1402 msgid "ldap_enumeration_search_timeout (integer)" msgstr "ldap_enumeration_search_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1287 +#: sssd-ldap.5.xml:1405 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -5798,12 +6022,12 @@ msgstr "" "fuera de línea)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1300 +#: sssd-ldap.5.xml:1418 msgid "ldap_network_timeout (integer)" msgstr "ldap_network_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1303 +#: sssd-ldap.5.xml:1421 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -5820,12 +6044,12 @@ msgstr "" "citerefentry> vuelve en caso de no actividad." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1326 +#: sssd-ldap.5.xml:1444 msgid "ldap_opt_timeout (integer)" msgstr "ldap_opt_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1329 +#: sssd-ldap.5.xml:1447 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -5834,12 +6058,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1344 +#: sssd-ldap.5.xml:1462 msgid "ldap_connection_expire_timeout (integer)" msgstr "ldap_connection_expire_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1347 +#: sssd-ldap.5.xml:1465 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -5852,17 +6076,17 @@ msgstr "" "temprano (este valor contra el tiempo de vida TGT)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1355 sssd-ldap.5.xml:2433 +#: sssd-ldap.5.xml:1473 sssd-ldap.5.xml:2551 msgid "Default: 900 (15 minutes)" msgstr "Predeterminado: 900 (15 minutos)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1361 +#: sssd-ldap.5.xml:1479 msgid "ldap_page_size (integer)" msgstr "ldap_page_size (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1364 +#: sssd-ldap.5.xml:1482 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." @@ -5871,17 +6095,17 @@ msgstr "" "Algunos servidores LDAP hacen cumplir un límite máximo por petición." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1369 +#: sssd-ldap.5.xml:1487 msgid "Default: 1000" msgstr "Predeterminado: 1000" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1375 +#: sssd-ldap.5.xml:1493 msgid "ldap_disable_paging (boolean)" msgstr "ldap_disable_paging (booleano)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1378 +#: sssd-ldap.5.xml:1496 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -5892,7 +6116,7 @@ msgstr "" "RootDSE pero no está habilitado o no se comporta apropiadamente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1384 +#: sssd-ldap.5.xml:1502 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." @@ -5902,7 +6126,7 @@ msgstr "" "pero es incapaz de usarlo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1390 +#: sssd-ldap.5.xml:1508 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -5913,17 +6137,17 @@ msgstr "" "puede ocasionar que algunas peticiones sean denegadas." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1402 +#: sssd-ldap.5.xml:1520 msgid "ldap_disable_range_retrieval (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1405 +#: sssd-ldap.5.xml:1523 msgid "Disable Active Directory range retrieval." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1408 +#: sssd-ldap.5.xml:1526 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -5933,12 +6157,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1423 +#: sssd-ldap.5.xml:1541 msgid "ldap_sasl_minssf (integer)" msgstr "ldap_sasl_minssf (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1426 +#: sssd-ldap.5.xml:1544 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -5949,19 +6173,19 @@ msgstr "" "de esta opción son definidos por OpenLDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1432 +#: sssd-ldap.5.xml:1550 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" "Por defecto: Usa el sistema por defecto (normalmente especificado por ldap." "conf)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1439 +#: sssd-ldap.5.xml:1557 msgid "ldap_deref_threshold (integer)" msgstr "ldap_deref_threshold (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1442 +#: sssd-ldap.5.xml:1560 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -5972,7 +6196,7 @@ msgstr "" "deference. Si hay menos miembros desaparecidos, se buscarán individualmente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1448 +#: sssd-ldap.5.xml:1566 msgid "" "You can turn off dereference lookups completely by setting the value to 0." msgstr "" @@ -5980,7 +6204,7 @@ msgstr "" "a 0." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1452 +#: sssd-ldap.5.xml:1570 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -5993,7 +6217,7 @@ msgstr "" "soportados son 389/RHDS, OpenLDAP y Active Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1460 +#: sssd-ldap.5.xml:1578 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -6004,12 +6228,12 @@ msgstr "" "será deshabilitado sin tener en cuenta este ajuste." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1473 +#: sssd-ldap.5.xml:1591 msgid "ldap_tls_reqcert (string)" msgstr "ldap_tls_reqcert (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1476 +#: sssd-ldap.5.xml:1594 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" @@ -6019,7 +6243,7 @@ msgstr "" "los siguientes valores:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1482 +#: sssd-ldap.5.xml:1600 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." @@ -6028,7 +6252,7 @@ msgstr "" "certificado de servidor." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1486 +#: sssd-ldap.5.xml:1604 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -6039,7 +6263,7 @@ msgstr "" "certificado malo, será ignorado y la sesión continua normalmente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1493 +#: sssd-ldap.5.xml:1611 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -6050,7 +6274,7 @@ msgstr "" "certificado malo, la sesión se termina inmediatamente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1499 +#: sssd-ldap.5.xml:1617 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -6061,22 +6285,22 @@ msgstr "" "termina inmediatamente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1505 +#: sssd-ldap.5.xml:1623 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "<emphasis>hard</emphasis> = Igual que <quote>demand</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1509 +#: sssd-ldap.5.xml:1627 msgid "Default: hard" msgstr "Predeterminado: hard" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1515 +#: sssd-ldap.5.xml:1633 msgid "ldap_tls_cacert (string)" msgstr "ldap_tls_cacert (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1518 +#: sssd-ldap.5.xml:1636 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." @@ -6085,7 +6309,7 @@ msgstr "" "de Certificación que <command>sssd</command> reconocerá." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1523 sssd-ldap.5.xml:1541 sssd-ldap.5.xml:1582 +#: sssd-ldap.5.xml:1641 sssd-ldap.5.xml:1659 sssd-ldap.5.xml:1700 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" @@ -6094,12 +6318,12 @@ msgstr "" "etc/openldap/ldap.conf</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1530 +#: sssd-ldap.5.xml:1648 msgid "ldap_tls_cacertdir (string)" msgstr "ldap_tls_cacertdir (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1533 +#: sssd-ldap.5.xml:1651 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -6113,33 +6337,33 @@ msgstr "" "para crear los nombres correctos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1548 +#: sssd-ldap.5.xml:1666 msgid "ldap_tls_cert (string)" msgstr "ldap_tls_cert (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1551 +#: sssd-ldap.5.xml:1669 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" "Especifica el fichero que contiene el certificado para la clave del cliente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1561 +#: sssd-ldap.5.xml:1679 msgid "ldap_tls_key (string)" msgstr "ldap_tls_key (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1564 +#: sssd-ldap.5.xml:1682 msgid "Specifies the file that contains the client's key." msgstr "Especifica el archivo que contiene la clave del cliente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1573 +#: sssd-ldap.5.xml:1691 msgid "ldap_tls_cipher_suite (string)" msgstr "ldap_tls_cipher_suite (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1576 +#: sssd-ldap.5.xml:1694 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -6147,12 +6371,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1589 +#: sssd-ldap.5.xml:1707 msgid "ldap_id_use_start_tls (boolean)" msgstr "ldap_id_use_start_tls (booleano)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1592 +#: sssd-ldap.5.xml:1710 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." @@ -6161,12 +6385,12 @@ msgstr "" "<systemitem class=\"protocol\">tls</systemitem> para proteger el canal." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1602 +#: sssd-ldap.5.xml:1720 msgid "ldap_id_mapping (boolean)" msgstr "ldap_id_mapping (booleano)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1605 +#: sssd-ldap.5.xml:1723 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -6177,18 +6401,18 @@ msgstr "" "ldap_user_uid_number y ldap_group_gid_number." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1611 +#: sssd-ldap.5.xml:1729 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" "Actualmente está función soporta sólo mapeos de objectSID de ActiveDirectory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1621 +#: sssd-ldap.5.xml:1739 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1624 +#: sssd-ldap.5.xml:1742 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -6199,17 +6423,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1636 +#: sssd-ldap.5.xml:1754 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1642 +#: sssd-ldap.5.xml:1760 msgid "ldap_sasl_mech (string)" msgstr "ldap_sasl_mech (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1645 +#: sssd-ldap.5.xml:1763 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI is tested and " "supported." @@ -6218,12 +6442,12 @@ msgstr "" "probado y soportado." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1655 +#: sssd-ldap.5.xml:1773 msgid "ldap_sasl_authid (string)" msgstr "ldap_sasl_authid (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1658 +#: sssd-ldap.5.xml:1776 msgid "" "Specify the SASL authorization id to use. When GSSAPI is used, this " "represents the Kerberos principal used for authentication to the directory. " @@ -6236,17 +6460,17 @@ msgstr "" "myhost@EXAMPLE.COM) o sólo en nombre principal (por ejemplo host/myhost)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1666 +#: sssd-ldap.5.xml:1784 msgid "Default: host/hostname@REALM" msgstr "Por defecto: host/nombre_de_host@REALM" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1672 +#: sssd-ldap.5.xml:1790 msgid "ldap_sasl_realm (string)" msgstr "ldap_sasl_realm (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1675 +#: sssd-ldap.5.xml:1793 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -6257,17 +6481,17 @@ msgstr "" "reino también, esta opción se ignora." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1681 +#: sssd-ldap.5.xml:1799 msgid "Default: the value of krb5_realm." msgstr "Por defecto: el valor de krb5_realm." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1687 +#: sssd-ldap.5.xml:1805 msgid "ldap_sasl_canonicalize (boolean)" msgstr "ldap_sasl_canonicalize (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1690 +#: sssd-ldap.5.xml:1808 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." @@ -6276,34 +6500,34 @@ msgstr "" "para para canocalizar el nombre de host durante una unión SASL." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1695 +#: sssd-ldap.5.xml:1813 msgid "Default: false;" msgstr "Predeterminado: false;" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1701 +#: sssd-ldap.5.xml:1819 msgid "ldap_krb5_keytab (string)" msgstr "ldap_krb5_keytab (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1704 +#: sssd-ldap.5.xml:1822 msgid "Specify the keytab to use when using SASL/GSSAPI." msgstr "Especifica la keytab a usar cuando se utilice SASL/GSSAPI." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1707 +#: sssd-ldap.5.xml:1825 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" "Por defecto: Keytab del sistema, normalmente <filename>/etc/krb5.keytab</" "filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1713 +#: sssd-ldap.5.xml:1831 msgid "ldap_krb5_init_creds (boolean)" msgstr "ldap_krb5_init_creds (booleano)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1716 +#: sssd-ldap.5.xml:1834 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -6314,27 +6538,27 @@ msgstr "" "es GSSAPI." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1728 +#: sssd-ldap.5.xml:1846 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "ldap_krb5_ticket_lifetime (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1731 +#: sssd-ldap.5.xml:1849 msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." msgstr "Especifica el tiempo de vida en segundos del TGT si se usa GSSAPI." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1735 sssd-ad.5.xml:914 +#: sssd-ldap.5.xml:1853 sssd-ad.5.xml:934 msgid "Default: 86400 (24 hours)" msgstr "Predeterminado: 86400 (24 horas)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1741 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1859 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "krb5_server, krb5_backup_server (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1744 +#: sssd-ldap.5.xml:1862 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -6353,7 +6577,7 @@ msgstr "" "información, vea la sección <quote>SERVICE DISCOVERY</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1756 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1874 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -6364,7 +6588,7 @@ msgstr "" "regresa a _tcp si no se encuentra nada." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1761 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1879 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -6376,29 +6600,29 @@ msgstr "" "configuración para usar <quote>krb5_server</quote> en su lugar." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1770 sssd-ipa.5.xml:432 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1888 sssd-ipa.5.xml:428 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "krb5_realm (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1773 +#: sssd-ldap.5.xml:1891 msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." msgstr "Especifica el REALM Kerberos (para autorización SASL/GSSAPI)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1776 +#: sssd-ldap.5.xml:1894 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" "Predeterminado: Predeterminados del sistema, vea <filename>/etc/krb5.conf</" "filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1782 sssd-krb5.5.xml:462 +#: sssd-ldap.5.xml:1900 sssd-krb5.5.xml:462 msgid "krb5_canonicalize (boolean)" msgstr "krb5_canonicalize (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1785 +#: sssd-ldap.5.xml:1903 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" @@ -6407,12 +6631,12 @@ msgstr "" "servidor LDAP. Esta función está disponible con MIT Kerberos >= 1.7" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1797 sssd-krb5.5.xml:477 +#: sssd-ldap.5.xml:1915 sssd-krb5.5.xml:477 msgid "krb5_use_kdcinfo (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1800 sssd-krb5.5.xml:480 +#: sssd-ldap.5.xml:1918 sssd-krb5.5.xml:480 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -6422,7 +6646,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1811 sssd-krb5.5.xml:491 +#: sssd-ldap.5.xml:1929 sssd-krb5.5.xml:491 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -6430,12 +6654,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1825 +#: sssd-ldap.5.xml:1943 msgid "ldap_pwd_policy (string)" msgstr "ldap_pwd_policy (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1828 +#: sssd-ldap.5.xml:1946 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" @@ -6444,7 +6668,7 @@ msgstr "" "del cliente. Los siguientes valores son permitidos:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1833 +#: sssd-ldap.5.xml:1951 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." @@ -6453,7 +6677,7 @@ msgstr "" "no puede deshabilitar las políticas de password en el lado servidor." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1838 +#: sssd-ldap.5.xml:1956 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -6464,7 +6688,7 @@ msgstr "" "manvolnum></citerefentry> para evaluar si la contraseña ha expirado." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1844 +#: sssd-ldap.5.xml:1962 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -6476,26 +6700,26 @@ msgstr "" "password." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1853 +#: sssd-ldap.5.xml:1971 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1861 +#: sssd-ldap.5.xml:1979 msgid "ldap_referrals (boolean)" msgstr "ldap_referrals (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1864 +#: sssd-ldap.5.xml:1982 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" "Especifica si el seguimiento de referencias automático debería ser " "habilitado." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1868 +#: sssd-ldap.5.xml:1986 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." @@ -6504,7 +6728,7 @@ msgstr "" "está compilado con OpenLDAP versión 2.4.13 o más alta." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1873 +#: sssd-ldap.5.xml:1991 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -6517,29 +6741,29 @@ msgstr "" "esta opción a false le llevará a una notable mejora de rendimiento." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1887 +#: sssd-ldap.5.xml:2005 msgid "ldap_dns_service_name (string)" msgstr "ldap_dns_service_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1890 +#: sssd-ldap.5.xml:2008 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" "Especifica el nombre del servicio para utilizar cuando está habilitado el " "servicio de descubrimiento." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1894 +#: sssd-ldap.5.xml:2012 msgid "Default: ldap" msgstr "Predeterminado: ldap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1900 +#: sssd-ldap.5.xml:2018 msgid "ldap_chpass_dns_service_name (string)" msgstr "ldap_chpass_dns_service_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1903 +#: sssd-ldap.5.xml:2021 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." @@ -6549,17 +6773,17 @@ msgstr "" "descubrimiento." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1908 +#: sssd-ldap.5.xml:2026 msgid "Default: not set, i.e. service discovery is disabled" msgstr "Por defecto: no fijado, esto es servicio descubridor deshabilitado." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1914 +#: sssd-ldap.5.xml:2032 msgid "ldap_chpass_update_last_change (bool)" msgstr "ldap_chpass_update_last_change (booleano)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1917 +#: sssd-ldap.5.xml:2035 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." @@ -6568,12 +6792,12 @@ msgstr "" "desde el Epoch después de una operación de cambio de contraseña." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1929 +#: sssd-ldap.5.xml:2047 msgid "ldap_access_filter (string)" msgstr "ldap_access_filter (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1932 +#: sssd-ldap.5.xml:2050 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -6589,12 +6813,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1952 +#: sssd-ldap.5.xml:2070 msgid "Example:" msgstr "Ejemplo:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1955 +#: sssd-ldap.5.xml:2073 #, no-wrap msgid "" "access_provider = ldap\n" @@ -6603,14 +6827,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1959 +#: sssd-ldap.5.xml:2077 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1964 +#: sssd-ldap.5.xml:2082 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -6619,17 +6843,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1972 sssd-ldap.5.xml:2029 +#: sssd-ldap.5.xml:2090 sssd-ldap.5.xml:2147 msgid "Default: Empty" msgstr "Predeterminado: vacío" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1978 +#: sssd-ldap.5.xml:2096 msgid "ldap_account_expire_policy (string)" msgstr "ldap_account_expire_policy (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1981 +#: sssd-ldap.5.xml:2099 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." @@ -6638,7 +6862,7 @@ msgstr "" "control de acceso del lado cliente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1985 +#: sssd-ldap.5.xml:2103 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -6649,12 +6873,12 @@ msgstr "" "una código de error definible aunque el password sea correcto." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1992 +#: sssd-ldap.5.xml:2110 msgid "The following values are allowed:" msgstr "Los siguientes valores están permitidos:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1995 +#: sssd-ldap.5.xml:2113 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." @@ -6663,7 +6887,7 @@ msgstr "" "determinar si la cuenta ha expirado." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2000 +#: sssd-ldap.5.xml:2118 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -6676,7 +6900,7 @@ msgstr "" "se comprueba el tiempo de expiración de la cuenta." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2007 +#: sssd-ldap.5.xml:2125 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -6687,7 +6911,7 @@ msgstr "" "el acceso o no." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2013 +#: sssd-ldap.5.xml:2131 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -6700,7 +6924,7 @@ msgstr "" "permitido. Si ambos atributos están desaparecidos se concede el acceso." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2022 +#: sssd-ldap.5.xml:2140 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -6708,24 +6932,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2035 +#: sssd-ldap.5.xml:2153 msgid "ldap_access_order (string)" msgstr "ldap_access_order (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2038 +#: sssd-ldap.5.xml:2156 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" "Lista separada por coma de opciones de control de acceso. Los valores " "permitidos son:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2042 +#: sssd-ldap.5.xml:2160 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "<emphasis>filtro</emphasis>: utilizar ldap_access_filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2045 +#: sssd-ldap.5.xml:2163 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6735,14 +6959,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2055 +#: sssd-ldap.5.xml:2173 msgid "" "<emphasis> Please note that this option is superseded by the <quote>ppolicy</" "quote> option and might be removed in a future release. </emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2062 +#: sssd-ldap.5.xml:2180 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6755,12 +6979,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2079 +#: sssd-ldap.5.xml:2197 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "<emphasis>caducar</emphasis>: utilizar ldap_account_expire_policy" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2083 +#: sssd-ldap.5.xml:2201 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " @@ -6770,7 +6994,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2093 +#: sssd-ldap.5.xml:2211 msgid "" "The difference between these options is the action taken if user password is " "expired: pwd_expire_policy_reject - user is denied to log in, " @@ -6780,20 +7004,20 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2101 +#: sssd-ldap.5.xml:2219 msgid "" "Note If user password is expired no explicit message is prompted by SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2105 +#: sssd-ldap.5.xml:2223 msgid "" "Please note that 'access_provider = ldap' must be set for this feature to " "work. Also 'ldap_pwd_policy' must be set to an appropriate password policy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2110 +#: sssd-ldap.5.xml:2228 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" @@ -6802,13 +7026,13 @@ msgstr "" "autorizedService para determinar el acceso" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2115 +#: sssd-ldap.5.xml:2233 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" "<emphasis>host</emphasis>: usa el atributo host para determinar el acceso" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2119 +#: sssd-ldap.5.xml:2237 #, fuzzy #| msgid "" #| "<emphasis>host</emphasis>: use the host attribute to determine access" @@ -6819,19 +7043,19 @@ msgstr "" "<emphasis>host</emphasis>: usa el atributo host para determinar el acceso" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2123 +#: sssd-ldap.5.xml:2241 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control option" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2128 +#: sssd-ldap.5.xml:2246 msgid "Default: filter" msgstr "Predeterminado: filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2131 +#: sssd-ldap.5.xml:2249 msgid "" "Please note that it is a configuration error if a value is used more than " "once." @@ -6840,12 +7064,12 @@ msgstr "" "una vez." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2138 +#: sssd-ldap.5.xml:2256 msgid "ldap_pwdlockout_dn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2141 +#: sssd-ldap.5.xml:2259 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " @@ -6854,22 +7078,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2149 +#: sssd-ldap.5.xml:2267 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2152 +#: sssd-ldap.5.xml:2270 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2158 +#: sssd-ldap.5.xml:2276 msgid "ldap_deref (string)" msgstr "ldap_deref (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2161 +#: sssd-ldap.5.xml:2279 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" @@ -6878,13 +7102,13 @@ msgstr "" "lleva a cabo una búsqueda. Están permitidas las siguientes opciones:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2166 +#: sssd-ldap.5.xml:2284 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" "<emphasis>never</emphasis>: Nunca serán eliminadas las referencias al alias." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2170 +#: sssd-ldap.5.xml:2288 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." @@ -6894,7 +7118,7 @@ msgstr "" "búsqueda." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2175 +#: sssd-ldap.5.xml:2293 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." @@ -6903,7 +7127,7 @@ msgstr "" "cuando se localice el objeto base de la búsqueda." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2180 +#: sssd-ldap.5.xml:2298 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." @@ -6912,7 +7136,7 @@ msgstr "" "para la búsqueda como en la localización del objeto base de la búsqueda." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2185 +#: sssd-ldap.5.xml:2303 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" @@ -6921,12 +7145,12 @@ msgstr "" "librerías cliente LDAP)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2193 +#: sssd-ldap.5.xml:2311 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "ldap_rfc2307_fallback_to_local_users (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2196 +#: sssd-ldap.5.xml:2314 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." @@ -6935,7 +7159,7 @@ msgstr "" "servidores que usan el esquema RFC2307." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2200 +#: sssd-ldap.5.xml:2318 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -6953,7 +7177,7 @@ msgstr "" "llamadas getpw*() o initgroups()." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2211 +#: sssd-ldap.5.xml:2329 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -6964,26 +7188,26 @@ msgstr "" "initgroups() aumentará los usuarios locales con los grupos LDAP adicionales." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2223 sssd-ifp.5.xml:136 +#: sssd-ldap.5.xml:2341 sssd-ifp.5.xml:136 #, fuzzy #| msgid "ldap_opt_timeout (integer)" msgid "wildcard_limit (integer)" msgstr "ldap_opt_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2226 +#: sssd-ldap.5.xml:2344 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2230 +#: sssd-ldap.5.xml:2348 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2234 +#: sssd-ldap.5.xml:2352 msgid "Default: 1000 (often the size of one page)" msgstr "" @@ -7003,12 +7227,12 @@ msgstr "" "completos. <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2244 +#: sssd-ldap.5.xml:2362 msgid "SUDO OPTIONS" msgstr "OPCIONES SUDO" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2246 +#: sssd-ldap.5.xml:2364 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -7016,52 +7240,52 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2257 +#: sssd-ldap.5.xml:2375 msgid "ldap_sudorule_object_class (string)" msgstr "ldap_sudorule_object_class (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2260 +#: sssd-ldap.5.xml:2378 msgid "The object class of a sudo rule entry in LDAP." msgstr "El objeto clase de una regla de entrada sudo en LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2263 +#: sssd-ldap.5.xml:2381 msgid "Default: sudoRole" msgstr "Por defecto: sudoRole" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2269 +#: sssd-ldap.5.xml:2387 msgid "ldap_sudorule_name (string)" msgstr "ldap_sudorule_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2272 +#: sssd-ldap.5.xml:2390 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "El atributo LDAP que corresponde a la regla nombre de sudo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2282 +#: sssd-ldap.5.xml:2400 msgid "ldap_sudorule_command (string)" msgstr "ldap_sudorule_command (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2285 +#: sssd-ldap.5.xml:2403 msgid "The LDAP attribute that corresponds to the command name." msgstr "El atributo LDAP que corresponde al nombre de comando." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2289 +#: sssd-ldap.5.xml:2407 msgid "Default: sudoCommand" msgstr "Por defecto: sudoCommand" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2295 +#: sssd-ldap.5.xml:2413 msgid "ldap_sudorule_host (string)" msgstr "ldap_sudorule_host (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2298 +#: sssd-ldap.5.xml:2416 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" @@ -7070,17 +7294,17 @@ msgstr "" "red IP del host o grupo de red del host)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2303 +#: sssd-ldap.5.xml:2421 msgid "Default: sudoHost" msgstr "Por defecto: sudoHost" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2309 +#: sssd-ldap.5.xml:2427 msgid "ldap_sudorule_user (string)" msgstr "ldap_sudorule_user (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2312 +#: sssd-ldap.5.xml:2430 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" @@ -7089,32 +7313,32 @@ msgstr "" "grupo o grupo de red del usuario)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2316 +#: sssd-ldap.5.xml:2434 msgid "Default: sudoUser" msgstr "Por defecto: sudoUser" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2322 +#: sssd-ldap.5.xml:2440 msgid "ldap_sudorule_option (string)" msgstr "ldap_sudorule_option (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2325 +#: sssd-ldap.5.xml:2443 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "El atributo LDAP que corresponde a las opciones sudo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2329 +#: sssd-ldap.5.xml:2447 msgid "Default: sudoOption" msgstr "Por defecto: sudoOption" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2335 +#: sssd-ldap.5.xml:2453 msgid "ldap_sudorule_runasuser (string)" msgstr "ldap_sudorule_runasuser (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2338 +#: sssd-ldap.5.xml:2456 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." @@ -7123,17 +7347,17 @@ msgstr "" "pueden ejecutar como." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2342 +#: sssd-ldap.5.xml:2460 msgid "Default: sudoRunAsUser" msgstr "Por defectot: sudoRunAsUser" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2348 +#: sssd-ldap.5.xml:2466 msgid "ldap_sudorule_runasgroup (string)" msgstr "ldap_sudorule_runasgroup (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2351 +#: sssd-ldap.5.xml:2469 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." @@ -7142,17 +7366,17 @@ msgstr "" "ejecutar comandos como." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2355 +#: sssd-ldap.5.xml:2473 msgid "Default: sudoRunAsGroup" msgstr "Por defecto: sudoRunAsGroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2361 +#: sssd-ldap.5.xml:2479 msgid "ldap_sudorule_notbefore (string)" msgstr "ldap_sudorule_notbefore (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2364 +#: sssd-ldap.5.xml:2482 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." @@ -7161,17 +7385,17 @@ msgstr "" "regla sudo es válida." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2368 +#: sssd-ldap.5.xml:2486 msgid "Default: sudoNotBefore" msgstr "Por defecto: sudoNotBefore" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2374 +#: sssd-ldap.5.xml:2492 msgid "ldap_sudorule_notafter (string)" msgstr "ldap_sudorule_notafter (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2377 +#: sssd-ldap.5.xml:2495 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." @@ -7180,32 +7404,32 @@ msgstr "" "la regla sudo dejará de ser válida." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2382 +#: sssd-ldap.5.xml:2500 msgid "Default: sudoNotAfter" msgstr "Por defecto: sudoNotAfter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2388 +#: sssd-ldap.5.xml:2506 msgid "ldap_sudorule_order (string)" msgstr "ldap_sudorule_order (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2391 +#: sssd-ldap.5.xml:2509 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "El atributo LDAP que corresponde al índice de ordenación de la regla." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2395 +#: sssd-ldap.5.xml:2513 msgid "Default: sudoOrder" msgstr "Por defecto: sudoOrder" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2401 +#: sssd-ldap.5.xml:2519 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "ldap_sudo_full_refresh_interval (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2404 +#: sssd-ldap.5.xml:2522 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." @@ -7215,7 +7439,7 @@ msgstr "" "servidor)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2409 +#: sssd-ldap.5.xml:2527 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" @@ -7224,17 +7448,17 @@ msgstr "" "emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2414 +#: sssd-ldap.5.xml:2532 msgid "Default: 21600 (6 hours)" msgstr "Por defecto: 21600 (6 horas)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2420 +#: sssd-ldap.5.xml:2538 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "ldap_sudo_smart_refresh_interval (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2423 +#: sssd-ldap.5.xml:2541 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest USN " @@ -7245,7 +7469,7 @@ msgstr "" "USBN más alto que el USN más alto de las reglas escondidas)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2429 +#: sssd-ldap.5.xml:2547 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." @@ -7254,12 +7478,12 @@ msgstr "" "atributo modifyTimestamp." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2439 +#: sssd-ldap.5.xml:2557 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "ldap_sudo_use_host_filter (booleano)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2442 +#: sssd-ldap.5.xml:2560 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." @@ -7268,12 +7492,12 @@ msgstr "" "máquina (usando las direcciones de host/red y nombres de host IPv4 o IPv6)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2453 +#: sssd-ldap.5.xml:2571 msgid "ldap_sudo_hostnames (string)" msgstr "ldap_sudo_hostnames (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2456 +#: sssd-ldap.5.xml:2574 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." @@ -7282,7 +7506,7 @@ msgstr "" "totalmente cualificados que sería usada para filtrar las reglas." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2461 +#: sssd-ldap.5.xml:2579 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." @@ -7291,8 +7515,8 @@ msgstr "" "nombre de dominio totalmente cualificado automáticamente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2466 sssd-ldap.5.xml:2489 sssd-ldap.5.xml:2507 -#: sssd-ldap.5.xml:2525 +#: sssd-ldap.5.xml:2584 sssd-ldap.5.xml:2607 sssd-ldap.5.xml:2625 +#: sssd-ldap.5.xml:2643 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." @@ -7301,17 +7525,17 @@ msgstr "" "emphasis> esta opción no tiene efecto." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2471 sssd-ldap.5.xml:2494 +#: sssd-ldap.5.xml:2589 sssd-ldap.5.xml:2612 msgid "Default: not specified" msgstr "Por defecto: no especificado" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2477 +#: sssd-ldap.5.xml:2595 msgid "ldap_sudo_ip (string)" msgstr "ldap_sudo_ip (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2480 +#: sssd-ldap.5.xml:2598 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." @@ -7320,7 +7544,7 @@ msgstr "" "usada para filtrar las reglas." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2485 +#: sssd-ldap.5.xml:2603 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." @@ -7329,12 +7553,12 @@ msgstr "" "automáticamente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2500 +#: sssd-ldap.5.xml:2618 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "sudo_include_netgroups (booleano)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2503 +#: sssd-ldap.5.xml:2621 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." @@ -7343,12 +7567,12 @@ msgstr "" "atributo sudoHost." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2518 +#: sssd-ldap.5.xml:2636 msgid "ldap_sudo_include_regexp (boolean)" msgstr "ldap_sudo_include_regexp (booleano)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2521 +#: sssd-ldap.5.xml:2639 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." @@ -7357,7 +7581,7 @@ msgstr "" "atributo sudoHost." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2537 +#: sssd-ldap.5.xml:2655 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -7370,87 +7594,87 @@ msgstr "" "manvolnum> </citerefentry>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2547 +#: sssd-ldap.5.xml:2665 msgid "AUTOFS OPTIONS" msgstr "OPCIONES AUTOFS" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2549 +#: sssd-ldap.5.xml:2667 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2555 +#: sssd-ldap.5.xml:2673 msgid "ldap_autofs_map_master_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2558 +#: sssd-ldap.5.xml:2676 msgid "The name of the automount master map in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2561 +#: sssd-ldap.5.xml:2679 msgid "Default: auto.master" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2568 +#: sssd-ldap.5.xml:2686 msgid "ldap_autofs_map_object_class (string)" msgstr "ldap_autofs_map_object_class (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2571 +#: sssd-ldap.5.xml:2689 msgid "The object class of an automount map entry in LDAP." msgstr "El objeto clase de una entrada de mapa de automontaje en LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2574 +#: sssd-ldap.5.xml:2692 msgid "Default: nisMap (rfc2307, autofs_provider=ad), otherwise automountMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2582 +#: sssd-ldap.5.xml:2700 msgid "ldap_autofs_map_name (string)" msgstr "ldap_autofs_map_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2585 +#: sssd-ldap.5.xml:2703 msgid "The name of an automount map entry in LDAP." msgstr "El nombre de una entrada de mapa de automontaje en LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2588 +#: sssd-ldap.5.xml:2706 msgid "" "Default: nisMapName (rfc2307, autofs_provider=ad), otherwise automountMapName" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2596 +#: sssd-ldap.5.xml:2714 msgid "ldap_autofs_entry_object_class (string)" msgstr "ldap_autofs_entry_object_class (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2599 +#: sssd-ldap.5.xml:2717 msgid "" "The object class of an automount entry in LDAP. The entry usually " "corresponds to a mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2604 +#: sssd-ldap.5.xml:2722 msgid "Default: nisObject (rfc2307, autofs_provider=ad), otherwise automount" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2612 +#: sssd-ldap.5.xml:2730 msgid "ldap_autofs_entry_key (string)" msgstr "ldap_autofs_entry_key (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2615 sssd-ldap.5.xml:2630 +#: sssd-ldap.5.xml:2733 sssd-ldap.5.xml:2748 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." @@ -7459,24 +7683,24 @@ msgstr "" "normalmente a un punto de montaje." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2619 +#: sssd-ldap.5.xml:2737 msgid "Default: cn (rfc2307, autofs_provider=ad), otherwise automountKey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2627 +#: sssd-ldap.5.xml:2745 msgid "ldap_autofs_entry_value (string)" msgstr "ldap_autofs_entry_value (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2634 +#: sssd-ldap.5.xml:2752 msgid "" "Default: nisMapEntry (rfc2307, autofs_provider=ad), otherwise " "automountInformation" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2553 +#: sssd-ldap.5.xml:2671 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " @@ -7485,32 +7709,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2645 +#: sssd-ldap.5.xml:2763 msgid "ADVANCED OPTIONS" msgstr "OPCIONES AVANZADAS" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2652 +#: sssd-ldap.5.xml:2770 msgid "ldap_netgroup_search_base (string)" msgstr "ldap_netgroup_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2657 +#: sssd-ldap.5.xml:2775 msgid "ldap_user_search_base (string)" msgstr "ldap_user_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2662 +#: sssd-ldap.5.xml:2780 msgid "ldap_group_search_base (string)" msgstr "ldap_group_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> -#: sssd-ldap.5.xml:2667 +#: sssd-ldap.5.xml:2785 msgid "<note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> -#: sssd-ldap.5.xml:2669 +#: sssd-ldap.5.xml:2787 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " @@ -7519,22 +7743,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist> -#: sssd-ldap.5.xml:2676 +#: sssd-ldap.5.xml:2794 msgid "</note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2678 +#: sssd-ldap.5.xml:2796 msgid "ldap_sudo_search_base (string)" msgstr "ldap_sudo_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2683 +#: sssd-ldap.5.xml:2801 msgid "ldap_autofs_search_base (string)" msgstr "ldap_autofs_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2647 +#: sssd-ldap.5.xml:2765 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -7543,14 +7767,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2698 sssd-simple.5.xml:131 sssd-ipa.5.xml:717 -#: sssd-ad.5.xml:1018 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 +#: sssd-ldap.5.xml:2816 sssd-simple.5.xml:131 sssd-ipa.5.xml:736 +#: sssd-ad.5.xml:1038 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 #: sssd-files.5.xml:71 sssd-session-recording.5.xml:144 msgid "EXAMPLE" msgstr "EJEMPLO" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2700 +#: sssd-ldap.5.xml:2818 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -7561,7 +7785,7 @@ msgstr "" "replaceable>." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2706 +#: sssd-ldap.5.xml:2824 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -7574,27 +7798,27 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2705 sssd-ldap.5.xml:2723 sssd-simple.5.xml:139 -#: sssd-ipa.5.xml:725 sssd-ad.5.xml:1026 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 +#: sssd-ldap.5.xml:2823 sssd-ldap.5.xml:2841 sssd-simple.5.xml:139 +#: sssd-ipa.5.xml:744 sssd-ad.5.xml:1046 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 #: sssd-files.5.xml:78 sssd-session-recording.5.xml:150 #: include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "<placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2717 +#: sssd-ldap.5.xml:2835 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2719 +#: sssd-ldap.5.xml:2837 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2724 +#: sssd-ldap.5.xml:2842 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -7610,13 +7834,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2739 sssd_krb5_locator_plugin.8.xml:61 sssd-simple.5.xml:148 -#: sssd-ad.5.xml:1041 sssd.8.xml:195 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2857 sssd_krb5_locator_plugin.8.xml:61 sssd-simple.5.xml:148 +#: sssd-ad.5.xml:1061 sssd.8.xml:230 sss_seed.8.xml:163 msgid "NOTES" msgstr "NOTAS" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2741 +#: sssd-ldap.5.xml:2859 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -8094,7 +8318,7 @@ msgstr "" "grupos locales no serán evaluados." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:70 sssd-ipa.5.xml:76 sssd-ad.5.xml:100 +#: sssd-simple.5.xml:70 sssd-ipa.5.xml:82 sssd-ad.5.xml:113 msgid "" "Refer to the section <quote>DOMAIN SECTIONS</quote> of the <citerefentry> " "<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" @@ -8957,7 +9181,7 @@ msgstr "" #: sss-certmap.5.xml:577 msgid "" "This template will add the OID which is stored in the registeredID component " -"of the SAN as as dotted-decimal string." +"of the SAN as a dotted-decimal string." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> @@ -9059,6 +9283,14 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:67 msgid "" +"If <quote>auth_provider=ipa</quote> or <quote>access_provider=ipa</quote> is " +"configured in sssd.conf then the id_provider must also be set to <quote>ipa</" +"quote>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:73 +msgid "" "The IPA provider will use the PAC responder if the Kerberos tickets of users " "from trusted realms contain a PAC. To make configuration easier the PAC " "responder is started automatically if the IPA ID provider is configured." @@ -9069,12 +9301,12 @@ msgstr "" "proveedor IPA está configurada." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:83 +#: sssd-ipa.5.xml:89 msgid "ipa_domain (string)" msgstr "ipa_domain (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:86 +#: sssd-ipa.5.xml:92 msgid "" "Specifies the name of the IPA domain. This is optional. If not provided, " "the configuration domain name is used." @@ -9083,12 +9315,12 @@ msgstr "" "se usa el nombre de configuración del dominio." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:94 +#: sssd-ipa.5.xml:100 msgid "ipa_server, ipa_backup_server (string)" msgstr "ipa_server, ipa_backup_server (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:97 +#: sssd-ipa.5.xml:103 msgid "" "The comma-separated list of IP addresses or hostnames of the IPA servers to " "which SSSD should connect in the order of preference. For more information " @@ -9104,12 +9336,12 @@ msgstr "" "sección <quote>SERVICE DISCOVERY</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:110 +#: sssd-ipa.5.xml:116 msgid "ipa_hostname (string)" msgstr "ipa_hostname (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:113 +#: sssd-ipa.5.xml:119 #, fuzzy #| msgid "" #| "Optional. May be set on machines where the hostname(5) does not reflect " @@ -9124,12 +9356,12 @@ msgstr "" "host." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:122 sssd-ad.5.xml:843 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:863 msgid "dyndns_update (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:125 +#: sssd-ipa.5.xml:131 msgid "" "Optional. This option tells SSSD to automatically update the DNS server " "built into FreeIPA with the IP address of this client. The update is secured " @@ -9139,7 +9371,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:134 sssd-ad.5.xml:857 +#: sssd-ipa.5.xml:140 sssd-ad.5.xml:877 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -9149,7 +9381,7 @@ msgstr "" "fijado apropiadamente en /etc/krb5.conf" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:139 +#: sssd-ipa.5.xml:145 msgid "" "NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_update</" "emphasis> option, users should migrate to using <emphasis>dyndns_update</" @@ -9157,12 +9389,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:151 sssd-ad.5.xml:868 +#: sssd-ipa.5.xml:157 sssd-ad.5.xml:888 msgid "dyndns_ttl (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:154 sssd-ad.5.xml:871 +#: sssd-ipa.5.xml:160 sssd-ad.5.xml:891 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -9170,7 +9402,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:159 +#: sssd-ipa.5.xml:165 msgid "" "NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_ttl</" "emphasis> option, users should migrate to using <emphasis>dyndns_ttl</" @@ -9178,17 +9410,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:165 +#: sssd-ipa.5.xml:171 msgid "Default: 1200 (seconds)" msgstr "Por defecto: 1200 (segundos)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:171 sssd-ad.5.xml:882 +#: sssd-ipa.5.xml:177 sssd-ad.5.xml:902 msgid "dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:174 sssd-ad.5.xml:885 +#: sssd-ipa.5.xml:180 sssd-ad.5.xml:905 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " @@ -9197,7 +9429,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:181 +#: sssd-ipa.5.xml:187 msgid "" "NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_iface</" "emphasis> option, users should migrate to using <emphasis>dyndns_iface</" @@ -9205,24 +9437,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:187 +#: sssd-ipa.5.xml:193 msgid "" "Default: Use the IP addresses of the interface which is used for IPA LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:191 sssd-ad.5.xml:896 +#: sssd-ipa.5.xml:197 sssd-ad.5.xml:916 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:197 sssd-ad.5.xml:947 +#: sssd-ipa.5.xml:203 sssd-ad.5.xml:967 msgid "dyndns_auth (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:200 sssd-ad.5.xml:950 +#: sssd-ipa.5.xml:206 sssd-ad.5.xml:970 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " @@ -9230,22 +9462,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:206 sssd-ad.5.xml:956 +#: sssd-ipa.5.xml:212 sssd-ad.5.xml:976 msgid "Default: GSS-TSIG" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:212 +#: sssd-ipa.5.xml:218 msgid "ipa_enable_dns_sites (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:215 sssd-ad.5.xml:197 +#: sssd-ipa.5.xml:221 sssd-ad.5.xml:210 msgid "Enables DNS sites - location based service discovery." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:219 +#: sssd-ipa.5.xml:225 msgid "" "If true and service discovery (see Service Discovery paragraph at the bottom " "of the man page) is enabled, then the SSSD will first attempt location " @@ -9257,12 +9489,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:238 sssd-ad.5.xml:902 +#: sssd-ipa.5.xml:244 sssd-ad.5.xml:922 msgid "dyndns_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:241 +#: sssd-ipa.5.xml:247 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -9270,86 +9502,86 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:254 sssd-ad.5.xml:920 +#: sssd-ipa.5.xml:260 sssd-ad.5.xml:940 msgid "dyndns_update_ptr (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:257 sssd-ad.5.xml:923 +#: sssd-ipa.5.xml:263 sssd-ad.5.xml:943 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:262 +#: sssd-ipa.5.xml:268 msgid "" "This option should be False in most IPA deployments as the IPA server " "generates the PTR records automatically when forward records are changed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:268 +#: sssd-ipa.5.xml:274 msgid "Default: False (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:274 sssd-ad.5.xml:934 +#: sssd-ipa.5.xml:280 sssd-ad.5.xml:954 msgid "dyndns_force_tcp (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:277 sssd-ad.5.xml:937 +#: sssd-ipa.5.xml:283 sssd-ad.5.xml:957 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:281 sssd-ad.5.xml:941 +#: sssd-ipa.5.xml:287 sssd-ad.5.xml:961 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:287 sssd-ad.5.xml:962 +#: sssd-ipa.5.xml:293 sssd-ad.5.xml:982 msgid "dyndns_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:290 sssd-ad.5.xml:965 +#: sssd-ipa.5.xml:296 sssd-ad.5.xml:985 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:295 sssd-ad.5.xml:970 +#: sssd-ipa.5.xml:301 sssd-ad.5.xml:990 msgid "" "Setting this option makes sense for environments where the DNS server is " "different from the identity server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:300 sssd-ad.5.xml:975 +#: sssd-ipa.5.xml:306 sssd-ad.5.xml:995 msgid "" "Please note that this option will be only used in fallback attempt when " "previous attempt using autodetected settings failed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:305 sssd-ad.5.xml:980 +#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1000 msgid "Default: None (let nsupdate choose the server)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:311 +#: sssd-ipa.5.xml:317 #, fuzzy #| msgid "ipa_host_search_base (string)" msgid "ipa_deskprofile_search_base (string)" msgstr "ipa_host_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:314 +#: sssd-ipa.5.xml:320 #, fuzzy #| msgid "" #| "Optional. Use the given string as search base for HBAC related objects." @@ -9361,109 +9593,94 @@ msgstr "" "relacionados." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:318 sssd-ipa.5.xml:331 +#: sssd-ipa.5.xml:324 sssd-ipa.5.xml:337 msgid "Default: Use base DN" msgstr "Predeterminado: Utilizar DN base" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:324 +#: sssd-ipa.5.xml:330 msgid "ipa_hbac_search_base (string)" msgstr "ipa_hbac_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:327 +#: sssd-ipa.5.xml:333 msgid "Optional. Use the given string as search base for HBAC related objects." msgstr "" "Opcional. Usa la cadena dada como base de búsqueda para los objetos HBAC " "relacionados." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:337 +#: sssd-ipa.5.xml:343 msgid "ipa_host_search_base (string)" msgstr "ipa_host_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:340 -msgid "Optional. Use the given string as search base for host objects." -msgstr "Opcional. Usa la cadena dada como base de búsqueda para objetos host." - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:344 sssd-ipa.5.xml:363 sssd-ipa.5.xml:382 sssd-ipa.5.xml:401 -#: sssd-ipa.5.xml:420 -msgid "" -"See <quote>ldap_search_base</quote> for information about configuring " -"multiple search bases." +#: sssd-ipa.5.xml:346 +msgid "Deprecated. Use ldap_host_search_base instead." msgstr "" -"Vea <quote>ldap_search_base</quote> para información sobre la configuración " -"de múltiples bases de búsqueda." - -#. type: Content of: <listitem><para> -#: sssd-ipa.5.xml:349 sssd-ipa.5.xml:368 include/ldap_search_bases.xml:27 -msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" -msgstr "Predeterminado: el valor de <emphasis>ldap_search_base</emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:356 +#: sssd-ipa.5.xml:352 msgid "ipa_selinux_search_base (string)" msgstr "ipa_selinux_search_base (cadena)Opcional. " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:359 +#: sssd-ipa.5.xml:355 msgid "Optional. Use the given string as search base for SELinux user maps." msgstr "" "Opcional. Usa la cadena dada como base de búsqueda para los mapas de usuario " "SELinux." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:375 +#: sssd-ipa.5.xml:371 msgid "ipa_subdomains_search_base (string)" msgstr "ipa_subdomains_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:378 +#: sssd-ipa.5.xml:374 msgid "Optional. Use the given string as search base for trusted domains." msgstr "" "Opcional: Usa la cadena dada como base de búsqueda de dominios de confianza." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:387 +#: sssd-ipa.5.xml:383 msgid "Default: the value of <emphasis>cn=trusts,%basedn</emphasis>" msgstr "Por defecto: el valor de <emphasis>cn=trusts,%basedn</emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:394 +#: sssd-ipa.5.xml:390 msgid "ipa_master_domain_search_base (string)" msgstr "ipa_master_domain_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:397 +#: sssd-ipa.5.xml:393 msgid "Optional. Use the given string as search base for master domain object." msgstr "" "Opcional: Usa la cadena dada como base de búsqueda para el objeto maestro de " "dominio." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:406 +#: sssd-ipa.5.xml:402 msgid "Default: the value of <emphasis>cn=ad,cn=etc,%basedn</emphasis>" msgstr "Por defecto: el valor de <emphasis>cn=ad,cn=etc,%basedn</emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:413 +#: sssd-ipa.5.xml:409 msgid "ipa_views_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:416 +#: sssd-ipa.5.xml:412 msgid "Optional. Use the given string as search base for views containers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:425 +#: sssd-ipa.5.xml:421 msgid "Default: the value of <emphasis>cn=views,cn=accounts,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:435 +#: sssd-ipa.5.xml:431 msgid "" "The name of the Kerberos realm. This is optional and defaults to the value " "of <quote>ipa_domain</quote>." @@ -9472,7 +9689,7 @@ msgstr "" "de <quote>ipa_domain</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:439 +#: sssd-ipa.5.xml:435 msgid "" "The name of the Kerberos realm has a special meaning in IPA - it is " "converted into the base DN to use for performing LDAP operations." @@ -9481,39 +9698,39 @@ msgstr "" "convertido hacia la base DN para usarlo para llevar a cabo operaciones LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:447 sssd-ad.5.xml:989 +#: sssd-ipa.5.xml:443 sssd-ad.5.xml:1009 msgid "krb5_confd_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:450 sssd-ad.5.xml:992 +#: sssd-ipa.5.xml:446 sssd-ad.5.xml:1012 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:454 sssd-ad.5.xml:996 +#: sssd-ipa.5.xml:450 sssd-ad.5.xml:1016 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:458 sssd-ad.5.xml:1000 +#: sssd-ipa.5.xml:454 sssd-ad.5.xml:1020 msgid "" "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:465 +#: sssd-ipa.5.xml:461 #, fuzzy #| msgid "ipa_hbac_refresh (integer)" msgid "ipa_deskprofile_refresh (integer)" msgstr "ipa_hbac_refresh (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:468 +#: sssd-ipa.5.xml:464 #, fuzzy #| msgid "" #| "The amount of time between lookups of the HBAC rules against the IPA " @@ -9529,19 +9746,19 @@ msgstr "" "muchas peticiones de control de acceso hechas en un corto período." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:475 sssd-ipa.5.xml:505 sssd-ipa.5.xml:521 sssd-ad.5.xml:408 +#: sssd-ipa.5.xml:471 sssd-ipa.5.xml:501 sssd-ipa.5.xml:517 sssd-ad.5.xml:428 msgid "Default: 5 (seconds)" msgstr "Predeterminado: 5 (segundos)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:481 +#: sssd-ipa.5.xml:477 #, fuzzy #| msgid "ldap_sudo_full_refresh_interval (integer)" msgid "ipa_deskprofile_request_interval (integer)" msgstr "ldap_sudo_full_refresh_interval (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:484 +#: sssd-ipa.5.xml:480 #, fuzzy #| msgid "" #| "The amount of time between lookups of the HBAC rules against the IPA " @@ -9556,19 +9773,19 @@ msgstr "" "muchas peticiones de control de acceso hechas en un corto período." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:489 +#: sssd-ipa.5.xml:485 #, fuzzy #| msgid "Default: 900 (15 minutes)" msgid "Default: 60 (minutes)" msgstr "Predeterminado: 900 (15 minutos)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:495 +#: sssd-ipa.5.xml:491 msgid "ipa_hbac_refresh (integer)" msgstr "ipa_hbac_refresh (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:498 +#: sssd-ipa.5.xml:494 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server. " "This will reduce the latency and load on the IPA server if there are many " @@ -9579,12 +9796,12 @@ msgstr "" "muchas peticiones de control de acceso hechas en un corto período." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:511 +#: sssd-ipa.5.xml:507 msgid "ipa_hbac_selinux (integer)" msgstr "ipa_hbac_selinux (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:514 +#: sssd-ipa.5.xml:510 msgid "" "The amount of time between lookups of the SELinux maps against the IPA " "server. This will reduce the latency and load on the IPA server if there are " @@ -9595,192 +9812,214 @@ msgstr "" "hay muchas peticiones de acceso de usuario hechas en un corto período." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:527 +#: sssd-ipa.5.xml:523 msgid "ipa_server_mode (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:530 +#: sssd-ipa.5.xml:526 msgid "" "This option will be set by the IPA installer (ipa-server-install) " "automatically and denotes if SSSD is running on an IPA server or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:535 +#: sssd-ipa.5.xml:531 msgid "" "On an IPA server SSSD will lookup users and groups from trusted domains " "directly while on a client it will ask an IPA server." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:536 +msgid "" +"NOTE: There are currently some assumptions that must be met when SSSD is " +"running on an IPA server." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ipa.5.xml:541 +msgid "" +"The <quote>ipa_server</quote> option must be configured to point to the IPA " +"server itself. This is already the default set by the IPA installer, so no " +"manual change is required." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ipa.5.xml:550 +msgid "" +"The <quote>full_name_format</quote> option must not be tweaked to only print " +"short names for users from trusted domains." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:546 +#: sssd-ipa.5.xml:565 msgid "ipa_automount_location (string)" msgstr "ipa_automount_location (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:549 +#: sssd-ipa.5.xml:568 msgid "The automounter location this IPA client will be using" msgstr "La localización del automontador de este cliente IPA que será usada" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:552 +#: sssd-ipa.5.xml:571 msgid "Default: The location named \"default\"" msgstr "Por defecto: La localización llamada “default”" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:560 +#: sssd-ipa.5.xml:579 msgid "VIEWS AND OVERRIDES" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:569 +#: sssd-ipa.5.xml:588 msgid "ipa_view_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:572 +#: sssd-ipa.5.xml:591 msgid "Objectclass of the view container." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:575 +#: sssd-ipa.5.xml:594 msgid "Default: nsContainer" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:581 +#: sssd-ipa.5.xml:600 msgid "ipa_view_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:584 +#: sssd-ipa.5.xml:603 msgid "Name of the attribute holding the name of the view." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:594 +#: sssd-ipa.5.xml:613 msgid "ipa_override_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:597 +#: sssd-ipa.5.xml:616 msgid "Objectclass of the override objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:600 +#: sssd-ipa.5.xml:619 msgid "Default: ipaOverrideAnchor" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:606 +#: sssd-ipa.5.xml:625 msgid "ipa_anchor_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:609 +#: sssd-ipa.5.xml:628 msgid "" "Name of the attribute containing the reference to the original object in a " "remote domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:613 +#: sssd-ipa.5.xml:632 msgid "Default: ipaAnchorUUID" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:619 +#: sssd-ipa.5.xml:638 msgid "ipa_user_override_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:622 +#: sssd-ipa.5.xml:641 msgid "" "Name of the objectclass for user overrides. It is used to determine if the " "found override object is related to a user or a group." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:627 +#: sssd-ipa.5.xml:646 msgid "User overrides can contain attributes given by" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:630 +#: sssd-ipa.5.xml:649 msgid "ldap_user_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:633 +#: sssd-ipa.5.xml:652 msgid "ldap_user_uid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:636 +#: sssd-ipa.5.xml:655 msgid "ldap_user_gid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:639 +#: sssd-ipa.5.xml:658 msgid "ldap_user_gecos" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:642 +#: sssd-ipa.5.xml:661 msgid "ldap_user_home_directory" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:645 +#: sssd-ipa.5.xml:664 msgid "ldap_user_shell" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:648 +#: sssd-ipa.5.xml:667 msgid "ldap_user_ssh_public_key" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:653 +#: sssd-ipa.5.xml:672 msgid "Default: ipaUserOverride" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:659 +#: sssd-ipa.5.xml:678 msgid "ipa_group_override_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:662 +#: sssd-ipa.5.xml:681 msgid "" "Name of the objectclass for group overrides. It is used to determine if the " "found override object is related to a user or a group." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:667 +#: sssd-ipa.5.xml:686 msgid "Group overrides can contain attributes given by" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:670 +#: sssd-ipa.5.xml:689 msgid "ldap_group_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:673 +#: sssd-ipa.5.xml:692 msgid "ldap_group_gid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:678 +#: sssd-ipa.5.xml:697 msgid "Default: ipaGroupOverride" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:562 +#: sssd-ipa.5.xml:581 msgid "" "SSSD can handle views and overrides which are offered by FreeIPA 4.1 and " "later version. Since all paths and objectclasses are fixed on the server " @@ -9790,12 +10029,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ipa.5.xml:690 +#: sssd-ipa.5.xml:709 msgid "SUBDOMAINS PROVIDER" msgstr "PROVEEDOR DE SUBDOMINIOS" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:692 +#: sssd-ipa.5.xml:711 msgid "" "The IPA subdomains provider behaves slightly differently if it is configured " "explicitly or implicitly." @@ -9804,7 +10043,7 @@ msgstr "" "si está configurado explícitamente o implícitamente." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:696 +#: sssd-ipa.5.xml:715 msgid "" "If the option 'subdomains_provider = ipa' is found in the domain section of " "sssd.conf, the IPA subdomains provider is configured explicitly, and all " @@ -9816,7 +10055,7 @@ msgstr "" "de IPA si es necesario." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:702 +#: sssd-ipa.5.xml:721 msgid "" "If the option 'subdomains_provider' is not set in the domain section of sssd." "conf but there is the option 'id_provider = ipa', the IPA subdomains " @@ -9828,7 +10067,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:719 +#: sssd-ipa.5.xml:738 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -9839,7 +10078,7 @@ msgstr "" "Este ejemplo muestra sólo las opciones específicas del proveedor ipa." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:726 +#: sssd-ipa.5.xml:745 #, no-wrap msgid "" "[domain/example.com]\n" @@ -9881,7 +10120,7 @@ msgid "" "This provider requires that the machine be joined to the AD domain and a " "keytab is available. Back end communication occurs over a GSSAPI-encrypted " "channel, SSL/TLS options should not be used with the AD provider and will be " -"superceded by Kerberos usage." +"superseded by Kerberos usage." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> @@ -9932,8 +10171,16 @@ msgid "" "side." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ad.5.xml:79 +msgid "" +"If <quote>auth_provider=ad</quote> or <quote>access_provider=ad</quote> is " +"configured in sssd.conf then the id_provider must also be set to <quote>ad</" +"quote>." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:85 +#: sssd-ad.5.xml:91 #, no-wrap msgid "" "ldap_id_mapping = False\n" @@ -9943,20 +10190,25 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:79 +#: sssd-ad.5.xml:85 msgid "" "By default, the AD provider will map UID and GID values from the objectSID " "parameter in Active Directory. For details on this, see the <quote>ID " "MAPPING</quote> section below. If you want to disable ID mapping and instead " "rely on POSIX attributes defined in Active Directory, you should set " -"<placeholder type=\"programlisting\" id=\"0\"/> In order to retrieve users " -"and groups using POSIX attributes from trusted domains, the AD administrator " -"must make sure that the POSIX attributes are replicated to the Global " -"Catalog." +"<placeholder type=\"programlisting\" id=\"0\"/> If POSIX attributes should " +"be used, it is recommended for performance reasons that the attributes are " +"also replicated to the Global Catalog. If POSIX attributes are replicated, " +"SSSD will attempt to locate the domain of a requested numerical ID with the " +"help of the Global Catalog and only search that domain. In contrast, if " +"POSIX attributes are not replicated to the Global Catalog, SSSD must search " +"all the domains in the forest sequentially. Please note that the " +"<quote>cache_first</quote> option might be also helpful in speeding up " +"domainless searches." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:92 +#: sssd-ad.5.xml:105 msgid "" "Users, groups and other entities served by SSSD are always treated as case-" "insensitive in the AD provider for compatibility with Active Directory's " @@ -9964,12 +10216,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:107 +#: sssd-ad.5.xml:120 msgid "ad_domain (string)" msgstr "ad_domain (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:110 +#: sssd-ad.5.xml:123 msgid "" "Specifies the name of the Active Directory domain. This is optional. If not " "provided, the configuration domain name is used." @@ -9978,7 +10230,7 @@ msgstr "" "se suministra, se usa la configuración del nombre de dominio." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:115 +#: sssd-ad.5.xml:128 msgid "" "For proper operation, this option should be specified as the lower-case " "version of the long version of the Active Directory domain." @@ -9987,19 +10239,19 @@ msgstr "" "minúscula de la versión larga del dominio Active Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:120 +#: sssd-ad.5.xml:133 msgid "" "The short domain name (also known as the NetBIOS or the flat name) is " "autodetected by the SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:127 +#: sssd-ad.5.xml:140 msgid "ad_enabled_domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:130 +#: sssd-ad.5.xml:143 msgid "" "A comma-separated list of enabled Active Directory domains. If provided, " "SSSD will ignore any domains not listed in this option. If left unset, all " @@ -10007,7 +10259,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:140 +#: sssd-ad.5.xml:153 #, no-wrap msgid "" "ad_enabled_domains = sales.example.com, eng.example.com\n" @@ -10015,7 +10267,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:136 +#: sssd-ad.5.xml:149 msgid "" "For proper operation, this option must be specified in all lower-case and as " "the fully qualified domain name of the Active Directory domain. For example: " @@ -10023,19 +10275,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:144 +#: sssd-ad.5.xml:157 msgid "" "The short domain name (also known as the NetBIOS or the flat name) will be " "autodetected by SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:154 +#: sssd-ad.5.xml:167 msgid "ad_server, ad_backup_server (string)" msgstr "ad_server, ad_backup_server (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:157 +#: sssd-ad.5.xml:170 msgid "" "The comma-separated list of hostnames of the AD servers to which SSSD should " "connect in order of preference. For more information on failover and server " @@ -10043,26 +10295,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:164 +#: sssd-ad.5.xml:177 msgid "" "This is optional if autodiscovery is enabled. For more information on " "service discovery, refer to the <quote>SERVICE DISCOVERY</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:169 +#: sssd-ad.5.xml:182 msgid "" "Note: Trusted domains will always auto-discover servers even if the primary " "server is explicitly defined in the ad_server option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:177 +#: sssd-ad.5.xml:190 msgid "ad_hostname (string)" msgstr "ad_hostname (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:180 +#: sssd-ad.5.xml:193 msgid "" "Optional. May be set on machines where the hostname(5) does not reflect the " "fully qualified name used in the Active Directory domain to identify this " @@ -10073,7 +10325,7 @@ msgstr "" "identificar este host." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:186 +#: sssd-ad.5.xml:199 msgid "" "This field is used to determine the host principal in use in the keytab. It " "must match the hostname for which the keytab was issued." @@ -10082,12 +10334,12 @@ msgstr "" "Debe coincidir con el nombre del host desde que se envío la keytab." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:194 +#: sssd-ad.5.xml:207 msgid "ad_enable_dns_sites (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:201 +#: sssd-ad.5.xml:214 msgid "" "If true and service discovery (see Service Discovery paragraph at the bottom " "of the man page) is enabled, the SSSD will first attempt to discover the " @@ -10098,12 +10350,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:217 +#: sssd-ad.5.xml:230 msgid "ad_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:220 +#: sssd-ad.5.xml:233 msgid "" "This option specifies LDAP access control filter that the user must match in " "order to be allowed access. Please note that the <quote>access_provider</" @@ -10112,7 +10364,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:228 +#: sssd-ad.5.xml:241 msgid "" "The option also supports specifying different filters per domain or forest. " "This extended filter would consist of: <quote>KEYWORD:NAME:FILTER</quote>. " @@ -10121,7 +10373,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:236 +#: sssd-ad.5.xml:249 msgid "" "If the keyword equals to <quote>DOM</quote> or is missing, then <quote>NAME</" "quote> specifies the domain or subdomain the filter applies to. If the " @@ -10130,14 +10382,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:244 +#: sssd-ad.5.xml:257 msgid "" "Multiple filters can be separated with the <quote>?</quote> character, " "similarly to how search bases work." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:249 +#: sssd-ad.5.xml:262 msgid "" "Nested group membership must be searched for using a special OID " "<quote>:1.2.840.113556.1.4.1941:</quote> in addition to the full DOM:domain." @@ -10150,7 +10402,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:262 +#: sssd-ad.5.xml:275 msgid "" "The most specific match is always used. For example, if the option specified " "filter for a domain the user is a member of and a global filter, the per-" @@ -10159,7 +10411,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ad.5.xml:273 +#: sssd-ad.5.xml:286 #, no-wrap msgid "" "# apply filter on domain called dom1 only:\n" @@ -10177,24 +10429,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:292 +#: sssd-ad.5.xml:305 msgid "ad_site (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:295 +#: sssd-ad.5.xml:308 msgid "" "Specify AD site to which client should try to connect. If this option is " "not provided, the AD site will be auto-discovered." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:306 +#: sssd-ad.5.xml:319 msgid "ad_enable_gc (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:309 +#: sssd-ad.5.xml:322 msgid "" "By default, the SSSD connects to the Global Catalog first to retrieve users " "from trusted domains and uses the LDAP port to retrieve group memberships or " @@ -10203,7 +10455,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:317 +#: sssd-ad.5.xml:330 msgid "" "Please note that disabling Global Catalog support does not disable " "retrieving users from trusted domains. The SSSD would connect to the LDAP " @@ -10212,12 +10464,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:331 +#: sssd-ad.5.xml:344 msgid "ad_gpo_access_control (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:334 +#: sssd-ad.5.xml:347 msgid "" "This option specifies the operation mode for GPO-based access control " "functionality: whether it operates in disabled mode, enforcing mode, or " @@ -10227,14 +10479,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:343 +#: sssd-ad.5.xml:356 msgid "" "GPO-based access control functionality uses GPO policy settings to determine " "whether or not a particular user is allowed to logon to a particular host." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:349 +#: sssd-ad.5.xml:362 +msgid "" +"NOTE: The current version of SSSD does not support host (computer) entries " +"in the GPO 'Security Filtering' list. Only user and group entries are " +"supported. Host entries in the list have no effect." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:369 msgid "" "NOTE: If the operation mode is set to enforcing, it is possible that users " "that were previously allowed logon access will now be denied logon access " @@ -10247,23 +10507,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:362 +#: sssd-ad.5.xml:382 msgid "There are three supported values for this option:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:366 +#: sssd-ad.5.xml:386 msgid "" "disabled: GPO-based access control rules are neither evaluated nor enforced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:372 +#: sssd-ad.5.xml:392 msgid "enforcing: GPO-based access control rules are evaluated and enforced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:378 +#: sssd-ad.5.xml:398 msgid "" "permissive: GPO-based access control rules are evaluated, but not enforced. " "Instead, a syslog message will be emitted indicating that the user would " @@ -10271,22 +10531,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:389 +#: sssd-ad.5.xml:409 msgid "Default: permissive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:392 +#: sssd-ad.5.xml:412 msgid "Default: enforcing" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:398 +#: sssd-ad.5.xml:418 msgid "ad_gpo_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:401 +#: sssd-ad.5.xml:421 msgid "" "The amount of time between lookups of GPO policy files against the AD " "server. This will reduce the latency and load on the AD server if there are " @@ -10294,12 +10554,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:414 +#: sssd-ad.5.xml:434 msgid "ad_gpo_map_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:417 +#: sssd-ad.5.xml:437 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the InteractiveLogonRight and " @@ -10307,14 +10567,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:423 +#: sssd-ad.5.xml:443 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on locally\" and \"Deny log on locally\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:437 +#: sssd-ad.5.xml:457 #, no-wrap msgid "" "ad_gpo_map_interactive = +my_pam_service, -login\n" @@ -10322,7 +10582,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:428 +#: sssd-ad.5.xml:448 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10334,78 +10594,78 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:441 sssd-ad.5.xml:537 sssd-ad.5.xml:583 sssd-ad.5.xml:628 -#: sssd-ad.5.xml:694 +#: sssd-ad.5.xml:461 sssd-ad.5.xml:557 sssd-ad.5.xml:603 sssd-ad.5.xml:648 +#: sssd-ad.5.xml:714 msgid "Default: the default set of PAM service names includes:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:445 +#: sssd-ad.5.xml:465 msgid "login" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:450 +#: sssd-ad.5.xml:470 msgid "su" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:455 +#: sssd-ad.5.xml:475 msgid "su-l" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:460 +#: sssd-ad.5.xml:480 msgid "gdm-fingerprint" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:465 +#: sssd-ad.5.xml:485 msgid "gdm-password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:470 +#: sssd-ad.5.xml:490 msgid "gdm-smartcard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:475 +#: sssd-ad.5.xml:495 msgid "kdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:480 +#: sssd-ad.5.xml:500 msgid "lightdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:485 +#: sssd-ad.5.xml:505 msgid "lxdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:490 +#: sssd-ad.5.xml:510 msgid "sddm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:495 +#: sssd-ad.5.xml:515 msgid "unity" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:500 +#: sssd-ad.5.xml:520 msgid "xdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:509 +#: sssd-ad.5.xml:529 msgid "ad_gpo_map_remote_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:512 +#: sssd-ad.5.xml:532 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the RemoteInteractiveLogonRight and " @@ -10413,7 +10673,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:518 +#: sssd-ad.5.xml:538 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on through Remote Desktop Services\" and \"Deny log on through Remote " @@ -10421,7 +10681,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:533 +#: sssd-ad.5.xml:553 #, no-wrap msgid "" "ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n" @@ -10429,7 +10689,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:524 +#: sssd-ad.5.xml:544 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10441,22 +10701,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:541 +#: sssd-ad.5.xml:561 msgid "sshd" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:546 +#: sssd-ad.5.xml:566 msgid "cockpit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:555 +#: sssd-ad.5.xml:575 msgid "ad_gpo_map_network (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:558 +#: sssd-ad.5.xml:578 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the NetworkLogonRight and " @@ -10464,7 +10724,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:564 +#: sssd-ad.5.xml:584 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Access " "this computer from the network\" and \"Deny access to this computer from the " @@ -10472,7 +10732,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:579 +#: sssd-ad.5.xml:599 #, no-wrap msgid "" "ad_gpo_map_network = +my_pam_service, -ftp\n" @@ -10480,7 +10740,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:570 +#: sssd-ad.5.xml:590 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10492,22 +10752,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:587 +#: sssd-ad.5.xml:607 msgid "ftp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:592 +#: sssd-ad.5.xml:612 msgid "samba" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:601 +#: sssd-ad.5.xml:621 msgid "ad_gpo_map_batch (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:604 +#: sssd-ad.5.xml:624 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " @@ -10515,14 +10775,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:610 +#: sssd-ad.5.xml:630 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a batch job\" and \"Deny log on as a batch job\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:624 +#: sssd-ad.5.xml:644 #, no-wrap msgid "" "ad_gpo_map_batch = +my_pam_service, -crond\n" @@ -10530,7 +10790,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:615 +#: sssd-ad.5.xml:635 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10542,17 +10802,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:632 +#: sssd-ad.5.xml:652 msgid "crond" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:641 +#: sssd-ad.5.xml:661 msgid "ad_gpo_map_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:644 +#: sssd-ad.5.xml:664 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the ServiceLogonRight and " @@ -10560,14 +10820,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:650 +#: sssd-ad.5.xml:670 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a service\" and \"Deny log on as a service\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:663 +#: sssd-ad.5.xml:683 #, no-wrap msgid "" "ad_gpo_map_service = +my_pam_service\n" @@ -10575,7 +10835,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:655 sssd-ad.5.xml:730 +#: sssd-ad.5.xml:675 sssd-ad.5.xml:750 msgid "" "It is possible to add a PAM service name to the default set by using <quote>" "+service_name</quote>. Since the default set is empty, it is not possible " @@ -10586,19 +10846,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:673 +#: sssd-ad.5.xml:693 msgid "ad_gpo_map_permit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:676 +#: sssd-ad.5.xml:696 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always granted, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:690 +#: sssd-ad.5.xml:710 #, no-wrap msgid "" "ad_gpo_map_permit = +my_pam_service, -sudo\n" @@ -10606,7 +10866,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:681 +#: sssd-ad.5.xml:701 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10618,39 +10878,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:698 +#: sssd-ad.5.xml:718 msgid "polkit-1" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:703 +#: sssd-ad.5.xml:723 msgid "sudo" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:708 +#: sssd-ad.5.xml:728 msgid "sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:713 +#: sssd-ad.5.xml:733 msgid "systemd-user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:722 +#: sssd-ad.5.xml:742 msgid "ad_gpo_map_deny (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:725 +#: sssd-ad.5.xml:745 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always denied, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:738 +#: sssd-ad.5.xml:758 #, no-wrap msgid "" "ad_gpo_map_deny = +my_pam_service\n" @@ -10658,12 +10918,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:748 +#: sssd-ad.5.xml:768 msgid "ad_gpo_default_right (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:751 +#: sssd-ad.5.xml:771 msgid "" "This option defines how access control is evaluated for PAM service names " "that are not explicitly listed in one of the ad_gpo_map_* options. This " @@ -10676,57 +10936,57 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:764 +#: sssd-ad.5.xml:784 msgid "Supported values for this option include:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:768 +#: sssd-ad.5.xml:788 msgid "interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:773 +#: sssd-ad.5.xml:793 msgid "remote_interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:778 +#: sssd-ad.5.xml:798 msgid "network" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:783 +#: sssd-ad.5.xml:803 msgid "batch" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:788 +#: sssd-ad.5.xml:808 msgid "service" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:793 +#: sssd-ad.5.xml:813 msgid "permit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:798 +#: sssd-ad.5.xml:818 msgid "deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:804 +#: sssd-ad.5.xml:824 msgid "Default: deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:810 +#: sssd-ad.5.xml:830 msgid "ad_maximum_machine_account_password_age (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:813 +#: sssd-ad.5.xml:833 msgid "" "SSSD will check once a day if the machine account password is older than the " "given age in days and try to renew it. A value of 0 will disable the renewal " @@ -10734,17 +10994,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:819 +#: sssd-ad.5.xml:839 msgid "Default: 30 days" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:825 +#: sssd-ad.5.xml:845 msgid "ad_machine_account_password_renewal_opts (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:828 +#: sssd-ad.5.xml:848 msgid "" "This option should only be used to test the machine account renewal task. " "The option expects 2 integers separated by a colon (':'). The first integer " @@ -10754,12 +11014,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:837 +#: sssd-ad.5.xml:857 msgid "Default: 86400:750 (24h and 15m)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:846 +#: sssd-ad.5.xml:866 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -10770,19 +11030,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:876 +#: sssd-ad.5.xml:896 msgid "Default: 3600 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:892 +#: sssd-ad.5.xml:912 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:905 +#: sssd-ad.5.xml:925 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -10792,12 +11052,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:928 sss_rpcidmapd.5.xml:76 +#: sssd-ad.5.xml:948 sss_rpcidmapd.5.xml:76 msgid "Default: True" msgstr "Predeterminado: True" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1020 +#: sssd-ad.5.xml:1040 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -10808,7 +11068,7 @@ msgstr "" "Este ejemplo muestra sólo las opciones específicas del proveedor AD." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1027 +#: sssd-ad.5.xml:1047 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -10832,7 +11092,7 @@ msgstr "" "ad_domain = example.com\n" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1047 +#: sssd-ad.5.xml:1067 #, no-wrap msgid "" "access_provider = ldap\n" @@ -10844,7 +11104,7 @@ msgstr "" "ldap_account_expire_policy = ad\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1043 +#: sssd-ad.5.xml:1063 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -10855,7 +11115,7 @@ msgstr "" "<placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1053 +#: sssd-ad.5.xml:1073 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -10865,7 +11125,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1061 +#: sssd-ad.5.xml:1081 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " @@ -11259,33 +11519,89 @@ msgstr "" "los ficheros de registro se almacenan en <filename>/var/log/sssd</filename> " "y hay ficheros de registro separados para cada servicio y dominio SSSD." +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:94 +msgid "" +"This option is deprecated. It is replaced by <option>--logger=files</option>." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:97 +#: sssd.8.xml:101 +#, fuzzy +#| msgid "<option>--debug-timestamps=</option><replaceable>mode</replaceable>" +msgid "<option>--logger=</option><replaceable>value</replaceable>" +msgstr "<option>--debug-timestamps=</option><replaceable>mode</replaceable>" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:105 +msgid "" +"Location where SSSD will send log messages. This option overrides the value " +"of the deprecated option <option>--debug-to-files</option>. The deprecated " +"option will still work if the <option>--logger</option> is not used." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:112 +#, fuzzy +#| msgid "<emphasis>1</emphasis>: Add a timestamp to the debug messages" +msgid "" +"<emphasis>stderr</emphasis>: Redirect debug messages to standard error " +"output." +msgstr "" +"<emphasis>1</emphasis>: Agregar marca de tiempo a mensajes de depuración " + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:116 +#, fuzzy +#| msgid "" +#| "Send the debug output to files instead of stderr. By default, the log " +#| "files are stored in <filename>/var/log/sssd</filename> and there are " +#| "separate log files for every SSSD service and domain." +msgid "" +"<emphasis>files</emphasis>: Redirect debug messages to the log files. By " +"default, the log files are stored in <filename>/var/log/sssd</filename> and " +"there are separate log files for every SSSD service and domain." +msgstr "" +"Envía la salida de depuración a ficheros en lugar de a stderr. Por defecto, " +"los ficheros de registro se almacenan en <filename>/var/log/sssd</filename> " +"y hay ficheros de registro separados para cada servicio y dominio SSSD." + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:122 +#, fuzzy +#| msgid "<emphasis>1</emphasis>: Add a timestamp to the debug messages" +msgid "" +"<emphasis>journald</emphasis>: Redirect debug messages to systemd-journald" +msgstr "" +"<emphasis>1</emphasis>: Agregar marca de tiempo a mensajes de depuración " + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sssd.8.xml:132 msgid "<option>-D</option>,<option>--daemon</option>" msgstr "<option>-D</option>,<option>--daemon</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:101 +#: sssd.8.xml:136 msgid "Become a daemon after starting up." msgstr "Convertido en un demonio después de la puesta en marcha." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:107 sss_seed.8.xml:136 +#: sssd.8.xml:142 sss_seed.8.xml:136 msgid "<option>-i</option>,<option>--interactive</option>" msgstr "<option>-i</option>,<option>--interactive</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:111 +#: sssd.8.xml:146 msgid "Run in the foreground, don't become a daemon." msgstr "Ejecutar en primer plano, no convertirse en un demonio." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:117 +#: sssd.8.xml:152 msgid "<option>-c</option>,<option>--config</option>" msgstr "<option>-c</option>,<option>--config</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:121 +#: sssd.8.xml:156 msgid "" "Specify a non-default config file. The default is <filename>/etc/sssd/sssd." "conf</filename>. For reference on the config file syntax and options, " @@ -11299,27 +11615,27 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:135 +#: sssd.8.xml:170 msgid "<option>--version</option>" msgstr "<option>--version</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:139 +#: sssd.8.xml:174 msgid "Print version number and exit." msgstr "Imprimir número de versión y salir." #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.8.xml:147 +#: sssd.8.xml:182 msgid "Signals" msgstr "Señales" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:150 +#: sssd.8.xml:185 msgid "SIGTERM/SIGINT" msgstr "SIGTERM/SIGINT" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:153 +#: sssd.8.xml:188 msgid "" "Informs the SSSD to gracefully terminate all of its child processes and then " "shut down the monitor." @@ -11328,12 +11644,12 @@ msgstr "" "después para el monitor." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:159 +#: sssd.8.xml:194 msgid "SIGHUP" msgstr "SIGHUP" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:162 +#: sssd.8.xml:197 msgid "" "Tells the SSSD to stop writing to its current debug file descriptors and to " "close and reopen them. This is meant to facilitate log rolling with programs " @@ -11344,12 +11660,12 @@ msgstr "" "registro con programas como logrotate." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:170 +#: sssd.8.xml:205 msgid "SIGUSR1" msgstr "SIGUSR1" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:173 +#: sssd.8.xml:208 msgid "" "Tells the SSSD to simulate offline operation for the duration of the " "<quote>offline_timeout</quote> parameter. This is useful for testing. The " @@ -11358,12 +11674,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:182 +#: sssd.8.xml:217 msgid "SIGUSR2" msgstr "SIGUSR2" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:185 +#: sssd.8.xml:220 msgid "" "Tells the SSSD to go online immediately. This is useful for testing. The " "signal can be sent to either the sssd process or any sssd_be process " @@ -11371,7 +11687,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.8.xml:197 +#: sssd.8.xml:232 msgid "" "If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", client " "applications will not use the fast in memory cache." @@ -13980,7 +14296,7 @@ msgid "" "project was born to deal with this problem in cloud like environments, but " "we found the idea compelling even at a single system level. As a security " "service, SSSD is ideal to host this capability while offering the same API " -"via a Unix Socket. This will make it possible to use local calls and have " +"via a UNIX Socket. This will make it possible to use local calls and have " "them transparently routed to a local or a remote key management store like " "IPA Vault for storage, escrow and recovery." msgstr "" @@ -16708,6 +17024,13 @@ msgstr "" msgid "ldap_group_external_member = ipaExternalMember" msgstr "" +#~ msgid "" +#~ "Determines if a domain can be enumerated. This parameter can have one of " +#~ "the following values:" +#~ msgstr "" +#~ "Determina si un dominio puede ser enumerado. Este parámetro puede tener " +#~ "uno de los siguientes valores:" + #~ msgid "" #~ "<command>sss_debuglevel</command> changes debug level of SSSD monitor and " #~ "providers to <replaceable>NEW_DEBUG_LEVEL</replaceable> while SSSD is " diff --git a/src/man/po/eu.po b/src/man/po/eu.po index 76129180429..f03daa3f083 100644 --- a/src/man/po/eu.po +++ b/src/man/po/eu.po @@ -7,7 +7,7 @@ msgid "" msgstr "" "Project-Id-Version: sssd-docs 1.15.3\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2017-10-20 16:15+0200\n" +"POT-Creation-Date: 2018-03-09 12:30+0100\n" "PO-Revision-Date: 2014-12-14 11:55-0500\n" "Last-Translator: Copied by Zanata <copied-by-zanata@zanata.org>\n" "Language-Team: Basque (http://www.transifex.com/projects/p/sssd/language/" @@ -293,9 +293,9 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:133 sssd.conf.5.xml:543 sssd.conf.5.xml:837 -#: sssd.conf.5.xml:1467 sssd-ldap.5.xml:1722 sssd-ldap.5.xml:1819 -#: sssd-ldap.5.xml:1881 sssd-ldap.5.xml:2447 sssd-ldap.5.xml:2512 -#: sssd-ldap.5.xml:2530 sssd-ad.5.xml:211 sssd-ad.5.xml:325 sssd-ad.5.xml:862 +#: sssd.conf.5.xml:1474 sssd-ldap.5.xml:1840 sssd-ldap.5.xml:1937 +#: sssd-ldap.5.xml:1999 sssd-ldap.5.xml:2565 sssd-ldap.5.xml:2630 +#: sssd-ldap.5.xml:2648 sssd-ad.5.xml:224 sssd-ad.5.xml:338 sssd-ad.5.xml:882 #: sssd-krb5.5.xml:499 sssd-secrets.5.xml:351 sssd-secrets.5.xml:364 msgid "Default: true" msgstr "" @@ -314,16 +314,16 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:146 sssd.conf.5.xml:540 sssd.conf.5.xml:721 -#: sssd.conf.5.xml:1400 sssd.conf.5.xml:2865 sssd-ldap.5.xml:708 -#: sssd-ldap.5.xml:1596 sssd-ldap.5.xml:1615 sssd-ldap.5.xml:1791 -#: sssd-ldap.5.xml:2217 sssd-ipa.5.xml:145 sssd-ipa.5.xml:232 -#: sssd-ipa.5.xml:540 sssd-krb5.5.xml:266 sssd-krb5.5.xml:300 +#: sssd.conf.5.xml:1407 sssd.conf.5.xml:2925 sssd-ldap.5.xml:708 +#: sssd-ldap.5.xml:1714 sssd-ldap.5.xml:1733 sssd-ldap.5.xml:1909 +#: sssd-ldap.5.xml:2335 sssd-ipa.5.xml:151 sssd-ipa.5.xml:238 +#: sssd-ipa.5.xml:559 sssd-krb5.5.xml:266 sssd-krb5.5.xml:300 #: sssd-krb5.5.xml:471 msgid "Default: false" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2255 +#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2373 #: sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 sssd-systemtap.5.xml:210 #: sssd-systemtap.5.xml:248 sssd-systemtap.5.xml:304 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" @@ -348,8 +348,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:169 sssd.conf.5.xml:1352 sssd.conf.5.xml:2881 -#: sssd-ldap.5.xml:1467 include/ldap_id_mapping.xml:264 +#: sssd.conf.5.xml:169 sssd.conf.5.xml:1359 sssd.conf.5.xml:2941 +#: sssd-ldap.5.xml:1585 include/ldap_id_mapping.xml:264 msgid "Default: 10" msgstr "" @@ -364,7 +364,7 @@ msgid "The [sssd] section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:191 sssd.conf.5.xml:2970 +#: sssd.conf.5.xml:191 sssd.conf.5.xml:3030 msgid "Section parameters" msgstr "" @@ -390,7 +390,7 @@ msgstr "" msgid "" "Comma separated list of services that are started when sssd itself starts. " "<phrase condition=\"have_systemd\"> The services' list is optional on " -"platforms where systemd is supported, as they will either be socket or dbus " +"platforms where systemd is supported, as they will either be socket or D-Bus " "activated when needed. </phrase>" msgstr "" @@ -444,7 +444,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:259 sssd.conf.5.xml:2508 +#: sssd.conf.5.xml:259 sssd.conf.5.xml:2539 msgid "re_expression (string)" msgstr "" @@ -464,12 +464,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:276 sssd.conf.5.xml:2559 +#: sssd.conf.5.xml:276 sssd.conf.5.xml:2590 msgid "full_name_format (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:279 sssd.conf.5.xml:2562 +#: sssd.conf.5.xml:279 sssd.conf.5.xml:2593 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -477,39 +477,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:290 sssd.conf.5.xml:2573 +#: sssd.conf.5.xml:290 sssd.conf.5.xml:2604 msgid "%1$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:291 sssd.conf.5.xml:2574 +#: sssd.conf.5.xml:291 sssd.conf.5.xml:2605 msgid "user name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:294 sssd.conf.5.xml:2577 +#: sssd.conf.5.xml:294 sssd.conf.5.xml:2608 msgid "%2$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:297 sssd.conf.5.xml:2580 +#: sssd.conf.5.xml:297 sssd.conf.5.xml:2611 msgid "domain name as specified in the SSSD config file." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:303 sssd.conf.5.xml:2586 +#: sssd.conf.5.xml:303 sssd.conf.5.xml:2617 msgid "%3$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:306 sssd.conf.5.xml:2589 +#: sssd.conf.5.xml:306 sssd.conf.5.xml:2620 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:287 sssd.conf.5.xml:2570 +#: sssd.conf.5.xml:287 sssd.conf.5.xml:2601 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -633,12 +633,13 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:418 sssd.conf.5.xml:1156 sssd-ldap.5.xml:679 -#: sssd-ldap.5.xml:1555 sssd-ldap.5.xml:1567 sssd-ldap.5.xml:1649 -#: sssd-ad.5.xml:667 sssd-ad.5.xml:742 sssd-krb5.5.xml:410 sssd-krb5.5.xml:556 -#: sssd-secrets.5.xml:339 sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 -#: sssd-secrets.5.xml:404 sssd-secrets.5.xml:415 -#: include/ldap_id_mapping.xml:205 include/ldap_id_mapping.xml:216 +#: sssd.conf.5.xml:418 sssd.conf.5.xml:1163 sssd-ldap.5.xml:679 +#: sssd-ldap.5.xml:1319 sssd-ldap.5.xml:1673 sssd-ldap.5.xml:1685 +#: sssd-ldap.5.xml:1767 sssd-ad.5.xml:687 sssd-ad.5.xml:762 sssd.8.xml:126 +#: sssd-krb5.5.xml:410 sssd-krb5.5.xml:556 sssd-secrets.5.xml:339 +#: sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 sssd-secrets.5.xml:404 +#: sssd-secrets.5.xml:415 include/ldap_id_mapping.xml:205 +#: include/ldap_id_mapping.xml:216 msgid "Default: not set" msgstr "" @@ -825,8 +826,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:587 sssd.conf.5.xml:1364 sssd.conf.5.xml:2931 -#: sssd-ad.5.xml:148 sssd-ad.5.xml:286 sssd-ad.5.xml:300 +#: sssd.conf.5.xml:587 sssd.conf.5.xml:1371 sssd.conf.5.xml:2991 +#: sssd-ad.5.xml:161 sssd-ad.5.xml:299 sssd-ad.5.xml:313 msgid "Default: Not set" msgstr "" @@ -902,7 +903,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:655 sssd.conf.5.xml:687 sssd.conf.5.xml:968 -#: sssd.conf.5.xml:1222 sssd-ldap.5.xml:1294 +#: sssd.conf.5.xml:1229 sssd-ldap.5.xml:1412 msgid "Default: 60" msgstr "" @@ -957,12 +958,12 @@ msgid "" "resource exhaustion on the system. The minimum acceptable value for this " "option is 60 seconds. Setting this option to 0 (zero) means that no timeout " "will be set up to the responder. This option only has effect when SSSD is " -"built with systemd support and when services are either socket or dbus " +"built with systemd support and when services are either socket or D-Bus " "activated." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:709 sssd.conf.5.xml:980 sssd.conf.5.xml:1559 +#: sssd.conf.5.xml:709 sssd.conf.5.xml:981 sssd.conf.5.xml:1566 #: sssd-ldap.5.xml:722 msgid "Default: 300" msgstr "" @@ -1040,7 +1041,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:775 sssd.conf.5.xml:1421 +#: sssd.conf.5.xml:775 sssd.conf.5.xml:1428 msgid "Default: 50" msgstr "" @@ -1058,7 +1059,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:789 sssd.conf.5.xml:1445 +#: sssd.conf.5.xml:789 sssd.conf.5.xml:1452 msgid "Default: 15" msgstr "" @@ -1075,7 +1076,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:802 sssd.conf.5.xml:1210 sssd.conf.5.xml:2815 sssd.8.xml:79 +#: sssd.conf.5.xml:802 sssd.conf.5.xml:1217 sssd.conf.5.xml:2846 sssd.8.xml:79 msgid "Default: 0" msgstr "" @@ -1145,7 +1146,7 @@ msgid "" msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:856 sssd.conf.5.xml:1289 sssd.conf.5.xml:1308 +#: sssd.conf.5.xml:856 sssd.conf.5.xml:1296 sssd.conf.5.xml:1315 #: sssd-krb5.5.xml:539 include/override_homedir.xml:59 msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" @@ -1279,12 +1280,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:961 sssd.conf.5.xml:1215 +#: sssd.conf.5.xml:961 sssd.conf.5.xml:1222 msgid "get_domains_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:964 sssd.conf.5.xml:1218 +#: sssd.conf.5.xml:964 sssd.conf.5.xml:1225 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." @@ -1299,23 +1300,30 @@ msgstr "" #: sssd.conf.5.xml:976 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " -"valid." +"valid. Setting this option to zero will disable the in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:983 +#: sssd.conf.5.xml:984 +msgid "" +"WARNING: Disabling the in-memory cache will have significant negative impact " +"on SSSD's performance and should only be used for testing." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:990 msgid "" "NOTE: If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", " "client applications will not use the fast in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:991 sssd-ifp.5.xml:74 +#: sssd.conf.5.xml:998 sssd-ifp.5.xml:74 msgid "user_attributes (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:994 +#: sssd.conf.5.xml:1001 msgid "" "Some of the additional NSS responder requests can return more attributes " "than just the POSIX ones defined by the NSS interface. The list of " @@ -1326,96 +1334,96 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1007 +#: sssd.conf.5.xml:1014 msgid "" "To make configuration more easy the NSS responder will check the InfoPipe " "option if it is not set for the NSS responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1012 +#: sssd.conf.5.xml:1019 msgid "Default: not set, fallback to InfoPipe option" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1017 +#: sssd.conf.5.xml:1024 msgid "pwfield (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1020 +#: sssd.conf.5.xml:1027 msgid "" "The value that NSS operations that return users or groups will return for " "the <quote>password</quote> field." msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:1025 include/override_homedir.xml:56 +#: sssd.conf.5.xml:1032 include/override_homedir.xml:56 msgid "This option can also be set per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1028 +#: sssd.conf.5.xml:1035 msgid "" "Default: <quote>*</quote> (remote domains) or <quote>x</quote> (the files " "domain)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1036 +#: sssd.conf.5.xml:1043 msgid "PAM configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1038 +#: sssd.conf.5.xml:1045 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1043 +#: sssd.conf.5.xml:1050 msgid "offline_credentials_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1046 +#: sssd.conf.5.xml:1053 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1051 sssd.conf.5.xml:1064 +#: sssd.conf.5.xml:1058 sssd.conf.5.xml:1071 msgid "Default: 0 (No limit)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1057 +#: sssd.conf.5.xml:1064 msgid "offline_failed_login_attempts (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1060 +#: sssd.conf.5.xml:1067 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1070 +#: sssd.conf.5.xml:1077 msgid "offline_failed_login_delay (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1073 +#: sssd.conf.5.xml:1080 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1078 +#: sssd.conf.5.xml:1085 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -1423,59 +1431,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1084 sssd.conf.5.xml:1182 +#: sssd.conf.5.xml:1091 sssd.conf.5.xml:1189 msgid "Default: 5" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1090 +#: sssd.conf.5.xml:1097 msgid "pam_verbosity (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1093 +#: sssd.conf.5.xml:1100 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1098 +#: sssd.conf.5.xml:1105 msgid "Currently sssd supports the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1101 +#: sssd.conf.5.xml:1108 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1104 +#: sssd.conf.5.xml:1111 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1108 +#: sssd.conf.5.xml:1115 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1111 +#: sssd.conf.5.xml:1118 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1115 sssd.8.xml:63 +#: sssd.conf.5.xml:1122 sssd.8.xml:63 msgid "Default: 1" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1121 +#: sssd.conf.5.xml:1128 msgid "pam_response_filter (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1124 +#: sssd.conf.5.xml:1131 msgid "" "A comma separated list of strings which allows to remove (filter) data sent " "by the PAM responder to pam_sss PAM module. There are different kind of " @@ -1484,61 +1492,61 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1132 +#: sssd.conf.5.xml:1139 msgid "" "While messages already can be controlled with the help of the pam_verbosity " "option this option allows to filter out other kind of responses as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1139 +#: sssd.conf.5.xml:1146 msgid "ENV" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1140 +#: sssd.conf.5.xml:1147 msgid "Do not send any environment variables to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1143 +#: sssd.conf.5.xml:1150 msgid "ENV:var_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1144 +#: sssd.conf.5.xml:1151 msgid "Do not send environment variable var_name to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1148 +#: sssd.conf.5.xml:1155 msgid "ENV:var_name:service" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1149 +#: sssd.conf.5.xml:1156 msgid "Do not send environment variable var_name to service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1137 +#: sssd.conf.5.xml:1144 msgid "" "Currently the following filters are supported: <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1159 +#: sssd.conf.5.xml:1166 msgid "Example: ENV:KRB5CCNAME:sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1165 +#: sssd.conf.5.xml:1172 msgid "pam_id_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1168 +#: sssd.conf.5.xml:1175 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1546,7 +1554,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1174 +#: sssd.conf.5.xml:1181 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -1555,17 +1563,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1188 +#: sssd.conf.5.xml:1195 msgid "pam_pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1191 sssd.conf.5.xml:2010 +#: sssd.conf.5.xml:1198 sssd.conf.5.xml:2028 msgid "Display a warning N days before the password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1194 +#: sssd.conf.5.xml:1201 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1573,26 +1581,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1200 sssd.conf.5.xml:2013 +#: sssd.conf.5.xml:1207 sssd.conf.5.xml:2031 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1205 +#: sssd.conf.5.xml:1212 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:1234 msgid "pam_trusted_users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1230 +#: sssd.conf.5.xml:1237 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to run PAM conversations against trusted domains. Users not " @@ -1602,74 +1610,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1240 +#: sssd.conf.5.xml:1247 msgid "Default: All users are considered trusted by default" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1244 +#: sssd.conf.5.xml:1251 msgid "" "Please note that UID 0 is always allowed to access the PAM responder even in " "case it is not in the pam_trusted_users list." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1251 +#: sssd.conf.5.xml:1258 msgid "pam_public_domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1254 +#: sssd.conf.5.xml:1261 msgid "" "Specifies the comma-separated list of domain names that are accessible even " "to untrusted users." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1258 +#: sssd.conf.5.xml:1265 msgid "Two special values for pam_public_domains option are defined:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1262 +#: sssd.conf.5.xml:1269 msgid "" "all (Untrusted users are allowed to access all domains in PAM responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1266 +#: sssd.conf.5.xml:1273 msgid "" "none (Untrusted users are not allowed to access any domains PAM in " "responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1270 sssd.conf.5.xml:1295 sssd.conf.5.xml:1314 -#: sssd.conf.5.xml:1807 sssd.conf.5.xml:2751 sssd-ldap.5.xml:1850 +#: sssd.conf.5.xml:1277 sssd.conf.5.xml:1302 sssd.conf.5.xml:1321 +#: sssd.conf.5.xml:1825 sssd.conf.5.xml:2782 sssd-ldap.5.xml:1968 msgid "Default: none" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1275 +#: sssd.conf.5.xml:1282 msgid "pam_account_expired_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1278 +#: sssd.conf.5.xml:1285 msgid "" "Allows a custom expiration message to be set, replacing the default " "'Permission denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1283 +#: sssd.conf.5.xml:1290 msgid "" "Note: Please be aware that message is only printed for the SSH service " "unless pam_verbosity is set to 3 (show all messages and debug information)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1291 +#: sssd.conf.5.xml:1298 #, no-wrap msgid "" "pam_account_expired_message = Account expired, please contact help desk.\n" @@ -1677,19 +1685,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1300 +#: sssd.conf.5.xml:1307 msgid "pam_account_locked_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1303 +#: sssd.conf.5.xml:1310 msgid "" "Allows a custom lockout message to be set, replacing the default 'Permission " "denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1310 +#: sssd.conf.5.xml:1317 #, no-wrap msgid "" "pam_account_locked_message = Account locked, please contact help desk.\n" @@ -1697,12 +1705,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1319 +#: sssd.conf.5.xml:1326 msgid "pam_cert_auth (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1322 +#: sssd.conf.5.xml:1329 msgid "" "Enable certificate based Smartcard authentication. Since this requires " "additional communication with the Smartcard which will delay the " @@ -1710,58 +1718,58 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1328 sssd-ldap.5.xml:1078 sssd-ldap.5.xml:1105 -#: sssd-ldap.5.xml:1396 sssd-ldap.5.xml:1417 sssd-ldap.5.xml:1923 -#: include/ldap_id_mapping.xml:244 +#: sssd.conf.5.xml:1335 sssd.conf.5.xml:2875 sssd-ldap.5.xml:1087 +#: sssd-ldap.5.xml:1114 sssd-ldap.5.xml:1514 sssd-ldap.5.xml:1535 +#: sssd-ldap.5.xml:2041 include/ldap_id_mapping.xml:244 msgid "Default: False" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1333 +#: sssd.conf.5.xml:1340 msgid "pam_cert_db_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1336 +#: sssd.conf.5.xml:1343 msgid "" "The path to the certificate database which contain the PKCS#11 modules to " "access the Smartcard." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1340 +#: sssd.conf.5.xml:1347 msgid "Default: /etc/pki/nssdb (NSS version)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1345 +#: sssd.conf.5.xml:1352 msgid "p11_child_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1348 +#: sssd.conf.5.xml:1355 msgid "How many seconds will pam_sss wait for p11_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1357 +#: sssd.conf.5.xml:1364 msgid "pam_app_services (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1360 +#: sssd.conf.5.xml:1367 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1373 +#: sssd.conf.5.xml:1380 msgid "SUDO configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1375 +#: sssd.conf.5.xml:1382 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -1772,24 +1780,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1392 +#: sssd.conf.5.xml:1399 msgid "sudo_timed (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1395 +#: sssd.conf.5.xml:1402 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1407 +#: sssd.conf.5.xml:1414 msgid "sudo_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1410 +#: sssd.conf.5.xml:1417 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -1799,22 +1807,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1429 +#: sssd.conf.5.xml:1436 msgid "AUTOFS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1431 +#: sssd.conf.5.xml:1438 msgid "These options can be used to configure the autofs service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1435 +#: sssd.conf.5.xml:1442 msgid "autofs_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1438 +#: sssd.conf.5.xml:1445 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -1822,68 +1830,68 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1454 +#: sssd.conf.5.xml:1461 msgid "SSH configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1456 +#: sssd.conf.5.xml:1463 msgid "These options can be used to configure the SSH service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1460 +#: sssd.conf.5.xml:1467 msgid "ssh_hash_known_hosts (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1463 +#: sssd.conf.5.xml:1470 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1472 +#: sssd.conf.5.xml:1479 msgid "ssh_known_hosts_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1475 +#: sssd.conf.5.xml:1482 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1479 +#: sssd.conf.5.xml:1486 msgid "Default: 180" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1484 +#: sssd.conf.5.xml:1491 msgid "ca_db (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1487 +#: sssd.conf.5.xml:1494 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1492 +#: sssd.conf.5.xml:1499 msgid "Default: /etc/pki/nssdb" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1500 +#: sssd.conf.5.xml:1507 msgid "PAC responder configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1502 +#: sssd.conf.5.xml:1509 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -1894,7 +1902,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1511 +#: sssd.conf.5.xml:1518 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -1905,24 +1913,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1519 +#: sssd.conf.5.xml:1526 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1525 +#: sssd.conf.5.xml:1532 msgid "These options can be used to configure the PAC responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1529 sssd-ifp.5.xml:50 +#: sssd.conf.5.xml:1536 sssd-ifp.5.xml:50 msgid "allowed_uids (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1532 +#: sssd.conf.5.xml:1539 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -1930,12 +1938,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1538 +#: sssd.conf.5.xml:1545 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1542 +#: sssd.conf.5.xml:1549 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -1944,24 +1952,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1551 +#: sssd.conf.5.xml:1558 msgid "pac_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1554 +#: sssd.conf.5.xml:1561 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1567 +#: sssd.conf.5.xml:1574 msgid "Session recording configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1569 +#: sssd.conf.5.xml:1576 msgid "" "Session recording works in conjunction with <citerefentry> " "<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> </" @@ -1971,66 +1979,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1582 +#: sssd.conf.5.xml:1589 msgid "These options can be used to configure session recording." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1586 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:1593 sssd-session-recording.5.xml:64 msgid "scope (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1593 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:1600 sssd-session-recording.5.xml:71 msgid "\"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1596 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:1603 sssd-session-recording.5.xml:74 msgid "No users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1601 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:1608 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1604 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:1611 sssd-session-recording.5.xml:82 msgid "" "Users/groups specified by <replaceable>users</replaceable> and " "<replaceable>groups</replaceable> options are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1613 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:1620 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1616 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:1623 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1589 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:1596 sssd-session-recording.5.xml:67 msgid "" "One of the following strings specifying the scope of session recording: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1623 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:1630 sssd-session-recording.5.xml:101 msgid "Default: \"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1628 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:1635 sssd-session-recording.5.xml:106 msgid "users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1631 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:1638 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording enabled. " "Matches user names as returned by NSS. I.e. after the possible space " @@ -2038,17 +2046,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1637 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:1644 sssd-session-recording.5.xml:115 msgid "Default: Empty. Matches no users." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1642 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:1649 sssd-session-recording.5.xml:120 msgid "groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1645 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:1652 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " @@ -2056,7 +2064,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1651 sssd-session-recording.5.xml:129 +#: sssd.conf.5.xml:1658 sssd-session-recording.5.xml:129 msgid "" "NOTE: using this option (having it set to anything) has a considerable " "performance cost, because each uncached request for a user requires " @@ -2064,22 +2072,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1658 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:1665 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1668 +#: sssd.conf.5.xml:1675 msgid "DOMAIN SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1675 +#: sssd.conf.5.xml:1682 msgid "domain_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1678 +#: sssd.conf.5.xml:1685 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " @@ -2088,14 +2096,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1686 +#: sssd.conf.5.xml:1693 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1690 +#: sssd.conf.5.xml:1697 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " @@ -2104,38 +2112,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1698 +#: sssd.conf.5.xml:1705 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1702 +#: sssd.conf.5.xml:1709 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1706 +#: sssd.conf.5.xml:1713 msgid "Default: posix" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1712 +#: sssd.conf.5.xml:1719 msgid "min_id,max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1715 +#: sssd.conf.5.xml:1722 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1720 +#: sssd.conf.5.xml:1727 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -2144,46 +2152,55 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1727 +#: sssd.conf.5.xml:1734 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1731 +#: sssd.conf.5.xml:1738 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1737 +#: sssd.conf.5.xml:1744 msgid "enumerate (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1740 +#: sssd.conf.5.xml:1747 msgid "" -"Determines if a domain can be enumerated. This parameter can have one of the " -"following values:" +"Determines if a domain can be enumerated, that is, whether the domain can " +"list all the users and group it contains. Note that it is not required to " +"enable enumeration in order for secondary groups to be displayed. This " +"parameter can have one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1744 +#: sssd.conf.5.xml:1755 msgid "TRUE = Users and groups are enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1747 +#: sssd.conf.5.xml:1758 msgid "FALSE = No enumerations for this domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1750 sssd.conf.5.xml:1965 sssd.conf.5.xml:2132 +#: sssd.conf.5.xml:1761 sssd.conf.5.xml:1983 sssd.conf.5.xml:2150 msgid "Default: FALSE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1753 +#: sssd.conf.5.xml:1764 +msgid "" +"Enumerating a domain requires SSSD to download and store ALL user and group " +"entries from the remote server." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1769 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -2191,18 +2208,20 @@ msgid "" "information will go directly to LDAP, though it may be slow, due to the " "heavy enumeration processing. Saving a large number of entries to cache " "after the enumeration completes might also be CPU intensive as the " -"memberships have to be recomputed." +"memberships have to be recomputed. This can lead to the <quote>sssd_be</" +"quote> process becoming unresponsive or even restarted by the internal " +"watchdog." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1766 +#: sssd.conf.5.xml:1784 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1771 +#: sssd.conf.5.xml:1789 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -2211,39 +2230,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1779 +#: sssd.conf.5.xml:1797 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1787 +#: sssd.conf.5.xml:1805 msgid "subdomain_enumerate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1794 +#: sssd.conf.5.xml:1812 msgid "all" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1795 +#: sssd.conf.5.xml:1813 msgid "All discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1798 +#: sssd.conf.5.xml:1816 msgid "none" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1799 +#: sssd.conf.5.xml:1817 msgid "No discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1790 +#: sssd.conf.5.xml:1808 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -2252,19 +2271,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1813 +#: sssd.conf.5.xml:1831 msgid "entry_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1816 +#: sssd.conf.5.xml:1834 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1820 +#: sssd.conf.5.xml:1838 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -2275,151 +2294,151 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1833 +#: sssd.conf.5.xml:1851 msgid "Default: 5400" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1839 +#: sssd.conf.5.xml:1857 msgid "entry_cache_user_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1842 +#: sssd.conf.5.xml:1860 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1846 sssd.conf.5.xml:1859 sssd.conf.5.xml:1872 -#: sssd.conf.5.xml:1885 sssd.conf.5.xml:1898 sssd.conf.5.xml:1912 -#: sssd.conf.5.xml:1926 +#: sssd.conf.5.xml:1864 sssd.conf.5.xml:1877 sssd.conf.5.xml:1890 +#: sssd.conf.5.xml:1903 sssd.conf.5.xml:1916 sssd.conf.5.xml:1930 +#: sssd.conf.5.xml:1944 msgid "Default: entry_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1852 +#: sssd.conf.5.xml:1870 msgid "entry_cache_group_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1855 +#: sssd.conf.5.xml:1873 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1865 +#: sssd.conf.5.xml:1883 msgid "entry_cache_netgroup_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1868 +#: sssd.conf.5.xml:1886 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1878 +#: sssd.conf.5.xml:1896 msgid "entry_cache_service_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1881 +#: sssd.conf.5.xml:1899 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1891 +#: sssd.conf.5.xml:1909 msgid "entry_cache_sudo_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1894 +#: sssd.conf.5.xml:1912 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1904 +#: sssd.conf.5.xml:1922 msgid "entry_cache_autofs_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1907 +#: sssd.conf.5.xml:1925 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1918 +#: sssd.conf.5.xml:1936 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1921 +#: sssd.conf.5.xml:1939 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1932 +#: sssd.conf.5.xml:1950 msgid "refresh_expired_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1935 +#: sssd.conf.5.xml:1953 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1940 +#: sssd.conf.5.xml:1958 msgid "" "The background refresh will process users, groups and netgroups in the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1944 +#: sssd.conf.5.xml:1962 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1948 sssd-ldap.5.xml:746 sssd-ipa.5.xml:248 +#: sssd.conf.5.xml:1966 sssd-ldap.5.xml:746 sssd-ipa.5.xml:254 msgid "Default: 0 (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1954 +#: sssd.conf.5.xml:1972 msgid "cache_credentials (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1957 +#: sssd.conf.5.xml:1975 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1961 +#: sssd.conf.5.xml:1979 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1971 +#: sssd.conf.5.xml:1989 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1974 +#: sssd.conf.5.xml:1992 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " @@ -2427,24 +2446,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1981 +#: sssd.conf.5.xml:1999 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1986 +#: sssd.conf.5.xml:2004 msgid "Default: 8" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1992 +#: sssd.conf.5.xml:2010 msgid "account_cache_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1995 +#: sssd.conf.5.xml:2013 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -2453,17 +2472,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2002 +#: sssd.conf.5.xml:2020 msgid "Default: 0 (unlimited)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2007 +#: sssd.conf.5.xml:2025 msgid "pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2018 +#: sssd.conf.5.xml:2036 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -2472,33 +2491,33 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2025 +#: sssd.conf.5.xml:2043 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2031 +#: sssd.conf.5.xml:2049 msgid "id_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2034 +#: sssd.conf.5.xml:2052 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2038 +#: sssd.conf.5.xml:2056 msgid "<quote>proxy</quote>: Support a legacy NSS provider" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2041 sssd.conf.5.xml:2178 +#: sssd.conf.5.xml:2059 sssd.conf.5.xml:2196 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2045 +#: sssd.conf.5.xml:2063 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -2506,8 +2525,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2053 sssd.conf.5.xml:2158 sssd.conf.5.xml:2213 -#: sssd.conf.5.xml:2276 +#: sssd.conf.5.xml:2071 sssd.conf.5.xml:2176 sssd.conf.5.xml:2231 +#: sssd.conf.5.xml:2294 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -2516,8 +2535,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2062 sssd.conf.5.xml:2167 sssd.conf.5.xml:2222 -#: sssd.conf.5.xml:2285 +#: sssd.conf.5.xml:2080 sssd.conf.5.xml:2185 sssd.conf.5.xml:2240 +#: sssd.conf.5.xml:2303 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2525,19 +2544,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2073 +#: sssd.conf.5.xml:2091 msgid "use_fully_qualified_names (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2076 +#: sssd.conf.5.xml:2094 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2081 +#: sssd.conf.5.xml:2099 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -2546,7 +2565,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2089 +#: sssd.conf.5.xml:2107 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -2554,22 +2573,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2096 +#: sssd.conf.5.xml:2114 msgid "Default: FALSE (TRUE if default_domain_suffix is used)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2102 +#: sssd.conf.5.xml:2120 msgid "ignore_group_members (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2105 +#: sssd.conf.5.xml:2123 msgid "Do not return group members for group lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2108 +#: sssd.conf.5.xml:2126 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -2581,7 +2600,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2126 +#: sssd.conf.5.xml:2144 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " @@ -2589,19 +2608,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2137 +#: sssd.conf.5.xml:2155 msgid "auth_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2140 +#: sssd.conf.5.xml:2158 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2144 sssd.conf.5.xml:2206 +#: sssd.conf.5.xml:2162 sssd.conf.5.xml:2224 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2609,7 +2628,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2151 +#: sssd.conf.5.xml:2169 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2617,30 +2636,30 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2175 +#: sssd.conf.5.xml:2193 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2182 +#: sssd.conf.5.xml:2200 msgid "<quote>none</quote> disables authentication explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2185 +#: sssd.conf.5.xml:2203 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2191 +#: sssd.conf.5.xml:2209 msgid "access_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2194 +#: sssd.conf.5.xml:2212 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -2648,19 +2667,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2200 +#: sssd.conf.5.xml:2218 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2203 +#: sssd.conf.5.xml:2221 msgid "<quote>deny</quote> always deny access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2230 +#: sssd.conf.5.xml:2248 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -2669,7 +2688,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2237 +#: sssd.conf.5.xml:2255 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum></" @@ -2677,29 +2696,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2244 +#: sssd.conf.5.xml:2262 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2247 +#: sssd.conf.5.xml:2265 msgid "Default: <quote>permit</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2252 +#: sssd.conf.5.xml:2270 msgid "chpass_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2255 +#: sssd.conf.5.xml:2273 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2260 +#: sssd.conf.5.xml:2278 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -2707,7 +2726,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2268 +#: sssd.conf.5.xml:2286 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2715,35 +2734,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2293 +#: sssd.conf.5.xml:2311 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2297 +#: sssd.conf.5.xml:2315 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2300 +#: sssd.conf.5.xml:2318 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2307 +#: sssd.conf.5.xml:2325 msgid "sudo_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2310 +#: sssd.conf.5.xml:2328 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2314 +#: sssd.conf.5.xml:2332 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2751,32 +2770,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2322 +#: sssd.conf.5.xml:2340 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2326 +#: sssd.conf.5.xml:2344 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2330 +#: sssd.conf.5.xml:2348 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2333 sssd.conf.5.xml:2411 sssd.conf.5.xml:2476 -#: sssd.conf.5.xml:2501 +#: sssd.conf.5.xml:2351 sssd.conf.5.xml:2437 sssd.conf.5.xml:2507 +#: sssd.conf.5.xml:2532 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2337 +#: sssd.conf.5.xml:2355 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -2786,13 +2805,22 @@ msgid "" "<manvolnum>5</manvolnum> </citerefentry>." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2370 +msgid "" +"<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " +"background unless the sudo provider is explicitly disabled. Set " +"<emphasis>sudo_provider = None</emphasis> to disable all sudo-related " +"activity in SSSD if you do not want to use sudo with SSSD at all." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2354 +#: sssd.conf.5.xml:2380 msgid "selinux_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2357 +#: sssd.conf.5.xml:2383 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -2800,7 +2828,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2363 +#: sssd.conf.5.xml:2389 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -2808,31 +2836,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2371 +#: sssd.conf.5.xml:2397 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2374 +#: sssd.conf.5.xml:2400 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2380 +#: sssd.conf.5.xml:2406 msgid "subdomains_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2383 +#: sssd.conf.5.xml:2409 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2389 +#: sssd.conf.5.xml:2415 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -2840,7 +2868,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2398 +#: sssd.conf.5.xml:2424 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -2849,17 +2877,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2407 +#: sssd.conf.5.xml:2433 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2417 +#: sssd.conf.5.xml:2443 msgid "session_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2420 +#: sssd.conf.5.xml:2446 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " @@ -2867,36 +2895,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2427 +#: sssd.conf.5.xml:2453 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2431 +#: sssd.conf.5.xml:2457 msgid "" "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2435 +#: sssd.conf.5.xml:2461 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can perform " "session related tasks." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2465 +msgid "" +"<emphasis>NOTE:</emphasis> In order to have this feature working as expected " +"SSSD must be running as \"root\" and not as the unprivileged user." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2442 +#: sssd.conf.5.xml:2473 msgid "autofs_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2445 +#: sssd.conf.5.xml:2476 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2449 +#: sssd.conf.5.xml:2480 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2904,7 +2939,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2456 +#: sssd.conf.5.xml:2487 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2912,7 +2947,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2464 +#: sssd.conf.5.xml:2495 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2920,24 +2955,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2473 +#: sssd.conf.5.xml:2504 msgid "<quote>none</quote> disables autofs explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2483 +#: sssd.conf.5.xml:2514 msgid "hostid_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2486 +#: sssd.conf.5.xml:2517 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2490 +#: sssd.conf.5.xml:2521 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -2945,12 +2980,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2498 +#: sssd.conf.5.xml:2529 msgid "<quote>none</quote> disables hostid explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2511 +#: sssd.conf.5.xml:2542 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -2960,7 +2995,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2520 +#: sssd.conf.5.xml:2551 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -2969,29 +3004,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2525 +#: sssd.conf.5.xml:2556 msgid "username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2528 +#: sssd.conf.5.xml:2559 msgid "username@domain.name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2531 +#: sssd.conf.5.xml:2562 msgid "domain\\username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2534 +#: sssd.conf.5.xml:2565 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2539 +#: sssd.conf.5.xml:2570 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -2999,7 +3034,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2545 +#: sssd.conf.5.xml:2576 msgid "" "PLEASE NOTE: the support for non-unique named subpatterns is not available " "on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre " @@ -3007,66 +3042,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2552 +#: sssd.conf.5.xml:2583 msgid "" "PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?" "P<name>) to label subpatterns." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2599 +#: sssd.conf.5.xml:2630 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2605 +#: sssd.conf.5.xml:2636 msgid "lookup_family_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2608 +#: sssd.conf.5.xml:2639 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2612 +#: sssd.conf.5.xml:2643 msgid "Supported values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2615 +#: sssd.conf.5.xml:2646 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2618 +#: sssd.conf.5.xml:2649 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2621 +#: sssd.conf.5.xml:2652 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2624 +#: sssd.conf.5.xml:2655 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2627 +#: sssd.conf.5.xml:2658 msgid "Default: ipv4_first" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2633 +#: sssd.conf.5.xml:2664 msgid "dns_resolver_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2636 +#: sssd.conf.5.xml:2667 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the " "internal fail over service before assuming that the service is unreachable. " @@ -3075,77 +3110,77 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2643 +#: sssd.conf.5.xml:2674 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2648 sssd-ldap.5.xml:1278 sssd-ldap.5.xml:1320 -#: sssd-ldap.5.xml:1338 sssd-krb5.5.xml:248 +#: sssd.conf.5.xml:2679 sssd-ldap.5.xml:1396 sssd-ldap.5.xml:1438 +#: sssd-ldap.5.xml:1456 sssd-krb5.5.xml:248 msgid "Default: 6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2654 +#: sssd.conf.5.xml:2685 msgid "dns_discovery_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2657 +#: sssd.conf.5.xml:2688 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2661 +#: sssd.conf.5.xml:2692 msgid "Default: Use the domain part of machine's hostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2667 +#: sssd.conf.5.xml:2698 msgid "override_gid (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2670 +#: sssd.conf.5.xml:2701 msgid "Override the primary GID value with the one specified." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2676 +#: sssd.conf.5.xml:2707 msgid "case_sensitive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2684 +#: sssd.conf.5.xml:2715 msgid "True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2687 +#: sssd.conf.5.xml:2718 msgid "Case sensitive. This value is invalid for AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2693 +#: sssd.conf.5.xml:2724 msgid "False" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2695 +#: sssd.conf.5.xml:2726 msgid "Case insensitive." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2699 +#: sssd.conf.5.xml:2730 msgid "Preserving" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2702 +#: sssd.conf.5.xml:2733 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " @@ -3153,7 +3188,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2679 +#: sssd.conf.5.xml:2710 msgid "" "Treat user and group names as case sensitive. At the moment, this option is " "not supported in the local provider. Possible option values are: " @@ -3161,17 +3196,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2714 +#: sssd.conf.5.xml:2745 msgid "Default: True (False for AD provider)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2720 +#: sssd.conf.5.xml:2751 msgid "subdomain_inherit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2723 +#: sssd.conf.5.xml:2754 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " @@ -3179,34 +3214,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2729 +#: sssd.conf.5.xml:2760 msgid "ignore_group_members" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2732 +#: sssd.conf.5.xml:2763 msgid "ldap_purge_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2735 sssd-ldap.5.xml:1111 +#: sssd.conf.5.xml:2766 sssd-ldap.5.xml:1120 msgid "ldap_use_tokengroups" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2738 +#: sssd.conf.5.xml:2769 msgid "ldap_user_principal" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2741 +#: sssd.conf.5.xml:2772 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:2747 +#: sssd.conf.5.xml:2778 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" @@ -3214,32 +3249,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2745 sssd-secrets.5.xml:448 +#: sssd.conf.5.xml:2776 sssd-secrets.5.xml:448 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2754 +#: sssd.conf.5.xml:2785 msgid "Note: This option only works with the IPA and AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2761 +#: sssd.conf.5.xml:2792 msgid "subdomain_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2772 +#: sssd.conf.5.xml:2803 msgid "%F" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2773 +#: sssd.conf.5.xml:2804 msgid "flat (NetBIOS) name of a subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2764 +#: sssd.conf.5.xml:2795 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -3249,34 +3284,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2778 +#: sssd.conf.5.xml:2809 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2782 +#: sssd.conf.5.xml:2813 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2787 +#: sssd.conf.5.xml:2818 msgid "realmd_tags (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2790 +#: sssd.conf.5.xml:2821 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2796 +#: sssd.conf.5.xml:2827 msgid "cached_auth_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2799 +#: sssd.conf.5.xml:2830 msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " @@ -3284,20 +3319,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2805 +#: sssd.conf.5.xml:2836 msgid "Special value 0 implies that this feature is disabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2809 +#: sssd.conf.5.xml:2840 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " "<quote>initgroups.</quote>" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2851 +msgid "auto_private_groups (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2854 +msgid "" +"If this option is enabled, SSSD will automatically create user private " +"groups based on user's UID number. The GID number is ignored in this case." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2859 +msgid "" +"For POSIX subdomains, setting the option in the main domain is inherited in " +"the subdomain." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2863 +msgid "" +"For ID-mapping subdomains, auto_private_groups is already enabled for the " +"subdomains and setting it to false will not have any effect for the " +"subdomain." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2868 +msgid "" +"NOTE: Because the GID number and the user private group are inferred from " +"the UID number, it is not supported to have multiple entries with the same " +"UID or GID number with this option. In other words, enabling this option " +"enforces uniqueness across the ID space." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1670 +#: sssd.conf.5.xml:1677 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -3305,29 +3376,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2827 +#: sssd.conf.5.xml:2887 msgid "proxy_pam_target (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2830 +#: sssd.conf.5.xml:2890 msgid "The proxy target PAM proxies to." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2833 +#: sssd.conf.5.xml:2893 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2841 +#: sssd.conf.5.xml:2901 msgid "proxy_lib_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2844 +#: sssd.conf.5.xml:2904 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -3335,12 +3406,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2854 +#: sssd.conf.5.xml:2914 msgid "proxy_fast_alias (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2857 +#: sssd.conf.5.xml:2917 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -3349,12 +3420,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2871 +#: sssd.conf.5.xml:2931 msgid "proxy_max_children (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2874 +#: sssd.conf.5.xml:2934 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " @@ -3362,19 +3433,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:2823 +#: sssd.conf.5.xml:2883 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2890 +#: sssd.conf.5.xml:2950 msgid "Application domains" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2892 +#: sssd.conf.5.xml:2952 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> <refentrytitle>sssd-ifp</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) is appealing to " @@ -3391,7 +3462,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2912 +#: sssd.conf.5.xml:2972 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " @@ -3399,17 +3470,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:2918 +#: sssd.conf.5.xml:2978 msgid "Application domain parameters" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2920 +#: sssd.conf.5.xml:2980 msgid "inherit_from (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2923 +#: sssd.conf.5.xml:2983 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " @@ -3418,7 +3489,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2937 +#: sssd.conf.5.xml:2997 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " @@ -3428,7 +3499,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:2945 +#: sssd.conf.5.xml:3005 #, no-wrap msgid "" "[sssd]\n" @@ -3448,12 +3519,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2963 +#: sssd.conf.5.xml:3023 msgid "The local domain section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2965 +#: sssd.conf.5.xml:3025 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -3461,73 +3532,73 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2972 +#: sssd.conf.5.xml:3032 msgid "default_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2975 +#: sssd.conf.5.xml:3035 msgid "The default shell for users created with SSSD userspace tools." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2979 +#: sssd.conf.5.xml:3039 msgid "Default: <filename>/bin/bash</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2984 +#: sssd.conf.5.xml:3044 msgid "base_directory (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2987 +#: sssd.conf.5.xml:3047 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2992 +#: sssd.conf.5.xml:3052 msgid "Default: <filename>/home</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2997 +#: sssd.conf.5.xml:3057 msgid "create_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3000 +#: sssd.conf.5.xml:3060 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3004 sssd.conf.5.xml:3016 +#: sssd.conf.5.xml:3064 sssd.conf.5.xml:3076 msgid "Default: TRUE" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3009 +#: sssd.conf.5.xml:3069 msgid "remove_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3012 +#: sssd.conf.5.xml:3072 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3021 +#: sssd.conf.5.xml:3081 msgid "homedir_umask (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3024 +#: sssd.conf.5.xml:3084 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -3535,17 +3606,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3032 +#: sssd.conf.5.xml:3092 msgid "Default: 077" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3037 +#: sssd.conf.5.xml:3097 msgid "skel_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3040 +#: sssd.conf.5.xml:3100 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -3554,17 +3625,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3050 +#: sssd.conf.5.xml:3110 msgid "Default: <filename>/etc/skel</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3055 +#: sssd.conf.5.xml:3115 msgid "mail_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3058 +#: sssd.conf.5.xml:3118 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -3572,17 +3643,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3065 +#: sssd.conf.5.xml:3125 msgid "Default: <filename>/var/mail</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3070 +#: sssd.conf.5.xml:3130 msgid "userdel_cmd (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3073 +#: sssd.conf.5.xml:3133 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -3590,17 +3661,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3079 +#: sssd.conf.5.xml:3139 msgid "Default: None, no command is run" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3089 +#: sssd.conf.5.xml:3149 msgid "TRUSTED DOMAIN SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3091 +#: sssd.conf.5.xml:3151 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called <quote>[domain/" @@ -3611,64 +3682,64 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3098 +#: sssd.conf.5.xml:3158 msgid "ldap_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3099 +#: sssd.conf.5.xml:3159 msgid "ldap_user_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3100 +#: sssd.conf.5.xml:3160 msgid "ldap_group_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3101 +#: sssd.conf.5.xml:3161 msgid "ldap_netgroup_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3102 +#: sssd.conf.5.xml:3162 msgid "ldap_service_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3103 +#: sssd.conf.5.xml:3163 msgid "ad_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3104 +#: sssd.conf.5.xml:3164 msgid "ad_backup_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3105 +#: sssd.conf.5.xml:3165 msgid "ad_site," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3106 +#: sssd.conf.5.xml:3166 msgid "use_fully_qualified_names" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3108 +#: sssd.conf.5.xml:3168 msgid "" "For more details about these options see their individual description in the " "manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3114 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:3174 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3120 +#: sssd.conf.5.xml:3180 #, no-wrap msgid "" "[sssd]\n" @@ -3698,7 +3769,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3116 +#: sssd.conf.5.xml:3176 msgid "" "1. The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -3707,7 +3778,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3153 +#: sssd.conf.5.xml:3213 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" @@ -3715,7 +3786,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3147 +#: sssd.conf.5.xml:3207 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -3763,7 +3834,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:75 sssd-ad.5.xml:99 +#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:81 sssd-ad.5.xml:112 #: sssd-krb5.5.xml:63 sssd-ifp.5.xml:44 sssd-files.5.xml:57 #: sssd-secrets.5.xml:120 sssd-session-recording.5.xml:58 sssd-kcm.8.xml:139 msgid "CONFIGURATION OPTIONS" @@ -3864,7 +3935,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:662 sssd-ad.5.xml:270 +#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:662 sssd-ad.5.xml:283 #: sss_override.8.xml:137 sss_override.8.xml:234 msgid "Examples:" msgstr "" @@ -4065,7 +4136,7 @@ msgid "The LDAP attribute that corresponds to the user's primary group id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:297 sssd-ldap.5.xml:920 +#: sssd-ldap.5.xml:297 sssd-ldap.5.xml:929 msgid "Default: gidNumber" msgstr "" @@ -4143,7 +4214,7 @@ msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:364 sssd-ldap.5.xml:946 +#: sssd-ldap.5.xml:364 sssd-ldap.5.xml:955 msgid "" "Default: not set in the general case, objectGUID for AD and ipaUniqueID for " "IPA" @@ -4162,7 +4233,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:379 sssd-ldap.5.xml:961 +#: sssd-ldap.5.xml:379 sssd-ldap.5.xml:970 msgid "Default: objectSid for ActiveDirectory, not set for other servers." msgstr "" @@ -4172,14 +4243,14 @@ msgid "ldap_user_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:389 sssd-ldap.5.xml:971 sssd-ldap.5.xml:1194 +#: sssd-ldap.5.xml:389 sssd-ldap.5.xml:980 sssd-ldap.5.xml:1203 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:393 sssd-ldap.5.xml:975 sssd-ldap.5.xml:1201 +#: sssd-ldap.5.xml:393 sssd-ldap.5.xml:984 sssd-ldap.5.xml:1210 msgid "Default: modifyTimestamp" msgstr "" @@ -4511,7 +4582,7 @@ msgid "The LDAP attribute that contains the user's SSH public keys." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:692 +#: sssd-ldap.5.xml:692 sssd-ldap.5.xml:1306 msgid "Default: sshPublicKey" msgstr "" @@ -4574,8 +4645,8 @@ msgid "The LDAP attribute that corresponds to the user's full name." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:759 sssd-ldap.5.xml:1152 sssd-ldap.5.xml:1226 -#: sssd-ldap.5.xml:2276 sssd-ipa.5.xml:588 +#: sssd-ldap.5.xml:759 sssd-ldap.5.xml:1161 sssd-ldap.5.xml:1235 +#: sssd-ldap.5.xml:1344 sssd-ldap.5.xml:2394 sssd-ipa.5.xml:607 msgid "Default: cn" msgstr "" @@ -4590,7 +4661,7 @@ msgid "The LDAP attribute that lists the user's group memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:772 +#: sssd-ldap.5.xml:772 sssd-ldap.5.xml:1274 msgid "Default: memberOf" msgstr "" @@ -4720,105 +4791,115 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:881 +msgid "" +"Note: If an email address of a user conflicts with an email address or fully " +"qualified name of another user, then SSSD will not be able to serve those " +"users properly. If for some reason several users need to share the same " +"email address then set this option to a nonexistent attribute name in order " +"to disable user lookup/login by email." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:890 msgid "Default: mail" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:887 +#: sssd-ldap.5.xml:896 msgid "ldap_group_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:890 +#: sssd-ldap.5.xml:899 msgid "The object class of a group entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:893 +#: sssd-ldap.5.xml:902 msgid "Default: posixGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:899 +#: sssd-ldap.5.xml:908 msgid "ldap_group_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:902 +#: sssd-ldap.5.xml:911 msgid "The LDAP attribute that corresponds to the group name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:906 +#: sssd-ldap.5.xml:915 msgid "Default: cn (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:913 +#: sssd-ldap.5.xml:922 msgid "ldap_group_gid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:916 +#: sssd-ldap.5.xml:925 msgid "The LDAP attribute that corresponds to the group's id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:926 +#: sssd-ldap.5.xml:935 msgid "ldap_group_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:929 +#: sssd-ldap.5.xml:938 msgid "The LDAP attribute that contains the names of the group's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:933 +#: sssd-ldap.5.xml:942 msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:939 +#: sssd-ldap.5.xml:948 msgid "ldap_group_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:942 +#: sssd-ldap.5.xml:951 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:953 +#: sssd-ldap.5.xml:962 msgid "ldap_group_objectsid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:956 +#: sssd-ldap.5.xml:965 msgid "" "The LDAP attribute that contains the objectSID of an LDAP group object. This " "is usually only necessary for ActiveDirectory servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:968 +#: sssd-ldap.5.xml:977 msgid "ldap_group_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:981 +#: sssd-ldap.5.xml:990 msgid "ldap_group_type (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:984 +#: sssd-ldap.5.xml:993 msgid "" "The LDAP attribute that contains an integer value indicating the type of the " "group and maybe other flags." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:989 +#: sssd-ldap.5.xml:998 msgid "" "This attribute is currently only used by the AD provider to determine if a " "group is a domain local groups and has to be filtered out for trusted " @@ -4826,34 +4907,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:995 +#: sssd-ldap.5.xml:1004 msgid "Default: groupType in the AD provider, otherwise not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1002 +#: sssd-ldap.5.xml:1011 msgid "ldap_group_external_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1005 +#: sssd-ldap.5.xml:1014 msgid "" "The LDAP attribute that references group members that are defined in an " "external domain. At the moment, only IPA's external members are supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1011 +#: sssd-ldap.5.xml:1020 msgid "Default: ipaExternalMember in the IPA provider, otherwise unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1018 +#: sssd-ldap.5.xml:1027 msgid "ldap_group_nesting_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1021 +#: sssd-ldap.5.xml:1030 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -4861,7 +4942,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1028 +#: sssd-ldap.5.xml:1037 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -4871,7 +4952,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1037 +#: sssd-ldap.5.xml:1046 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " @@ -4881,17 +4962,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1046 +#: sssd-ldap.5.xml:1055 msgid "Default: 2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1052 +#: sssd-ldap.5.xml:1061 msgid "ldap_groups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1055 +#: sssd-ldap.5.xml:1064 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which may speed up group lookup operations on deployments with " @@ -4899,14 +4980,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1061 +#: sssd-ldap.5.xml:1070 msgid "" "In most common cases, it is best to leave this option disabled. It generally " "only provides a performance increase on very complex nestings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1066 sssd-ldap.5.xml:1093 +#: sssd-ldap.5.xml:1075 sssd-ldap.5.xml:1102 msgid "" "If this option is enabled, SSSD will use it if it detects that the server " "supports it during initial connection. So \"True\" here essentially means " @@ -4914,7 +4995,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1072 sssd-ldap.5.xml:1099 +#: sssd-ldap.5.xml:1081 sssd-ldap.5.xml:1108 msgid "" "Note: This feature is currently known to work only with Active Directory " "2008 R1 and later. See <ulink url=\"http://msdn.microsoft.com/en-us/library/" @@ -4923,12 +5004,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1084 +#: sssd-ldap.5.xml:1093 msgid "ldap_initgroups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1087 +#: sssd-ldap.5.xml:1096 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which might speed up initgroups operations (most notably when " @@ -4936,168 +5017,268 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1114 +#: sssd-ldap.5.xml:1123 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1119 +#: sssd-ldap.5.xml:1128 msgid "Default: True for AD and IPA otherwise False." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1125 +#: sssd-ldap.5.xml:1134 msgid "ldap_netgroup_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1128 +#: sssd-ldap.5.xml:1137 msgid "The object class of a netgroup entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1131 +#: sssd-ldap.5.xml:1140 msgid "In IPA provider, ipa_netgroup_object_class should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1135 +#: sssd-ldap.5.xml:1144 msgid "Default: nisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1141 +#: sssd-ldap.5.xml:1150 msgid "ldap_netgroup_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1144 +#: sssd-ldap.5.xml:1153 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1148 +#: sssd-ldap.5.xml:1157 msgid "In IPA provider, ipa_netgroup_name should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1158 +#: sssd-ldap.5.xml:1167 msgid "ldap_netgroup_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1161 +#: sssd-ldap.5.xml:1170 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1165 +#: sssd-ldap.5.xml:1174 msgid "In IPA provider, ipa_netgroup_member should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1169 +#: sssd-ldap.5.xml:1178 msgid "Default: memberNisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1175 +#: sssd-ldap.5.xml:1184 msgid "ldap_netgroup_triple (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1178 +#: sssd-ldap.5.xml:1187 msgid "" "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1182 sssd-ldap.5.xml:1198 +#: sssd-ldap.5.xml:1191 sssd-ldap.5.xml:1207 msgid "This option is not available in IPA provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1185 +#: sssd-ldap.5.xml:1194 msgid "Default: nisNetgroupTriple" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1191 +#: sssd-ldap.5.xml:1200 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1207 -msgid "ldap_service_object_class (string)" +#: sssd-ldap.5.xml:1216 +msgid "ldap_host_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1210 -msgid "The object class of a service entry in LDAP." +#: sssd-ldap.5.xml:1219 +msgid "The object class of a host entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1213 +#: sssd-ldap.5.xml:1222 sssd-ldap.5.xml:1331 msgid "Default: ipService" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1219 +#: sssd-ldap.5.xml:1228 +msgid "ldap_host_name (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1231 sssd-ldap.5.xml:1257 +msgid "The LDAP attribute that corresponds to the host's name." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1241 +msgid "ldap_host_fqdn (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1244 +msgid "" +"The LDAP attribute that corresponds to the host's fully-qualified domain " +"name." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1248 +msgid "Default: fqdn" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1254 +msgid "ldap_host_serverhostname (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1261 +msgid "Default: serverHostname" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1267 +msgid "ldap_host_member_of (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1270 +msgid "The LDAP attribute that lists the host's group memberships." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1280 +msgid "ldap_host_search_base (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1283 +msgid "Optional. Use the given string as search base for host objects." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1287 sssd-ipa.5.xml:359 sssd-ipa.5.xml:378 +#: sssd-ipa.5.xml:397 sssd-ipa.5.xml:416 +msgid "" +"See <quote>ldap_search_base</quote> for information about configuring " +"multiple search bases." +msgstr "" + +#. type: Content of: <listitem><para> +#: sssd-ldap.5.xml:1292 sssd-ipa.5.xml:364 include/ldap_search_bases.xml:27 +msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1299 +msgid "ldap_host_ssh_public_key (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1302 +msgid "The LDAP attribute that contains the host's SSH public keys." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1312 +msgid "ldap_host_uuid (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1315 +msgid "The LDAP attribute that contains the UUID/GUID of an LDAP host object." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1325 +msgid "ldap_service_object_class (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1328 +msgid "The object class of a service entry in LDAP." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1337 msgid "ldap_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1222 +#: sssd-ldap.5.xml:1340 msgid "" "The LDAP attribute that contains the name of service attributes and their " "aliases." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1232 +#: sssd-ldap.5.xml:1350 msgid "ldap_service_port (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1235 +#: sssd-ldap.5.xml:1353 msgid "The LDAP attribute that contains the port managed by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1239 +#: sssd-ldap.5.xml:1357 msgid "Default: ipServicePort" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1245 +#: sssd-ldap.5.xml:1363 msgid "ldap_service_proto (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1248 +#: sssd-ldap.5.xml:1366 msgid "" "The LDAP attribute that contains the protocols understood by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1252 +#: sssd-ldap.5.xml:1370 msgid "Default: ipServiceProtocol" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1258 +#: sssd-ldap.5.xml:1376 msgid "ldap_service_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1263 +#: sssd-ldap.5.xml:1381 msgid "ldap_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1266 +#: sssd-ldap.5.xml:1384 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -5105,7 +5286,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1272 +#: sssd-ldap.5.xml:1390 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -5113,12 +5294,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1284 +#: sssd-ldap.5.xml:1402 msgid "ldap_enumeration_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1287 +#: sssd-ldap.5.xml:1405 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -5126,12 +5307,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1300 +#: sssd-ldap.5.xml:1418 msgid "ldap_network_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1303 +#: sssd-ldap.5.xml:1421 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -5142,12 +5323,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1326 +#: sssd-ldap.5.xml:1444 msgid "ldap_opt_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1329 +#: sssd-ldap.5.xml:1447 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -5156,12 +5337,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1344 +#: sssd-ldap.5.xml:1462 msgid "ldap_connection_expire_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1347 +#: sssd-ldap.5.xml:1465 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -5170,34 +5351,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1355 sssd-ldap.5.xml:2433 +#: sssd-ldap.5.xml:1473 sssd-ldap.5.xml:2551 msgid "Default: 900 (15 minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1361 +#: sssd-ldap.5.xml:1479 msgid "ldap_page_size (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1364 +#: sssd-ldap.5.xml:1482 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1369 +#: sssd-ldap.5.xml:1487 msgid "Default: 1000" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1375 +#: sssd-ldap.5.xml:1493 msgid "ldap_disable_paging (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1378 +#: sssd-ldap.5.xml:1496 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -5205,14 +5386,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1384 +#: sssd-ldap.5.xml:1502 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1390 +#: sssd-ldap.5.xml:1508 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -5220,17 +5401,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1402 +#: sssd-ldap.5.xml:1520 msgid "ldap_disable_range_retrieval (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1405 +#: sssd-ldap.5.xml:1523 msgid "Disable Active Directory range retrieval." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1408 +#: sssd-ldap.5.xml:1526 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -5240,12 +5421,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1423 +#: sssd-ldap.5.xml:1541 msgid "ldap_sasl_minssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1426 +#: sssd-ldap.5.xml:1544 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -5253,17 +5434,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1432 +#: sssd-ldap.5.xml:1550 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1439 +#: sssd-ldap.5.xml:1557 msgid "ldap_deref_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1442 +#: sssd-ldap.5.xml:1560 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -5271,13 +5452,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1448 +#: sssd-ldap.5.xml:1566 msgid "" "You can turn off dereference lookups completely by setting the value to 0." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1452 +#: sssd-ldap.5.xml:1570 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -5286,7 +5467,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1460 +#: sssd-ldap.5.xml:1578 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -5294,26 +5475,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1473 +#: sssd-ldap.5.xml:1591 msgid "ldap_tls_reqcert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1476 +#: sssd-ldap.5.xml:1594 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1482 +#: sssd-ldap.5.xml:1600 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1486 +#: sssd-ldap.5.xml:1604 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5321,7 +5502,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1493 +#: sssd-ldap.5.xml:1611 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5329,7 +5510,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1499 +#: sssd-ldap.5.xml:1617 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -5337,41 +5518,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1505 +#: sssd-ldap.5.xml:1623 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1509 +#: sssd-ldap.5.xml:1627 msgid "Default: hard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1515 +#: sssd-ldap.5.xml:1633 msgid "ldap_tls_cacert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1518 +#: sssd-ldap.5.xml:1636 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1523 sssd-ldap.5.xml:1541 sssd-ldap.5.xml:1582 +#: sssd-ldap.5.xml:1641 sssd-ldap.5.xml:1659 sssd-ldap.5.xml:1700 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1530 +#: sssd-ldap.5.xml:1648 msgid "ldap_tls_cacertdir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1533 +#: sssd-ldap.5.xml:1651 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -5380,32 +5561,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1548 +#: sssd-ldap.5.xml:1666 msgid "ldap_tls_cert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1551 +#: sssd-ldap.5.xml:1669 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1561 +#: sssd-ldap.5.xml:1679 msgid "ldap_tls_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1564 +#: sssd-ldap.5.xml:1682 msgid "Specifies the file that contains the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1573 +#: sssd-ldap.5.xml:1691 msgid "ldap_tls_cipher_suite (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1576 +#: sssd-ldap.5.xml:1694 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -5413,24 +5594,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1589 +#: sssd-ldap.5.xml:1707 msgid "ldap_id_use_start_tls (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1592 +#: sssd-ldap.5.xml:1710 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1602 +#: sssd-ldap.5.xml:1720 msgid "ldap_id_mapping (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1605 +#: sssd-ldap.5.xml:1723 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -5438,17 +5619,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1611 +#: sssd-ldap.5.xml:1729 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1621 +#: sssd-ldap.5.xml:1739 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1624 +#: sssd-ldap.5.xml:1742 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -5459,29 +5640,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1636 +#: sssd-ldap.5.xml:1754 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1642 +#: sssd-ldap.5.xml:1760 msgid "ldap_sasl_mech (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1645 +#: sssd-ldap.5.xml:1763 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI is tested and " "supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1655 +#: sssd-ldap.5.xml:1773 msgid "ldap_sasl_authid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1658 +#: sssd-ldap.5.xml:1776 msgid "" "Specify the SASL authorization id to use. When GSSAPI is used, this " "represents the Kerberos principal used for authentication to the directory. " @@ -5490,17 +5671,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1666 +#: sssd-ldap.5.xml:1784 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1672 +#: sssd-ldap.5.xml:1790 msgid "ldap_sasl_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1675 +#: sssd-ldap.5.xml:1793 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -5508,49 +5689,49 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1681 +#: sssd-ldap.5.xml:1799 msgid "Default: the value of krb5_realm." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1687 +#: sssd-ldap.5.xml:1805 msgid "ldap_sasl_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1690 +#: sssd-ldap.5.xml:1808 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1695 +#: sssd-ldap.5.xml:1813 msgid "Default: false;" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1701 +#: sssd-ldap.5.xml:1819 msgid "ldap_krb5_keytab (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1704 +#: sssd-ldap.5.xml:1822 msgid "Specify the keytab to use when using SASL/GSSAPI." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1707 +#: sssd-ldap.5.xml:1825 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1713 +#: sssd-ldap.5.xml:1831 msgid "ldap_krb5_init_creds (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1716 +#: sssd-ldap.5.xml:1834 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -5558,27 +5739,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1728 +#: sssd-ldap.5.xml:1846 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1731 +#: sssd-ldap.5.xml:1849 msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1735 sssd-ad.5.xml:914 +#: sssd-ldap.5.xml:1853 sssd-ad.5.xml:934 msgid "Default: 86400 (24 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1741 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1859 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1744 +#: sssd-ldap.5.xml:1862 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -5590,7 +5771,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1756 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1874 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -5598,7 +5779,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1761 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1879 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -5606,39 +5787,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1770 sssd-ipa.5.xml:432 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1888 sssd-ipa.5.xml:428 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1773 +#: sssd-ldap.5.xml:1891 msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1776 +#: sssd-ldap.5.xml:1894 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1782 sssd-krb5.5.xml:462 +#: sssd-ldap.5.xml:1900 sssd-krb5.5.xml:462 msgid "krb5_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1785 +#: sssd-ldap.5.xml:1903 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1797 sssd-krb5.5.xml:477 +#: sssd-ldap.5.xml:1915 sssd-krb5.5.xml:477 msgid "krb5_use_kdcinfo (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1800 sssd-krb5.5.xml:480 +#: sssd-ldap.5.xml:1918 sssd-krb5.5.xml:480 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -5648,7 +5829,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1811 sssd-krb5.5.xml:491 +#: sssd-ldap.5.xml:1929 sssd-krb5.5.xml:491 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -5656,26 +5837,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1825 +#: sssd-ldap.5.xml:1943 msgid "ldap_pwd_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1828 +#: sssd-ldap.5.xml:1946 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1833 +#: sssd-ldap.5.xml:1951 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1838 +#: sssd-ldap.5.xml:1956 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -5683,7 +5864,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1844 +#: sssd-ldap.5.xml:1962 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -5691,31 +5872,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1853 +#: sssd-ldap.5.xml:1971 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1861 +#: sssd-ldap.5.xml:1979 msgid "ldap_referrals (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1864 +#: sssd-ldap.5.xml:1982 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1868 +#: sssd-ldap.5.xml:1986 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1873 +#: sssd-ldap.5.xml:1991 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -5724,56 +5905,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1887 +#: sssd-ldap.5.xml:2005 msgid "ldap_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1890 +#: sssd-ldap.5.xml:2008 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1894 +#: sssd-ldap.5.xml:2012 msgid "Default: ldap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1900 +#: sssd-ldap.5.xml:2018 msgid "ldap_chpass_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1903 +#: sssd-ldap.5.xml:2021 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1908 +#: sssd-ldap.5.xml:2026 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1914 +#: sssd-ldap.5.xml:2032 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1917 +#: sssd-ldap.5.xml:2035 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1929 +#: sssd-ldap.5.xml:2047 msgid "ldap_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1932 +#: sssd-ldap.5.xml:2050 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -5789,12 +5970,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1952 +#: sssd-ldap.5.xml:2070 msgid "Example:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1955 +#: sssd-ldap.5.xml:2073 #, no-wrap msgid "" "access_provider = ldap\n" @@ -5803,14 +5984,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1959 +#: sssd-ldap.5.xml:2077 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1964 +#: sssd-ldap.5.xml:2082 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -5819,24 +6000,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1972 sssd-ldap.5.xml:2029 +#: sssd-ldap.5.xml:2090 sssd-ldap.5.xml:2147 msgid "Default: Empty" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1978 +#: sssd-ldap.5.xml:2096 msgid "ldap_account_expire_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1981 +#: sssd-ldap.5.xml:2099 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1985 +#: sssd-ldap.5.xml:2103 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -5844,19 +6025,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1992 +#: sssd-ldap.5.xml:2110 msgid "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1995 +#: sssd-ldap.5.xml:2113 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2000 +#: sssd-ldap.5.xml:2118 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -5865,7 +6046,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2007 +#: sssd-ldap.5.xml:2125 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -5873,7 +6054,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2013 +#: sssd-ldap.5.xml:2131 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -5882,7 +6063,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2022 +#: sssd-ldap.5.xml:2140 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -5890,22 +6071,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2035 +#: sssd-ldap.5.xml:2153 msgid "ldap_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2038 +#: sssd-ldap.5.xml:2156 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2042 +#: sssd-ldap.5.xml:2160 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2045 +#: sssd-ldap.5.xml:2163 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -5915,14 +6096,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2055 +#: sssd-ldap.5.xml:2173 msgid "" "<emphasis> Please note that this option is superseded by the <quote>ppolicy</" "quote> option and might be removed in a future release. </emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2062 +#: sssd-ldap.5.xml:2180 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -5935,12 +6116,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2079 +#: sssd-ldap.5.xml:2197 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2083 +#: sssd-ldap.5.xml:2201 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " @@ -5950,7 +6131,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2093 +#: sssd-ldap.5.xml:2211 msgid "" "The difference between these options is the action taken if user password is " "expired: pwd_expire_policy_reject - user is denied to log in, " @@ -5960,63 +6141,63 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2101 +#: sssd-ldap.5.xml:2219 msgid "" "Note If user password is expired no explicit message is prompted by SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2105 +#: sssd-ldap.5.xml:2223 msgid "" "Please note that 'access_provider = ldap' must be set for this feature to " "work. Also 'ldap_pwd_policy' must be set to an appropriate password policy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2110 +#: sssd-ldap.5.xml:2228 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2115 +#: sssd-ldap.5.xml:2233 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2119 +#: sssd-ldap.5.xml:2237 msgid "" "<emphasis>rhost</emphasis>: use the rhost attribute to determine whether " "remote host can access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2123 +#: sssd-ldap.5.xml:2241 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control option" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2128 +#: sssd-ldap.5.xml:2246 msgid "Default: filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2131 +#: sssd-ldap.5.xml:2249 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2138 +#: sssd-ldap.5.xml:2256 msgid "ldap_pwdlockout_dn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2141 +#: sssd-ldap.5.xml:2259 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " @@ -6025,74 +6206,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2149 +#: sssd-ldap.5.xml:2267 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2152 +#: sssd-ldap.5.xml:2270 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2158 +#: sssd-ldap.5.xml:2276 msgid "ldap_deref (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2161 +#: sssd-ldap.5.xml:2279 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2166 +#: sssd-ldap.5.xml:2284 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2170 +#: sssd-ldap.5.xml:2288 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2175 +#: sssd-ldap.5.xml:2293 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2180 +#: sssd-ldap.5.xml:2298 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2185 +#: sssd-ldap.5.xml:2303 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2193 +#: sssd-ldap.5.xml:2311 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2196 +#: sssd-ldap.5.xml:2314 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2200 +#: sssd-ldap.5.xml:2318 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -6103,7 +6284,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2211 +#: sssd-ldap.5.xml:2329 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -6111,24 +6292,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2223 sssd-ifp.5.xml:136 +#: sssd-ldap.5.xml:2341 sssd-ifp.5.xml:136 msgid "wildcard_limit (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2226 +#: sssd-ldap.5.xml:2344 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2230 +#: sssd-ldap.5.xml:2348 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2234 +#: sssd-ldap.5.xml:2352 msgid "Default: 1000 (often the size of one page)" msgstr "" @@ -6143,12 +6324,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2244 +#: sssd-ldap.5.xml:2362 msgid "SUDO OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2246 +#: sssd-ldap.5.xml:2364 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -6156,208 +6337,208 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2257 +#: sssd-ldap.5.xml:2375 msgid "ldap_sudorule_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2260 +#: sssd-ldap.5.xml:2378 msgid "The object class of a sudo rule entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2263 +#: sssd-ldap.5.xml:2381 msgid "Default: sudoRole" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2269 +#: sssd-ldap.5.xml:2387 msgid "ldap_sudorule_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2272 +#: sssd-ldap.5.xml:2390 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2282 +#: sssd-ldap.5.xml:2400 msgid "ldap_sudorule_command (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2285 +#: sssd-ldap.5.xml:2403 msgid "The LDAP attribute that corresponds to the command name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2289 +#: sssd-ldap.5.xml:2407 msgid "Default: sudoCommand" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2295 +#: sssd-ldap.5.xml:2413 msgid "ldap_sudorule_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2298 +#: sssd-ldap.5.xml:2416 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2303 +#: sssd-ldap.5.xml:2421 msgid "Default: sudoHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2309 +#: sssd-ldap.5.xml:2427 msgid "ldap_sudorule_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2312 +#: sssd-ldap.5.xml:2430 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2316 +#: sssd-ldap.5.xml:2434 msgid "Default: sudoUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2322 +#: sssd-ldap.5.xml:2440 msgid "ldap_sudorule_option (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2325 +#: sssd-ldap.5.xml:2443 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2329 +#: sssd-ldap.5.xml:2447 msgid "Default: sudoOption" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2335 +#: sssd-ldap.5.xml:2453 msgid "ldap_sudorule_runasuser (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2338 +#: sssd-ldap.5.xml:2456 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2342 +#: sssd-ldap.5.xml:2460 msgid "Default: sudoRunAsUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2348 +#: sssd-ldap.5.xml:2466 msgid "ldap_sudorule_runasgroup (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2351 +#: sssd-ldap.5.xml:2469 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2355 +#: sssd-ldap.5.xml:2473 msgid "Default: sudoRunAsGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2361 +#: sssd-ldap.5.xml:2479 msgid "ldap_sudorule_notbefore (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2364 +#: sssd-ldap.5.xml:2482 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2368 +#: sssd-ldap.5.xml:2486 msgid "Default: sudoNotBefore" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2374 +#: sssd-ldap.5.xml:2492 msgid "ldap_sudorule_notafter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2377 +#: sssd-ldap.5.xml:2495 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2382 +#: sssd-ldap.5.xml:2500 msgid "Default: sudoNotAfter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2388 +#: sssd-ldap.5.xml:2506 msgid "ldap_sudorule_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2391 +#: sssd-ldap.5.xml:2509 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2395 +#: sssd-ldap.5.xml:2513 msgid "Default: sudoOrder" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2401 +#: sssd-ldap.5.xml:2519 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2404 +#: sssd-ldap.5.xml:2522 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2409 +#: sssd-ldap.5.xml:2527 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2414 +#: sssd-ldap.5.xml:2532 msgid "Default: 21600 (6 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2420 +#: sssd-ldap.5.xml:2538 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2423 +#: sssd-ldap.5.xml:2541 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest USN " @@ -6365,101 +6546,101 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2429 +#: sssd-ldap.5.xml:2547 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2439 +#: sssd-ldap.5.xml:2557 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2442 +#: sssd-ldap.5.xml:2560 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2453 +#: sssd-ldap.5.xml:2571 msgid "ldap_sudo_hostnames (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2456 +#: sssd-ldap.5.xml:2574 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2461 +#: sssd-ldap.5.xml:2579 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2466 sssd-ldap.5.xml:2489 sssd-ldap.5.xml:2507 -#: sssd-ldap.5.xml:2525 +#: sssd-ldap.5.xml:2584 sssd-ldap.5.xml:2607 sssd-ldap.5.xml:2625 +#: sssd-ldap.5.xml:2643 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2471 sssd-ldap.5.xml:2494 +#: sssd-ldap.5.xml:2589 sssd-ldap.5.xml:2612 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2477 +#: sssd-ldap.5.xml:2595 msgid "ldap_sudo_ip (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2480 +#: sssd-ldap.5.xml:2598 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2485 +#: sssd-ldap.5.xml:2603 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2500 +#: sssd-ldap.5.xml:2618 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2503 +#: sssd-ldap.5.xml:2621 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2518 +#: sssd-ldap.5.xml:2636 msgid "ldap_sudo_include_regexp (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2521 +#: sssd-ldap.5.xml:2639 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2537 +#: sssd-ldap.5.xml:2655 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -6468,111 +6649,111 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2547 +#: sssd-ldap.5.xml:2665 msgid "AUTOFS OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2549 +#: sssd-ldap.5.xml:2667 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2555 +#: sssd-ldap.5.xml:2673 msgid "ldap_autofs_map_master_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2558 +#: sssd-ldap.5.xml:2676 msgid "The name of the automount master map in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2561 +#: sssd-ldap.5.xml:2679 msgid "Default: auto.master" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2568 +#: sssd-ldap.5.xml:2686 msgid "ldap_autofs_map_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2571 +#: sssd-ldap.5.xml:2689 msgid "The object class of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2574 +#: sssd-ldap.5.xml:2692 msgid "Default: nisMap (rfc2307, autofs_provider=ad), otherwise automountMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2582 +#: sssd-ldap.5.xml:2700 msgid "ldap_autofs_map_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2585 +#: sssd-ldap.5.xml:2703 msgid "The name of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2588 +#: sssd-ldap.5.xml:2706 msgid "" "Default: nisMapName (rfc2307, autofs_provider=ad), otherwise automountMapName" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2596 +#: sssd-ldap.5.xml:2714 msgid "ldap_autofs_entry_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2599 +#: sssd-ldap.5.xml:2717 msgid "" "The object class of an automount entry in LDAP. The entry usually " "corresponds to a mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2604 +#: sssd-ldap.5.xml:2722 msgid "Default: nisObject (rfc2307, autofs_provider=ad), otherwise automount" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2612 +#: sssd-ldap.5.xml:2730 msgid "ldap_autofs_entry_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2615 sssd-ldap.5.xml:2630 +#: sssd-ldap.5.xml:2733 sssd-ldap.5.xml:2748 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2619 +#: sssd-ldap.5.xml:2737 msgid "Default: cn (rfc2307, autofs_provider=ad), otherwise automountKey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2627 +#: sssd-ldap.5.xml:2745 msgid "ldap_autofs_entry_value (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2634 +#: sssd-ldap.5.xml:2752 msgid "" "Default: nisMapEntry (rfc2307, autofs_provider=ad), otherwise " "automountInformation" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2553 +#: sssd-ldap.5.xml:2671 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " @@ -6581,32 +6762,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2645 +#: sssd-ldap.5.xml:2763 msgid "ADVANCED OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2652 +#: sssd-ldap.5.xml:2770 msgid "ldap_netgroup_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2657 +#: sssd-ldap.5.xml:2775 msgid "ldap_user_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2662 +#: sssd-ldap.5.xml:2780 msgid "ldap_group_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> -#: sssd-ldap.5.xml:2667 +#: sssd-ldap.5.xml:2785 msgid "<note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> -#: sssd-ldap.5.xml:2669 +#: sssd-ldap.5.xml:2787 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " @@ -6615,22 +6796,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist> -#: sssd-ldap.5.xml:2676 +#: sssd-ldap.5.xml:2794 msgid "</note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2678 +#: sssd-ldap.5.xml:2796 msgid "ldap_sudo_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2683 +#: sssd-ldap.5.xml:2801 msgid "ldap_autofs_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2647 +#: sssd-ldap.5.xml:2765 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -6639,14 +6820,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2698 sssd-simple.5.xml:131 sssd-ipa.5.xml:717 -#: sssd-ad.5.xml:1018 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 +#: sssd-ldap.5.xml:2816 sssd-simple.5.xml:131 sssd-ipa.5.xml:736 +#: sssd-ad.5.xml:1038 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 #: sssd-files.5.xml:71 sssd-session-recording.5.xml:144 msgid "EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2700 +#: sssd-ldap.5.xml:2818 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -6654,7 +6835,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2706 +#: sssd-ldap.5.xml:2824 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -6667,27 +6848,27 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2705 sssd-ldap.5.xml:2723 sssd-simple.5.xml:139 -#: sssd-ipa.5.xml:725 sssd-ad.5.xml:1026 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 +#: sssd-ldap.5.xml:2823 sssd-ldap.5.xml:2841 sssd-simple.5.xml:139 +#: sssd-ipa.5.xml:744 sssd-ad.5.xml:1046 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 #: sssd-files.5.xml:78 sssd-session-recording.5.xml:150 #: include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2717 +#: sssd-ldap.5.xml:2835 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2719 +#: sssd-ldap.5.xml:2837 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2724 +#: sssd-ldap.5.xml:2842 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -6703,13 +6884,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2739 sssd_krb5_locator_plugin.8.xml:61 sssd-simple.5.xml:148 -#: sssd-ad.5.xml:1041 sssd.8.xml:195 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2857 sssd_krb5_locator_plugin.8.xml:61 sssd-simple.5.xml:148 +#: sssd-ad.5.xml:1061 sssd.8.xml:230 sss_seed.8.xml:163 msgid "NOTES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2741 +#: sssd-ldap.5.xml:2859 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -7115,7 +7296,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:70 sssd-ipa.5.xml:76 sssd-ad.5.xml:100 +#: sssd-simple.5.xml:70 sssd-ipa.5.xml:82 sssd-ad.5.xml:113 msgid "" "Refer to the section <quote>DOMAIN SECTIONS</quote> of the <citerefentry> " "<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" @@ -7965,7 +8146,7 @@ msgstr "" #: sss-certmap.5.xml:577 msgid "" "This template will add the OID which is stored in the registeredID component " -"of the SAN as as dotted-decimal string." +"of the SAN as a dotted-decimal string." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> @@ -8056,30 +8237,38 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:67 msgid "" +"If <quote>auth_provider=ipa</quote> or <quote>access_provider=ipa</quote> is " +"configured in sssd.conf then the id_provider must also be set to <quote>ipa</" +"quote>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:73 +msgid "" "The IPA provider will use the PAC responder if the Kerberos tickets of users " "from trusted realms contain a PAC. To make configuration easier the PAC " "responder is started automatically if the IPA ID provider is configured." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:83 +#: sssd-ipa.5.xml:89 msgid "ipa_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:86 +#: sssd-ipa.5.xml:92 msgid "" "Specifies the name of the IPA domain. This is optional. If not provided, " "the configuration domain name is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:94 +#: sssd-ipa.5.xml:100 msgid "ipa_server, ipa_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:97 +#: sssd-ipa.5.xml:103 msgid "" "The comma-separated list of IP addresses or hostnames of the IPA servers to " "which SSSD should connect in the order of preference. For more information " @@ -8089,12 +8278,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:110 +#: sssd-ipa.5.xml:116 msgid "ipa_hostname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:113 +#: sssd-ipa.5.xml:119 msgid "" "Optional. May be set on machines where the hostname(5) does not reflect the " "fully qualified name used in the IPA domain to identify this host. The " @@ -8102,12 +8291,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:122 sssd-ad.5.xml:843 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:863 msgid "dyndns_update (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:125 +#: sssd-ipa.5.xml:131 msgid "" "Optional. This option tells SSSD to automatically update the DNS server " "built into FreeIPA with the IP address of this client. The update is secured " @@ -8117,14 +8306,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:134 sssd-ad.5.xml:857 +#: sssd-ipa.5.xml:140 sssd-ad.5.xml:877 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:139 +#: sssd-ipa.5.xml:145 msgid "" "NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_update</" "emphasis> option, users should migrate to using <emphasis>dyndns_update</" @@ -8132,12 +8321,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:151 sssd-ad.5.xml:868 +#: sssd-ipa.5.xml:157 sssd-ad.5.xml:888 msgid "dyndns_ttl (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:154 sssd-ad.5.xml:871 +#: sssd-ipa.5.xml:160 sssd-ad.5.xml:891 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -8145,7 +8334,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:159 +#: sssd-ipa.5.xml:165 msgid "" "NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_ttl</" "emphasis> option, users should migrate to using <emphasis>dyndns_ttl</" @@ -8153,17 +8342,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:165 +#: sssd-ipa.5.xml:171 msgid "Default: 1200 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:171 sssd-ad.5.xml:882 +#: sssd-ipa.5.xml:177 sssd-ad.5.xml:902 msgid "dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:174 sssd-ad.5.xml:885 +#: sssd-ipa.5.xml:180 sssd-ad.5.xml:905 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " @@ -8172,7 +8361,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:181 +#: sssd-ipa.5.xml:187 msgid "" "NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_iface</" "emphasis> option, users should migrate to using <emphasis>dyndns_iface</" @@ -8180,24 +8369,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:187 +#: sssd-ipa.5.xml:193 msgid "" "Default: Use the IP addresses of the interface which is used for IPA LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:191 sssd-ad.5.xml:896 +#: sssd-ipa.5.xml:197 sssd-ad.5.xml:916 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:197 sssd-ad.5.xml:947 +#: sssd-ipa.5.xml:203 sssd-ad.5.xml:967 msgid "dyndns_auth (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:200 sssd-ad.5.xml:950 +#: sssd-ipa.5.xml:206 sssd-ad.5.xml:970 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " @@ -8205,22 +8394,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:206 sssd-ad.5.xml:956 +#: sssd-ipa.5.xml:212 sssd-ad.5.xml:976 msgid "Default: GSS-TSIG" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:212 +#: sssd-ipa.5.xml:218 msgid "ipa_enable_dns_sites (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:215 sssd-ad.5.xml:197 +#: sssd-ipa.5.xml:221 sssd-ad.5.xml:210 msgid "Enables DNS sites - location based service discovery." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:219 +#: sssd-ipa.5.xml:225 msgid "" "If true and service discovery (see Service Discovery paragraph at the bottom " "of the man page) is enabled, then the SSSD will first attempt location " @@ -8232,12 +8421,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:238 sssd-ad.5.xml:902 +#: sssd-ipa.5.xml:244 sssd-ad.5.xml:922 msgid "dyndns_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:241 +#: sssd-ipa.5.xml:247 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -8245,228 +8434,215 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:254 sssd-ad.5.xml:920 +#: sssd-ipa.5.xml:260 sssd-ad.5.xml:940 msgid "dyndns_update_ptr (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:257 sssd-ad.5.xml:923 +#: sssd-ipa.5.xml:263 sssd-ad.5.xml:943 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:262 +#: sssd-ipa.5.xml:268 msgid "" "This option should be False in most IPA deployments as the IPA server " "generates the PTR records automatically when forward records are changed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:268 +#: sssd-ipa.5.xml:274 msgid "Default: False (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:274 sssd-ad.5.xml:934 +#: sssd-ipa.5.xml:280 sssd-ad.5.xml:954 msgid "dyndns_force_tcp (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:277 sssd-ad.5.xml:937 +#: sssd-ipa.5.xml:283 sssd-ad.5.xml:957 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:281 sssd-ad.5.xml:941 +#: sssd-ipa.5.xml:287 sssd-ad.5.xml:961 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:287 sssd-ad.5.xml:962 +#: sssd-ipa.5.xml:293 sssd-ad.5.xml:982 msgid "dyndns_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:290 sssd-ad.5.xml:965 +#: sssd-ipa.5.xml:296 sssd-ad.5.xml:985 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:295 sssd-ad.5.xml:970 +#: sssd-ipa.5.xml:301 sssd-ad.5.xml:990 msgid "" "Setting this option makes sense for environments where the DNS server is " "different from the identity server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:300 sssd-ad.5.xml:975 +#: sssd-ipa.5.xml:306 sssd-ad.5.xml:995 msgid "" "Please note that this option will be only used in fallback attempt when " "previous attempt using autodetected settings failed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:305 sssd-ad.5.xml:980 +#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1000 msgid "Default: None (let nsupdate choose the server)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:311 +#: sssd-ipa.5.xml:317 msgid "ipa_deskprofile_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:314 +#: sssd-ipa.5.xml:320 msgid "" "Optional. Use the given string as search base for Desktop Profile related " "objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:318 sssd-ipa.5.xml:331 +#: sssd-ipa.5.xml:324 sssd-ipa.5.xml:337 msgid "Default: Use base DN" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:324 +#: sssd-ipa.5.xml:330 msgid "ipa_hbac_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:327 +#: sssd-ipa.5.xml:333 msgid "Optional. Use the given string as search base for HBAC related objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:337 +#: sssd-ipa.5.xml:343 msgid "ipa_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:340 -msgid "Optional. Use the given string as search base for host objects." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:344 sssd-ipa.5.xml:363 sssd-ipa.5.xml:382 sssd-ipa.5.xml:401 -#: sssd-ipa.5.xml:420 -msgid "" -"See <quote>ldap_search_base</quote> for information about configuring " -"multiple search bases." -msgstr "" - -#. type: Content of: <listitem><para> -#: sssd-ipa.5.xml:349 sssd-ipa.5.xml:368 include/ldap_search_bases.xml:27 -msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" +#: sssd-ipa.5.xml:346 +msgid "Deprecated. Use ldap_host_search_base instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:356 +#: sssd-ipa.5.xml:352 msgid "ipa_selinux_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:359 +#: sssd-ipa.5.xml:355 msgid "Optional. Use the given string as search base for SELinux user maps." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:375 +#: sssd-ipa.5.xml:371 msgid "ipa_subdomains_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:378 +#: sssd-ipa.5.xml:374 msgid "Optional. Use the given string as search base for trusted domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:387 +#: sssd-ipa.5.xml:383 msgid "Default: the value of <emphasis>cn=trusts,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:394 +#: sssd-ipa.5.xml:390 msgid "ipa_master_domain_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:397 +#: sssd-ipa.5.xml:393 msgid "Optional. Use the given string as search base for master domain object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:406 +#: sssd-ipa.5.xml:402 msgid "Default: the value of <emphasis>cn=ad,cn=etc,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:413 +#: sssd-ipa.5.xml:409 msgid "ipa_views_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:416 +#: sssd-ipa.5.xml:412 msgid "Optional. Use the given string as search base for views containers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:425 +#: sssd-ipa.5.xml:421 msgid "Default: the value of <emphasis>cn=views,cn=accounts,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:435 +#: sssd-ipa.5.xml:431 msgid "" "The name of the Kerberos realm. This is optional and defaults to the value " "of <quote>ipa_domain</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:439 +#: sssd-ipa.5.xml:435 msgid "" "The name of the Kerberos realm has a special meaning in IPA - it is " "converted into the base DN to use for performing LDAP operations." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:447 sssd-ad.5.xml:989 +#: sssd-ipa.5.xml:443 sssd-ad.5.xml:1009 msgid "krb5_confd_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:450 sssd-ad.5.xml:992 +#: sssd-ipa.5.xml:446 sssd-ad.5.xml:1012 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:454 sssd-ad.5.xml:996 +#: sssd-ipa.5.xml:450 sssd-ad.5.xml:1016 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:458 sssd-ad.5.xml:1000 +#: sssd-ipa.5.xml:454 sssd-ad.5.xml:1020 msgid "" "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:465 +#: sssd-ipa.5.xml:461 msgid "ipa_deskprofile_refresh (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:468 +#: sssd-ipa.5.xml:464 msgid "" "The amount of time between lookups of the Desktop Profile rules against the " "IPA server. This will reduce the latency and load on the IPA server if there " @@ -8474,34 +8650,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:475 sssd-ipa.5.xml:505 sssd-ipa.5.xml:521 sssd-ad.5.xml:408 +#: sssd-ipa.5.xml:471 sssd-ipa.5.xml:501 sssd-ipa.5.xml:517 sssd-ad.5.xml:428 msgid "Default: 5 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:481 +#: sssd-ipa.5.xml:477 msgid "ipa_deskprofile_request_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:484 +#: sssd-ipa.5.xml:480 msgid "" "The amount of time between lookups of the Desktop Profile rules against the " "IPA server in case the last request did not return any rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:489 +#: sssd-ipa.5.xml:485 msgid "Default: 60 (minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:495 +#: sssd-ipa.5.xml:491 msgid "ipa_hbac_refresh (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:498 +#: sssd-ipa.5.xml:494 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server. " "This will reduce the latency and load on the IPA server if there are many " @@ -8509,12 +8685,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:511 +#: sssd-ipa.5.xml:507 msgid "ipa_hbac_selinux (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:514 +#: sssd-ipa.5.xml:510 msgid "" "The amount of time between lookups of the SELinux maps against the IPA " "server. This will reduce the latency and load on the IPA server if there are " @@ -8522,192 +8698,214 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:527 +#: sssd-ipa.5.xml:523 msgid "ipa_server_mode (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:530 +#: sssd-ipa.5.xml:526 msgid "" "This option will be set by the IPA installer (ipa-server-install) " "automatically and denotes if SSSD is running on an IPA server or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:535 +#: sssd-ipa.5.xml:531 msgid "" "On an IPA server SSSD will lookup users and groups from trusted domains " "directly while on a client it will ask an IPA server." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:536 +msgid "" +"NOTE: There are currently some assumptions that must be met when SSSD is " +"running on an IPA server." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ipa.5.xml:541 +msgid "" +"The <quote>ipa_server</quote> option must be configured to point to the IPA " +"server itself. This is already the default set by the IPA installer, so no " +"manual change is required." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ipa.5.xml:550 +msgid "" +"The <quote>full_name_format</quote> option must not be tweaked to only print " +"short names for users from trusted domains." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:546 +#: sssd-ipa.5.xml:565 msgid "ipa_automount_location (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:549 +#: sssd-ipa.5.xml:568 msgid "The automounter location this IPA client will be using" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:552 +#: sssd-ipa.5.xml:571 msgid "Default: The location named \"default\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:560 +#: sssd-ipa.5.xml:579 msgid "VIEWS AND OVERRIDES" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:569 +#: sssd-ipa.5.xml:588 msgid "ipa_view_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:572 +#: sssd-ipa.5.xml:591 msgid "Objectclass of the view container." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:575 +#: sssd-ipa.5.xml:594 msgid "Default: nsContainer" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:581 +#: sssd-ipa.5.xml:600 msgid "ipa_view_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:584 +#: sssd-ipa.5.xml:603 msgid "Name of the attribute holding the name of the view." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:594 +#: sssd-ipa.5.xml:613 msgid "ipa_override_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:597 +#: sssd-ipa.5.xml:616 msgid "Objectclass of the override objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:600 +#: sssd-ipa.5.xml:619 msgid "Default: ipaOverrideAnchor" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:606 +#: sssd-ipa.5.xml:625 msgid "ipa_anchor_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:609 +#: sssd-ipa.5.xml:628 msgid "" "Name of the attribute containing the reference to the original object in a " "remote domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:613 +#: sssd-ipa.5.xml:632 msgid "Default: ipaAnchorUUID" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:619 +#: sssd-ipa.5.xml:638 msgid "ipa_user_override_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:622 +#: sssd-ipa.5.xml:641 msgid "" "Name of the objectclass for user overrides. It is used to determine if the " "found override object is related to a user or a group." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:627 +#: sssd-ipa.5.xml:646 msgid "User overrides can contain attributes given by" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:630 +#: sssd-ipa.5.xml:649 msgid "ldap_user_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:633 +#: sssd-ipa.5.xml:652 msgid "ldap_user_uid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:636 +#: sssd-ipa.5.xml:655 msgid "ldap_user_gid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:639 +#: sssd-ipa.5.xml:658 msgid "ldap_user_gecos" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:642 +#: sssd-ipa.5.xml:661 msgid "ldap_user_home_directory" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:645 +#: sssd-ipa.5.xml:664 msgid "ldap_user_shell" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:648 +#: sssd-ipa.5.xml:667 msgid "ldap_user_ssh_public_key" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:653 +#: sssd-ipa.5.xml:672 msgid "Default: ipaUserOverride" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:659 +#: sssd-ipa.5.xml:678 msgid "ipa_group_override_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:662 +#: sssd-ipa.5.xml:681 msgid "" "Name of the objectclass for group overrides. It is used to determine if the " "found override object is related to a user or a group." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:667 +#: sssd-ipa.5.xml:686 msgid "Group overrides can contain attributes given by" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:670 +#: sssd-ipa.5.xml:689 msgid "ldap_group_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:673 +#: sssd-ipa.5.xml:692 msgid "ldap_group_gid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:678 +#: sssd-ipa.5.xml:697 msgid "Default: ipaGroupOverride" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:562 +#: sssd-ipa.5.xml:581 msgid "" "SSSD can handle views and overrides which are offered by FreeIPA 4.1 and " "later version. Since all paths and objectclasses are fixed on the server " @@ -8717,19 +8915,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ipa.5.xml:690 +#: sssd-ipa.5.xml:709 msgid "SUBDOMAINS PROVIDER" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:692 +#: sssd-ipa.5.xml:711 msgid "" "The IPA subdomains provider behaves slightly differently if it is configured " "explicitly or implicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:696 +#: sssd-ipa.5.xml:715 msgid "" "If the option 'subdomains_provider = ipa' is found in the domain section of " "sssd.conf, the IPA subdomains provider is configured explicitly, and all " @@ -8737,7 +8935,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:702 +#: sssd-ipa.5.xml:721 msgid "" "If the option 'subdomains_provider' is not set in the domain section of sssd." "conf but there is the option 'id_provider = ipa', the IPA subdomains " @@ -8749,7 +8947,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:719 +#: sssd-ipa.5.xml:738 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -8757,7 +8955,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:726 +#: sssd-ipa.5.xml:745 #, no-wrap msgid "" "[domain/example.com]\n" @@ -8793,7 +8991,7 @@ msgid "" "This provider requires that the machine be joined to the AD domain and a " "keytab is available. Back end communication occurs over a GSSAPI-encrypted " "channel, SSL/TLS options should not be used with the AD provider and will be " -"superceded by Kerberos usage." +"superseded by Kerberos usage." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> @@ -8841,8 +9039,16 @@ msgid "" "side." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ad.5.xml:79 +msgid "" +"If <quote>auth_provider=ad</quote> or <quote>access_provider=ad</quote> is " +"configured in sssd.conf then the id_provider must also be set to <quote>ad</" +"quote>." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:85 +#: sssd-ad.5.xml:91 #, no-wrap msgid "" "ldap_id_mapping = False\n" @@ -8850,20 +9056,25 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:79 +#: sssd-ad.5.xml:85 msgid "" "By default, the AD provider will map UID and GID values from the objectSID " "parameter in Active Directory. For details on this, see the <quote>ID " "MAPPING</quote> section below. If you want to disable ID mapping and instead " "rely on POSIX attributes defined in Active Directory, you should set " -"<placeholder type=\"programlisting\" id=\"0\"/> In order to retrieve users " -"and groups using POSIX attributes from trusted domains, the AD administrator " -"must make sure that the POSIX attributes are replicated to the Global " -"Catalog." +"<placeholder type=\"programlisting\" id=\"0\"/> If POSIX attributes should " +"be used, it is recommended for performance reasons that the attributes are " +"also replicated to the Global Catalog. If POSIX attributes are replicated, " +"SSSD will attempt to locate the domain of a requested numerical ID with the " +"help of the Global Catalog and only search that domain. In contrast, if " +"POSIX attributes are not replicated to the Global Catalog, SSSD must search " +"all the domains in the forest sequentially. Please note that the " +"<quote>cache_first</quote> option might be also helpful in speeding up " +"domainless searches." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:92 +#: sssd-ad.5.xml:105 msgid "" "Users, groups and other entities served by SSSD are always treated as case-" "insensitive in the AD provider for compatibility with Active Directory's " @@ -8871,38 +9082,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:107 +#: sssd-ad.5.xml:120 msgid "ad_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:110 +#: sssd-ad.5.xml:123 msgid "" "Specifies the name of the Active Directory domain. This is optional. If not " "provided, the configuration domain name is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:115 +#: sssd-ad.5.xml:128 msgid "" "For proper operation, this option should be specified as the lower-case " "version of the long version of the Active Directory domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:120 +#: sssd-ad.5.xml:133 msgid "" "The short domain name (also known as the NetBIOS or the flat name) is " "autodetected by the SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:127 +#: sssd-ad.5.xml:140 msgid "ad_enabled_domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:130 +#: sssd-ad.5.xml:143 msgid "" "A comma-separated list of enabled Active Directory domains. If provided, " "SSSD will ignore any domains not listed in this option. If left unset, all " @@ -8910,7 +9121,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:140 +#: sssd-ad.5.xml:153 #, no-wrap msgid "" "ad_enabled_domains = sales.example.com, eng.example.com\n" @@ -8918,7 +9129,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:136 +#: sssd-ad.5.xml:149 msgid "" "For proper operation, this option must be specified in all lower-case and as " "the fully qualified domain name of the Active Directory domain. For example: " @@ -8926,19 +9137,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:144 +#: sssd-ad.5.xml:157 msgid "" "The short domain name (also known as the NetBIOS or the flat name) will be " "autodetected by SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:154 +#: sssd-ad.5.xml:167 msgid "ad_server, ad_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:157 +#: sssd-ad.5.xml:170 msgid "" "The comma-separated list of hostnames of the AD servers to which SSSD should " "connect in order of preference. For more information on failover and server " @@ -8946,26 +9157,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:164 +#: sssd-ad.5.xml:177 msgid "" "This is optional if autodiscovery is enabled. For more information on " "service discovery, refer to the <quote>SERVICE DISCOVERY</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:169 +#: sssd-ad.5.xml:182 msgid "" "Note: Trusted domains will always auto-discover servers even if the primary " "server is explicitly defined in the ad_server option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:177 +#: sssd-ad.5.xml:190 msgid "ad_hostname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:180 +#: sssd-ad.5.xml:193 msgid "" "Optional. May be set on machines where the hostname(5) does not reflect the " "fully qualified name used in the Active Directory domain to identify this " @@ -8973,19 +9184,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:186 +#: sssd-ad.5.xml:199 msgid "" "This field is used to determine the host principal in use in the keytab. It " "must match the hostname for which the keytab was issued." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:194 +#: sssd-ad.5.xml:207 msgid "ad_enable_dns_sites (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:201 +#: sssd-ad.5.xml:214 msgid "" "If true and service discovery (see Service Discovery paragraph at the bottom " "of the man page) is enabled, the SSSD will first attempt to discover the " @@ -8996,12 +9207,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:217 +#: sssd-ad.5.xml:230 msgid "ad_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:220 +#: sssd-ad.5.xml:233 msgid "" "This option specifies LDAP access control filter that the user must match in " "order to be allowed access. Please note that the <quote>access_provider</" @@ -9010,7 +9221,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:228 +#: sssd-ad.5.xml:241 msgid "" "The option also supports specifying different filters per domain or forest. " "This extended filter would consist of: <quote>KEYWORD:NAME:FILTER</quote>. " @@ -9019,7 +9230,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:236 +#: sssd-ad.5.xml:249 msgid "" "If the keyword equals to <quote>DOM</quote> or is missing, then <quote>NAME</" "quote> specifies the domain or subdomain the filter applies to. If the " @@ -9028,14 +9239,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:244 +#: sssd-ad.5.xml:257 msgid "" "Multiple filters can be separated with the <quote>?</quote> character, " "similarly to how search bases work." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:249 +#: sssd-ad.5.xml:262 msgid "" "Nested group membership must be searched for using a special OID " "<quote>:1.2.840.113556.1.4.1941:</quote> in addition to the full DOM:domain." @@ -9048,7 +9259,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:262 +#: sssd-ad.5.xml:275 msgid "" "The most specific match is always used. For example, if the option specified " "filter for a domain the user is a member of and a global filter, the per-" @@ -9057,7 +9268,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ad.5.xml:273 +#: sssd-ad.5.xml:286 #, no-wrap msgid "" "# apply filter on domain called dom1 only:\n" @@ -9075,24 +9286,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:292 +#: sssd-ad.5.xml:305 msgid "ad_site (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:295 +#: sssd-ad.5.xml:308 msgid "" "Specify AD site to which client should try to connect. If this option is " "not provided, the AD site will be auto-discovered." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:306 +#: sssd-ad.5.xml:319 msgid "ad_enable_gc (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:309 +#: sssd-ad.5.xml:322 msgid "" "By default, the SSSD connects to the Global Catalog first to retrieve users " "from trusted domains and uses the LDAP port to retrieve group memberships or " @@ -9101,7 +9312,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:317 +#: sssd-ad.5.xml:330 msgid "" "Please note that disabling Global Catalog support does not disable " "retrieving users from trusted domains. The SSSD would connect to the LDAP " @@ -9110,12 +9321,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:331 +#: sssd-ad.5.xml:344 msgid "ad_gpo_access_control (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:334 +#: sssd-ad.5.xml:347 msgid "" "This option specifies the operation mode for GPO-based access control " "functionality: whether it operates in disabled mode, enforcing mode, or " @@ -9125,14 +9336,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:343 +#: sssd-ad.5.xml:356 msgid "" "GPO-based access control functionality uses GPO policy settings to determine " "whether or not a particular user is allowed to logon to a particular host." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:349 +#: sssd-ad.5.xml:362 +msgid "" +"NOTE: The current version of SSSD does not support host (computer) entries " +"in the GPO 'Security Filtering' list. Only user and group entries are " +"supported. Host entries in the list have no effect." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:369 msgid "" "NOTE: If the operation mode is set to enforcing, it is possible that users " "that were previously allowed logon access will now be denied logon access " @@ -9145,23 +9364,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:362 +#: sssd-ad.5.xml:382 msgid "There are three supported values for this option:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:366 +#: sssd-ad.5.xml:386 msgid "" "disabled: GPO-based access control rules are neither evaluated nor enforced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:372 +#: sssd-ad.5.xml:392 msgid "enforcing: GPO-based access control rules are evaluated and enforced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:378 +#: sssd-ad.5.xml:398 msgid "" "permissive: GPO-based access control rules are evaluated, but not enforced. " "Instead, a syslog message will be emitted indicating that the user would " @@ -9169,22 +9388,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:389 +#: sssd-ad.5.xml:409 msgid "Default: permissive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:392 +#: sssd-ad.5.xml:412 msgid "Default: enforcing" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:398 +#: sssd-ad.5.xml:418 msgid "ad_gpo_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:401 +#: sssd-ad.5.xml:421 msgid "" "The amount of time between lookups of GPO policy files against the AD " "server. This will reduce the latency and load on the AD server if there are " @@ -9192,12 +9411,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:414 +#: sssd-ad.5.xml:434 msgid "ad_gpo_map_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:417 +#: sssd-ad.5.xml:437 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the InteractiveLogonRight and " @@ -9205,14 +9424,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:423 +#: sssd-ad.5.xml:443 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on locally\" and \"Deny log on locally\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:437 +#: sssd-ad.5.xml:457 #, no-wrap msgid "" "ad_gpo_map_interactive = +my_pam_service, -login\n" @@ -9220,7 +9439,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:428 +#: sssd-ad.5.xml:448 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9232,78 +9451,78 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:441 sssd-ad.5.xml:537 sssd-ad.5.xml:583 sssd-ad.5.xml:628 -#: sssd-ad.5.xml:694 +#: sssd-ad.5.xml:461 sssd-ad.5.xml:557 sssd-ad.5.xml:603 sssd-ad.5.xml:648 +#: sssd-ad.5.xml:714 msgid "Default: the default set of PAM service names includes:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:445 +#: sssd-ad.5.xml:465 msgid "login" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:450 +#: sssd-ad.5.xml:470 msgid "su" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:455 +#: sssd-ad.5.xml:475 msgid "su-l" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:460 +#: sssd-ad.5.xml:480 msgid "gdm-fingerprint" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:465 +#: sssd-ad.5.xml:485 msgid "gdm-password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:470 +#: sssd-ad.5.xml:490 msgid "gdm-smartcard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:475 +#: sssd-ad.5.xml:495 msgid "kdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:480 +#: sssd-ad.5.xml:500 msgid "lightdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:485 +#: sssd-ad.5.xml:505 msgid "lxdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:490 +#: sssd-ad.5.xml:510 msgid "sddm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:495 +#: sssd-ad.5.xml:515 msgid "unity" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:500 +#: sssd-ad.5.xml:520 msgid "xdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:509 +#: sssd-ad.5.xml:529 msgid "ad_gpo_map_remote_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:512 +#: sssd-ad.5.xml:532 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the RemoteInteractiveLogonRight and " @@ -9311,7 +9530,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:518 +#: sssd-ad.5.xml:538 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on through Remote Desktop Services\" and \"Deny log on through Remote " @@ -9319,7 +9538,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:533 +#: sssd-ad.5.xml:553 #, no-wrap msgid "" "ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n" @@ -9327,7 +9546,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:524 +#: sssd-ad.5.xml:544 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9339,22 +9558,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:541 +#: sssd-ad.5.xml:561 msgid "sshd" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:546 +#: sssd-ad.5.xml:566 msgid "cockpit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:555 +#: sssd-ad.5.xml:575 msgid "ad_gpo_map_network (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:558 +#: sssd-ad.5.xml:578 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the NetworkLogonRight and " @@ -9362,7 +9581,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:564 +#: sssd-ad.5.xml:584 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Access " "this computer from the network\" and \"Deny access to this computer from the " @@ -9370,7 +9589,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:579 +#: sssd-ad.5.xml:599 #, no-wrap msgid "" "ad_gpo_map_network = +my_pam_service, -ftp\n" @@ -9378,7 +9597,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:570 +#: sssd-ad.5.xml:590 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9390,22 +9609,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:587 +#: sssd-ad.5.xml:607 msgid "ftp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:592 +#: sssd-ad.5.xml:612 msgid "samba" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:601 +#: sssd-ad.5.xml:621 msgid "ad_gpo_map_batch (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:604 +#: sssd-ad.5.xml:624 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " @@ -9413,14 +9632,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:610 +#: sssd-ad.5.xml:630 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a batch job\" and \"Deny log on as a batch job\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:624 +#: sssd-ad.5.xml:644 #, no-wrap msgid "" "ad_gpo_map_batch = +my_pam_service, -crond\n" @@ -9428,7 +9647,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:615 +#: sssd-ad.5.xml:635 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9440,17 +9659,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:632 +#: sssd-ad.5.xml:652 msgid "crond" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:641 +#: sssd-ad.5.xml:661 msgid "ad_gpo_map_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:644 +#: sssd-ad.5.xml:664 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the ServiceLogonRight and " @@ -9458,14 +9677,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:650 +#: sssd-ad.5.xml:670 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a service\" and \"Deny log on as a service\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:663 +#: sssd-ad.5.xml:683 #, no-wrap msgid "" "ad_gpo_map_service = +my_pam_service\n" @@ -9473,7 +9692,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:655 sssd-ad.5.xml:730 +#: sssd-ad.5.xml:675 sssd-ad.5.xml:750 msgid "" "It is possible to add a PAM service name to the default set by using <quote>" "+service_name</quote>. Since the default set is empty, it is not possible " @@ -9484,19 +9703,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:673 +#: sssd-ad.5.xml:693 msgid "ad_gpo_map_permit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:676 +#: sssd-ad.5.xml:696 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always granted, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:690 +#: sssd-ad.5.xml:710 #, no-wrap msgid "" "ad_gpo_map_permit = +my_pam_service, -sudo\n" @@ -9504,7 +9723,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:681 +#: sssd-ad.5.xml:701 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9516,39 +9735,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:698 +#: sssd-ad.5.xml:718 msgid "polkit-1" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:703 +#: sssd-ad.5.xml:723 msgid "sudo" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:708 +#: sssd-ad.5.xml:728 msgid "sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:713 +#: sssd-ad.5.xml:733 msgid "systemd-user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:722 +#: sssd-ad.5.xml:742 msgid "ad_gpo_map_deny (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:725 +#: sssd-ad.5.xml:745 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always denied, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:738 +#: sssd-ad.5.xml:758 #, no-wrap msgid "" "ad_gpo_map_deny = +my_pam_service\n" @@ -9556,12 +9775,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:748 +#: sssd-ad.5.xml:768 msgid "ad_gpo_default_right (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:751 +#: sssd-ad.5.xml:771 msgid "" "This option defines how access control is evaluated for PAM service names " "that are not explicitly listed in one of the ad_gpo_map_* options. This " @@ -9574,57 +9793,57 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:764 +#: sssd-ad.5.xml:784 msgid "Supported values for this option include:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:768 +#: sssd-ad.5.xml:788 msgid "interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:773 +#: sssd-ad.5.xml:793 msgid "remote_interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:778 +#: sssd-ad.5.xml:798 msgid "network" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:783 +#: sssd-ad.5.xml:803 msgid "batch" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:788 +#: sssd-ad.5.xml:808 msgid "service" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:793 +#: sssd-ad.5.xml:813 msgid "permit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:798 +#: sssd-ad.5.xml:818 msgid "deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:804 +#: sssd-ad.5.xml:824 msgid "Default: deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:810 +#: sssd-ad.5.xml:830 msgid "ad_maximum_machine_account_password_age (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:813 +#: sssd-ad.5.xml:833 msgid "" "SSSD will check once a day if the machine account password is older than the " "given age in days and try to renew it. A value of 0 will disable the renewal " @@ -9632,17 +9851,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:819 +#: sssd-ad.5.xml:839 msgid "Default: 30 days" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:825 +#: sssd-ad.5.xml:845 msgid "ad_machine_account_password_renewal_opts (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:828 +#: sssd-ad.5.xml:848 msgid "" "This option should only be used to test the machine account renewal task. " "The option expects 2 integers separated by a colon (':'). The first integer " @@ -9652,12 +9871,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:837 +#: sssd-ad.5.xml:857 msgid "Default: 86400:750 (24h and 15m)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:846 +#: sssd-ad.5.xml:866 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -9668,19 +9887,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:876 +#: sssd-ad.5.xml:896 msgid "Default: 3600 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:892 +#: sssd-ad.5.xml:912 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:905 +#: sssd-ad.5.xml:925 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -9690,12 +9909,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:928 sss_rpcidmapd.5.xml:76 +#: sssd-ad.5.xml:948 sss_rpcidmapd.5.xml:76 msgid "Default: True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1020 +#: sssd-ad.5.xml:1040 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -9703,7 +9922,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1027 +#: sssd-ad.5.xml:1047 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -9718,7 +9937,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1047 +#: sssd-ad.5.xml:1067 #, no-wrap msgid "" "access_provider = ldap\n" @@ -9727,7 +9946,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1043 +#: sssd-ad.5.xml:1063 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -9735,7 +9954,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1053 +#: sssd-ad.5.xml:1073 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -9745,7 +9964,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1061 +#: sssd-ad.5.xml:1081 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " @@ -10055,33 +10274,73 @@ msgid "" "files for every SSSD service and domain." msgstr "" +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:94 +msgid "" +"This option is deprecated. It is replaced by <option>--logger=files</option>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sssd.8.xml:101 +msgid "<option>--logger=</option><replaceable>value</replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:105 +msgid "" +"Location where SSSD will send log messages. This option overrides the value " +"of the deprecated option <option>--debug-to-files</option>. The deprecated " +"option will still work if the <option>--logger</option> is not used." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:112 +msgid "" +"<emphasis>stderr</emphasis>: Redirect debug messages to standard error " +"output." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:116 +msgid "" +"<emphasis>files</emphasis>: Redirect debug messages to the log files. By " +"default, the log files are stored in <filename>/var/log/sssd</filename> and " +"there are separate log files for every SSSD service and domain." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:122 +msgid "" +"<emphasis>journald</emphasis>: Redirect debug messages to systemd-journald" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:97 +#: sssd.8.xml:132 msgid "<option>-D</option>,<option>--daemon</option>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:101 +#: sssd.8.xml:136 msgid "Become a daemon after starting up." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:107 sss_seed.8.xml:136 +#: sssd.8.xml:142 sss_seed.8.xml:136 msgid "<option>-i</option>,<option>--interactive</option>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:111 +#: sssd.8.xml:146 msgid "Run in the foreground, don't become a daemon." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:117 +#: sssd.8.xml:152 msgid "<option>-c</option>,<option>--config</option>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:121 +#: sssd.8.xml:156 msgid "" "Specify a non-default config file. The default is <filename>/etc/sssd/sssd." "conf</filename>. For reference on the config file syntax and options, " @@ -10090,39 +10349,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:135 +#: sssd.8.xml:170 msgid "<option>--version</option>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:139 +#: sssd.8.xml:174 msgid "Print version number and exit." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.8.xml:147 +#: sssd.8.xml:182 msgid "Signals" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:150 +#: sssd.8.xml:185 msgid "SIGTERM/SIGINT" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:153 +#: sssd.8.xml:188 msgid "" "Informs the SSSD to gracefully terminate all of its child processes and then " "shut down the monitor." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:159 +#: sssd.8.xml:194 msgid "SIGHUP" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:162 +#: sssd.8.xml:197 msgid "" "Tells the SSSD to stop writing to its current debug file descriptors and to " "close and reopen them. This is meant to facilitate log rolling with programs " @@ -10130,12 +10389,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:170 +#: sssd.8.xml:205 msgid "SIGUSR1" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:173 +#: sssd.8.xml:208 msgid "" "Tells the SSSD to simulate offline operation for the duration of the " "<quote>offline_timeout</quote> parameter. This is useful for testing. The " @@ -10144,12 +10403,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:182 +#: sssd.8.xml:217 msgid "SIGUSR2" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:185 +#: sssd.8.xml:220 msgid "" "Tells the SSSD to go online immediately. This is useful for testing. The " "signal can be sent to either the sssd process or any sssd_be process " @@ -10157,7 +10416,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.8.xml:197 +#: sssd.8.xml:232 msgid "" "If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", client " "applications will not use the fast in memory cache." @@ -12515,7 +12774,7 @@ msgid "" "project was born to deal with this problem in cloud like environments, but " "we found the idea compelling even at a single system level. As a security " "service, SSSD is ideal to host this capability while offering the same API " -"via a Unix Socket. This will make it possible to use local calls and have " +"via a UNIX Socket. This will make it possible to use local calls and have " "them transparently routed to a local or a remote key management store like " "IPA Vault for storage, escrow and recovery." msgstr "" diff --git a/src/man/po/fi.po b/src/man/po/fi.po index 74dfb431c5b..9b232cf661a 100644 --- a/src/man/po/fi.po +++ b/src/man/po/fi.po @@ -3,7 +3,7 @@ msgid "" msgstr "" "Project-Id-Version: sssd-docs 1.15.3\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2017-10-20 16:15+0200\n" +"POT-Creation-Date: 2018-03-09 12:30+0100\n" "PO-Revision-Date: 2017-03-24 08:46-0400\n" "Last-Translator: Toni Rantala <trantalafilo@gmail.com>\n" "Language-Team: Finnish\n" @@ -288,9 +288,9 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:133 sssd.conf.5.xml:543 sssd.conf.5.xml:837 -#: sssd.conf.5.xml:1467 sssd-ldap.5.xml:1722 sssd-ldap.5.xml:1819 -#: sssd-ldap.5.xml:1881 sssd-ldap.5.xml:2447 sssd-ldap.5.xml:2512 -#: sssd-ldap.5.xml:2530 sssd-ad.5.xml:211 sssd-ad.5.xml:325 sssd-ad.5.xml:862 +#: sssd.conf.5.xml:1474 sssd-ldap.5.xml:1840 sssd-ldap.5.xml:1937 +#: sssd-ldap.5.xml:1999 sssd-ldap.5.xml:2565 sssd-ldap.5.xml:2630 +#: sssd-ldap.5.xml:2648 sssd-ad.5.xml:224 sssd-ad.5.xml:338 sssd-ad.5.xml:882 #: sssd-krb5.5.xml:499 sssd-secrets.5.xml:351 sssd-secrets.5.xml:364 msgid "Default: true" msgstr "Oletus:tosi" @@ -309,16 +309,16 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:146 sssd.conf.5.xml:540 sssd.conf.5.xml:721 -#: sssd.conf.5.xml:1400 sssd.conf.5.xml:2865 sssd-ldap.5.xml:708 -#: sssd-ldap.5.xml:1596 sssd-ldap.5.xml:1615 sssd-ldap.5.xml:1791 -#: sssd-ldap.5.xml:2217 sssd-ipa.5.xml:145 sssd-ipa.5.xml:232 -#: sssd-ipa.5.xml:540 sssd-krb5.5.xml:266 sssd-krb5.5.xml:300 +#: sssd.conf.5.xml:1407 sssd.conf.5.xml:2925 sssd-ldap.5.xml:708 +#: sssd-ldap.5.xml:1714 sssd-ldap.5.xml:1733 sssd-ldap.5.xml:1909 +#: sssd-ldap.5.xml:2335 sssd-ipa.5.xml:151 sssd-ipa.5.xml:238 +#: sssd-ipa.5.xml:559 sssd-krb5.5.xml:266 sssd-krb5.5.xml:300 #: sssd-krb5.5.xml:471 msgid "Default: false" msgstr "Oletus:epätosi" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2255 +#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2373 #: sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 sssd-systemtap.5.xml:210 #: sssd-systemtap.5.xml:248 sssd-systemtap.5.xml:304 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" @@ -343,8 +343,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:169 sssd.conf.5.xml:1352 sssd.conf.5.xml:2881 -#: sssd-ldap.5.xml:1467 include/ldap_id_mapping.xml:264 +#: sssd.conf.5.xml:169 sssd.conf.5.xml:1359 sssd.conf.5.xml:2941 +#: sssd-ldap.5.xml:1585 include/ldap_id_mapping.xml:264 msgid "Default: 10" msgstr "" @@ -359,7 +359,7 @@ msgid "The [sssd] section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:191 sssd.conf.5.xml:2970 +#: sssd.conf.5.xml:191 sssd.conf.5.xml:3030 msgid "Section parameters" msgstr "" @@ -385,7 +385,7 @@ msgstr "palvelut" msgid "" "Comma separated list of services that are started when sssd itself starts. " "<phrase condition=\"have_systemd\"> The services' list is optional on " -"platforms where systemd is supported, as they will either be socket or dbus " +"platforms where systemd is supported, as they will either be socket or D-Bus " "activated when needed. </phrase>" msgstr "" @@ -439,7 +439,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:259 sssd.conf.5.xml:2508 +#: sssd.conf.5.xml:259 sssd.conf.5.xml:2539 msgid "re_expression (string)" msgstr "" @@ -459,12 +459,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:276 sssd.conf.5.xml:2559 +#: sssd.conf.5.xml:276 sssd.conf.5.xml:2590 msgid "full_name_format (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:279 sssd.conf.5.xml:2562 +#: sssd.conf.5.xml:279 sssd.conf.5.xml:2593 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -472,39 +472,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:290 sssd.conf.5.xml:2573 +#: sssd.conf.5.xml:290 sssd.conf.5.xml:2604 msgid "%1$s" msgstr "%1$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:291 sssd.conf.5.xml:2574 +#: sssd.conf.5.xml:291 sssd.conf.5.xml:2605 msgid "user name" msgstr "käyttäjänimi" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:294 sssd.conf.5.xml:2577 +#: sssd.conf.5.xml:294 sssd.conf.5.xml:2608 msgid "%2$s" msgstr "%2$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:297 sssd.conf.5.xml:2580 +#: sssd.conf.5.xml:297 sssd.conf.5.xml:2611 msgid "domain name as specified in the SSSD config file." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:303 sssd.conf.5.xml:2586 +#: sssd.conf.5.xml:303 sssd.conf.5.xml:2617 msgid "%3$s" msgstr "%3$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:306 sssd.conf.5.xml:2589 +#: sssd.conf.5.xml:306 sssd.conf.5.xml:2620 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:287 sssd.conf.5.xml:2570 +#: sssd.conf.5.xml:287 sssd.conf.5.xml:2601 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -628,12 +628,13 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:418 sssd.conf.5.xml:1156 sssd-ldap.5.xml:679 -#: sssd-ldap.5.xml:1555 sssd-ldap.5.xml:1567 sssd-ldap.5.xml:1649 -#: sssd-ad.5.xml:667 sssd-ad.5.xml:742 sssd-krb5.5.xml:410 sssd-krb5.5.xml:556 -#: sssd-secrets.5.xml:339 sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 -#: sssd-secrets.5.xml:404 sssd-secrets.5.xml:415 -#: include/ldap_id_mapping.xml:205 include/ldap_id_mapping.xml:216 +#: sssd.conf.5.xml:418 sssd.conf.5.xml:1163 sssd-ldap.5.xml:679 +#: sssd-ldap.5.xml:1319 sssd-ldap.5.xml:1673 sssd-ldap.5.xml:1685 +#: sssd-ldap.5.xml:1767 sssd-ad.5.xml:687 sssd-ad.5.xml:762 sssd.8.xml:126 +#: sssd-krb5.5.xml:410 sssd-krb5.5.xml:556 sssd-secrets.5.xml:339 +#: sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 sssd-secrets.5.xml:404 +#: sssd-secrets.5.xml:415 include/ldap_id_mapping.xml:205 +#: include/ldap_id_mapping.xml:216 msgid "Default: not set" msgstr "Oletus: ei asetettu" @@ -820,8 +821,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:587 sssd.conf.5.xml:1364 sssd.conf.5.xml:2931 -#: sssd-ad.5.xml:148 sssd-ad.5.xml:286 sssd-ad.5.xml:300 +#: sssd.conf.5.xml:587 sssd.conf.5.xml:1371 sssd.conf.5.xml:2991 +#: sssd-ad.5.xml:161 sssd-ad.5.xml:299 sssd-ad.5.xml:313 msgid "Default: Not set" msgstr "" @@ -897,7 +898,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:655 sssd.conf.5.xml:687 sssd.conf.5.xml:968 -#: sssd.conf.5.xml:1222 sssd-ldap.5.xml:1294 +#: sssd.conf.5.xml:1229 sssd-ldap.5.xml:1412 msgid "Default: 60" msgstr "" @@ -952,12 +953,12 @@ msgid "" "resource exhaustion on the system. The minimum acceptable value for this " "option is 60 seconds. Setting this option to 0 (zero) means that no timeout " "will be set up to the responder. This option only has effect when SSSD is " -"built with systemd support and when services are either socket or dbus " +"built with systemd support and when services are either socket or D-Bus " "activated." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:709 sssd.conf.5.xml:980 sssd.conf.5.xml:1559 +#: sssd.conf.5.xml:709 sssd.conf.5.xml:981 sssd.conf.5.xml:1566 #: sssd-ldap.5.xml:722 msgid "Default: 300" msgstr "" @@ -1035,7 +1036,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:775 sssd.conf.5.xml:1421 +#: sssd.conf.5.xml:775 sssd.conf.5.xml:1428 msgid "Default: 50" msgstr "" @@ -1053,7 +1054,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:789 sssd.conf.5.xml:1445 +#: sssd.conf.5.xml:789 sssd.conf.5.xml:1452 msgid "Default: 15" msgstr "" @@ -1070,7 +1071,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:802 sssd.conf.5.xml:1210 sssd.conf.5.xml:2815 sssd.8.xml:79 +#: sssd.conf.5.xml:802 sssd.conf.5.xml:1217 sssd.conf.5.xml:2846 sssd.8.xml:79 msgid "Default: 0" msgstr "" @@ -1140,7 +1141,7 @@ msgid "" msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:856 sssd.conf.5.xml:1289 sssd.conf.5.xml:1308 +#: sssd.conf.5.xml:856 sssd.conf.5.xml:1296 sssd.conf.5.xml:1315 #: sssd-krb5.5.xml:539 include/override_homedir.xml:59 msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" @@ -1274,12 +1275,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:961 sssd.conf.5.xml:1215 +#: sssd.conf.5.xml:961 sssd.conf.5.xml:1222 msgid "get_domains_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:964 sssd.conf.5.xml:1218 +#: sssd.conf.5.xml:964 sssd.conf.5.xml:1225 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." @@ -1294,23 +1295,30 @@ msgstr "" #: sssd.conf.5.xml:976 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " -"valid." +"valid. Setting this option to zero will disable the in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:983 +#: sssd.conf.5.xml:984 +msgid "" +"WARNING: Disabling the in-memory cache will have significant negative impact " +"on SSSD's performance and should only be used for testing." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:990 msgid "" "NOTE: If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", " "client applications will not use the fast in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:991 sssd-ifp.5.xml:74 +#: sssd.conf.5.xml:998 sssd-ifp.5.xml:74 msgid "user_attributes (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:994 +#: sssd.conf.5.xml:1001 msgid "" "Some of the additional NSS responder requests can return more attributes " "than just the POSIX ones defined by the NSS interface. The list of " @@ -1321,96 +1329,96 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1007 +#: sssd.conf.5.xml:1014 msgid "" "To make configuration more easy the NSS responder will check the InfoPipe " "option if it is not set for the NSS responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1012 +#: sssd.conf.5.xml:1019 msgid "Default: not set, fallback to InfoPipe option" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1017 +#: sssd.conf.5.xml:1024 msgid "pwfield (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1020 +#: sssd.conf.5.xml:1027 msgid "" "The value that NSS operations that return users or groups will return for " "the <quote>password</quote> field." msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:1025 include/override_homedir.xml:56 +#: sssd.conf.5.xml:1032 include/override_homedir.xml:56 msgid "This option can also be set per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1028 +#: sssd.conf.5.xml:1035 msgid "" "Default: <quote>*</quote> (remote domains) or <quote>x</quote> (the files " "domain)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1036 +#: sssd.conf.5.xml:1043 msgid "PAM configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1038 +#: sssd.conf.5.xml:1045 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1043 +#: sssd.conf.5.xml:1050 msgid "offline_credentials_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1046 +#: sssd.conf.5.xml:1053 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1051 sssd.conf.5.xml:1064 +#: sssd.conf.5.xml:1058 sssd.conf.5.xml:1071 msgid "Default: 0 (No limit)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1057 +#: sssd.conf.5.xml:1064 msgid "offline_failed_login_attempts (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1060 +#: sssd.conf.5.xml:1067 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1070 +#: sssd.conf.5.xml:1077 msgid "offline_failed_login_delay (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1073 +#: sssd.conf.5.xml:1080 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1078 +#: sssd.conf.5.xml:1085 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -1418,59 +1426,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1084 sssd.conf.5.xml:1182 +#: sssd.conf.5.xml:1091 sssd.conf.5.xml:1189 msgid "Default: 5" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1090 +#: sssd.conf.5.xml:1097 msgid "pam_verbosity (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1093 +#: sssd.conf.5.xml:1100 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1098 +#: sssd.conf.5.xml:1105 msgid "Currently sssd supports the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1101 +#: sssd.conf.5.xml:1108 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1104 +#: sssd.conf.5.xml:1111 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1108 +#: sssd.conf.5.xml:1115 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1111 +#: sssd.conf.5.xml:1118 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1115 sssd.8.xml:63 +#: sssd.conf.5.xml:1122 sssd.8.xml:63 msgid "Default: 1" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1121 +#: sssd.conf.5.xml:1128 msgid "pam_response_filter (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1124 +#: sssd.conf.5.xml:1131 msgid "" "A comma separated list of strings which allows to remove (filter) data sent " "by the PAM responder to pam_sss PAM module. There are different kind of " @@ -1479,61 +1487,61 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1132 +#: sssd.conf.5.xml:1139 msgid "" "While messages already can be controlled with the help of the pam_verbosity " "option this option allows to filter out other kind of responses as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1139 +#: sssd.conf.5.xml:1146 msgid "ENV" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1140 +#: sssd.conf.5.xml:1147 msgid "Do not send any environment variables to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1143 +#: sssd.conf.5.xml:1150 msgid "ENV:var_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1144 +#: sssd.conf.5.xml:1151 msgid "Do not send environment variable var_name to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1148 +#: sssd.conf.5.xml:1155 msgid "ENV:var_name:service" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1149 +#: sssd.conf.5.xml:1156 msgid "Do not send environment variable var_name to service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1137 +#: sssd.conf.5.xml:1144 msgid "" "Currently the following filters are supported: <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1159 +#: sssd.conf.5.xml:1166 msgid "Example: ENV:KRB5CCNAME:sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1165 +#: sssd.conf.5.xml:1172 msgid "pam_id_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1168 +#: sssd.conf.5.xml:1175 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1541,7 +1549,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1174 +#: sssd.conf.5.xml:1181 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -1550,17 +1558,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1188 +#: sssd.conf.5.xml:1195 msgid "pam_pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1191 sssd.conf.5.xml:2010 +#: sssd.conf.5.xml:1198 sssd.conf.5.xml:2028 msgid "Display a warning N days before the password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1194 +#: sssd.conf.5.xml:1201 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1568,26 +1576,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1200 sssd.conf.5.xml:2013 +#: sssd.conf.5.xml:1207 sssd.conf.5.xml:2031 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1205 +#: sssd.conf.5.xml:1212 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:1234 msgid "pam_trusted_users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1230 +#: sssd.conf.5.xml:1237 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to run PAM conversations against trusted domains. Users not " @@ -1597,74 +1605,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1240 +#: sssd.conf.5.xml:1247 msgid "Default: All users are considered trusted by default" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1244 +#: sssd.conf.5.xml:1251 msgid "" "Please note that UID 0 is always allowed to access the PAM responder even in " "case it is not in the pam_trusted_users list." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1251 +#: sssd.conf.5.xml:1258 msgid "pam_public_domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1254 +#: sssd.conf.5.xml:1261 msgid "" "Specifies the comma-separated list of domain names that are accessible even " "to untrusted users." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1258 +#: sssd.conf.5.xml:1265 msgid "Two special values for pam_public_domains option are defined:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1262 +#: sssd.conf.5.xml:1269 msgid "" "all (Untrusted users are allowed to access all domains in PAM responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1266 +#: sssd.conf.5.xml:1273 msgid "" "none (Untrusted users are not allowed to access any domains PAM in " "responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1270 sssd.conf.5.xml:1295 sssd.conf.5.xml:1314 -#: sssd.conf.5.xml:1807 sssd.conf.5.xml:2751 sssd-ldap.5.xml:1850 +#: sssd.conf.5.xml:1277 sssd.conf.5.xml:1302 sssd.conf.5.xml:1321 +#: sssd.conf.5.xml:1825 sssd.conf.5.xml:2782 sssd-ldap.5.xml:1968 msgid "Default: none" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1275 +#: sssd.conf.5.xml:1282 msgid "pam_account_expired_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1278 +#: sssd.conf.5.xml:1285 msgid "" "Allows a custom expiration message to be set, replacing the default " "'Permission denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1283 +#: sssd.conf.5.xml:1290 msgid "" "Note: Please be aware that message is only printed for the SSH service " "unless pam_verbosity is set to 3 (show all messages and debug information)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1291 +#: sssd.conf.5.xml:1298 #, no-wrap msgid "" "pam_account_expired_message = Account expired, please contact help desk.\n" @@ -1672,19 +1680,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1300 +#: sssd.conf.5.xml:1307 msgid "pam_account_locked_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1303 +#: sssd.conf.5.xml:1310 msgid "" "Allows a custom lockout message to be set, replacing the default 'Permission " "denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1310 +#: sssd.conf.5.xml:1317 #, no-wrap msgid "" "pam_account_locked_message = Account locked, please contact help desk.\n" @@ -1692,12 +1700,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1319 +#: sssd.conf.5.xml:1326 msgid "pam_cert_auth (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1322 +#: sssd.conf.5.xml:1329 msgid "" "Enable certificate based Smartcard authentication. Since this requires " "additional communication with the Smartcard which will delay the " @@ -1705,58 +1713,58 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1328 sssd-ldap.5.xml:1078 sssd-ldap.5.xml:1105 -#: sssd-ldap.5.xml:1396 sssd-ldap.5.xml:1417 sssd-ldap.5.xml:1923 -#: include/ldap_id_mapping.xml:244 +#: sssd.conf.5.xml:1335 sssd.conf.5.xml:2875 sssd-ldap.5.xml:1087 +#: sssd-ldap.5.xml:1114 sssd-ldap.5.xml:1514 sssd-ldap.5.xml:1535 +#: sssd-ldap.5.xml:2041 include/ldap_id_mapping.xml:244 msgid "Default: False" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1333 +#: sssd.conf.5.xml:1340 msgid "pam_cert_db_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1336 +#: sssd.conf.5.xml:1343 msgid "" "The path to the certificate database which contain the PKCS#11 modules to " "access the Smartcard." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1340 +#: sssd.conf.5.xml:1347 msgid "Default: /etc/pki/nssdb (NSS version)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1345 +#: sssd.conf.5.xml:1352 msgid "p11_child_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1348 +#: sssd.conf.5.xml:1355 msgid "How many seconds will pam_sss wait for p11_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1357 +#: sssd.conf.5.xml:1364 msgid "pam_app_services (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1360 +#: sssd.conf.5.xml:1367 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1373 +#: sssd.conf.5.xml:1380 msgid "SUDO configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1375 +#: sssd.conf.5.xml:1382 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -1767,26 +1775,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1392 +#: sssd.conf.5.xml:1399 msgid "sudo_timed (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1395 +#: sssd.conf.5.xml:1402 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1407 +#: sssd.conf.5.xml:1414 #, fuzzy #| msgid "debug_level (integer)" msgid "sudo_threshold (integer)" msgstr "debug_level (integer)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1410 +#: sssd.conf.5.xml:1417 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -1796,22 +1804,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1429 +#: sssd.conf.5.xml:1436 msgid "AUTOFS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1431 +#: sssd.conf.5.xml:1438 msgid "These options can be used to configure the autofs service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1435 +#: sssd.conf.5.xml:1442 msgid "autofs_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1438 +#: sssd.conf.5.xml:1445 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -1819,68 +1827,68 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1454 +#: sssd.conf.5.xml:1461 msgid "SSH configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1456 +#: sssd.conf.5.xml:1463 msgid "These options can be used to configure the SSH service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1460 +#: sssd.conf.5.xml:1467 msgid "ssh_hash_known_hosts (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1463 +#: sssd.conf.5.xml:1470 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1472 +#: sssd.conf.5.xml:1479 msgid "ssh_known_hosts_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1475 +#: sssd.conf.5.xml:1482 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1479 +#: sssd.conf.5.xml:1486 msgid "Default: 180" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1484 +#: sssd.conf.5.xml:1491 msgid "ca_db (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1487 +#: sssd.conf.5.xml:1494 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1492 +#: sssd.conf.5.xml:1499 msgid "Default: /etc/pki/nssdb" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1500 +#: sssd.conf.5.xml:1507 msgid "PAC responder configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1502 +#: sssd.conf.5.xml:1509 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -1891,7 +1899,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1511 +#: sssd.conf.5.xml:1518 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -1902,24 +1910,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1519 +#: sssd.conf.5.xml:1526 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1525 +#: sssd.conf.5.xml:1532 msgid "These options can be used to configure the PAC responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1529 sssd-ifp.5.xml:50 +#: sssd.conf.5.xml:1536 sssd-ifp.5.xml:50 msgid "allowed_uids (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1532 +#: sssd.conf.5.xml:1539 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -1927,12 +1935,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1538 +#: sssd.conf.5.xml:1545 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1542 +#: sssd.conf.5.xml:1549 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -1941,24 +1949,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1551 +#: sssd.conf.5.xml:1558 msgid "pac_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1554 +#: sssd.conf.5.xml:1561 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1567 +#: sssd.conf.5.xml:1574 msgid "Session recording configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1569 +#: sssd.conf.5.xml:1576 msgid "" "Session recording works in conjunction with <citerefentry> " "<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> </" @@ -1968,68 +1976,68 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1582 +#: sssd.conf.5.xml:1589 msgid "These options can be used to configure session recording." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1586 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:1593 sssd-session-recording.5.xml:64 msgid "scope (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1593 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:1600 sssd-session-recording.5.xml:71 msgid "\"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1596 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:1603 sssd-session-recording.5.xml:74 msgid "No users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1601 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:1608 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1604 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:1611 sssd-session-recording.5.xml:82 msgid "" "Users/groups specified by <replaceable>users</replaceable> and " "<replaceable>groups</replaceable> options are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1613 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:1620 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1616 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:1623 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1589 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:1596 sssd-session-recording.5.xml:67 msgid "" "One of the following strings specifying the scope of session recording: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1623 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:1630 sssd-session-recording.5.xml:101 #, fuzzy #| msgid "Default: not set" msgid "Default: \"none\"" msgstr "Oletus: ei asetettu" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1628 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:1635 sssd-session-recording.5.xml:106 msgid "users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1631 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:1638 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording enabled. " "Matches user names as returned by NSS. I.e. after the possible space " @@ -2037,17 +2045,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1637 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:1644 sssd-session-recording.5.xml:115 msgid "Default: Empty. Matches no users." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1642 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:1649 sssd-session-recording.5.xml:120 msgid "groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1645 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:1652 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " @@ -2055,7 +2063,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1651 sssd-session-recording.5.xml:129 +#: sssd.conf.5.xml:1658 sssd-session-recording.5.xml:129 msgid "" "NOTE: using this option (having it set to anything) has a considerable " "performance cost, because each uncached request for a user requires " @@ -2063,22 +2071,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1658 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:1665 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1668 +#: sssd.conf.5.xml:1675 msgid "DOMAIN SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1675 +#: sssd.conf.5.xml:1682 msgid "domain_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1678 +#: sssd.conf.5.xml:1685 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " @@ -2087,14 +2095,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1686 +#: sssd.conf.5.xml:1693 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1690 +#: sssd.conf.5.xml:1697 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " @@ -2103,38 +2111,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1698 +#: sssd.conf.5.xml:1705 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1702 +#: sssd.conf.5.xml:1709 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1706 +#: sssd.conf.5.xml:1713 msgid "Default: posix" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1712 +#: sssd.conf.5.xml:1719 msgid "min_id,max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1715 +#: sssd.conf.5.xml:1722 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1720 +#: sssd.conf.5.xml:1727 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -2143,46 +2151,55 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1727 +#: sssd.conf.5.xml:1734 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1731 +#: sssd.conf.5.xml:1738 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1737 +#: sssd.conf.5.xml:1744 msgid "enumerate (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1740 +#: sssd.conf.5.xml:1747 msgid "" -"Determines if a domain can be enumerated. This parameter can have one of the " -"following values:" +"Determines if a domain can be enumerated, that is, whether the domain can " +"list all the users and group it contains. Note that it is not required to " +"enable enumeration in order for secondary groups to be displayed. This " +"parameter can have one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1744 +#: sssd.conf.5.xml:1755 msgid "TRUE = Users and groups are enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1747 +#: sssd.conf.5.xml:1758 msgid "FALSE = No enumerations for this domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1750 sssd.conf.5.xml:1965 sssd.conf.5.xml:2132 +#: sssd.conf.5.xml:1761 sssd.conf.5.xml:1983 sssd.conf.5.xml:2150 msgid "Default: FALSE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1753 +#: sssd.conf.5.xml:1764 +msgid "" +"Enumerating a domain requires SSSD to download and store ALL user and group " +"entries from the remote server." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1769 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -2190,18 +2207,20 @@ msgid "" "information will go directly to LDAP, though it may be slow, due to the " "heavy enumeration processing. Saving a large number of entries to cache " "after the enumeration completes might also be CPU intensive as the " -"memberships have to be recomputed." +"memberships have to be recomputed. This can lead to the <quote>sssd_be</" +"quote> process becoming unresponsive or even restarted by the internal " +"watchdog." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1766 +#: sssd.conf.5.xml:1784 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1771 +#: sssd.conf.5.xml:1789 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -2210,39 +2229,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1779 +#: sssd.conf.5.xml:1797 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1787 +#: sssd.conf.5.xml:1805 msgid "subdomain_enumerate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1794 +#: sssd.conf.5.xml:1812 msgid "all" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1795 +#: sssd.conf.5.xml:1813 msgid "All discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1798 +#: sssd.conf.5.xml:1816 msgid "none" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1799 +#: sssd.conf.5.xml:1817 msgid "No discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1790 +#: sssd.conf.5.xml:1808 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -2251,19 +2270,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1813 +#: sssd.conf.5.xml:1831 msgid "entry_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1816 +#: sssd.conf.5.xml:1834 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1820 +#: sssd.conf.5.xml:1838 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -2274,151 +2293,151 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1833 +#: sssd.conf.5.xml:1851 msgid "Default: 5400" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1839 +#: sssd.conf.5.xml:1857 msgid "entry_cache_user_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1842 +#: sssd.conf.5.xml:1860 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1846 sssd.conf.5.xml:1859 sssd.conf.5.xml:1872 -#: sssd.conf.5.xml:1885 sssd.conf.5.xml:1898 sssd.conf.5.xml:1912 -#: sssd.conf.5.xml:1926 +#: sssd.conf.5.xml:1864 sssd.conf.5.xml:1877 sssd.conf.5.xml:1890 +#: sssd.conf.5.xml:1903 sssd.conf.5.xml:1916 sssd.conf.5.xml:1930 +#: sssd.conf.5.xml:1944 msgid "Default: entry_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1852 +#: sssd.conf.5.xml:1870 msgid "entry_cache_group_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1855 +#: sssd.conf.5.xml:1873 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1865 +#: sssd.conf.5.xml:1883 msgid "entry_cache_netgroup_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1868 +#: sssd.conf.5.xml:1886 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1878 +#: sssd.conf.5.xml:1896 msgid "entry_cache_service_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1881 +#: sssd.conf.5.xml:1899 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1891 +#: sssd.conf.5.xml:1909 msgid "entry_cache_sudo_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1894 +#: sssd.conf.5.xml:1912 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1904 +#: sssd.conf.5.xml:1922 msgid "entry_cache_autofs_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1907 +#: sssd.conf.5.xml:1925 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1918 +#: sssd.conf.5.xml:1936 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1921 +#: sssd.conf.5.xml:1939 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1932 +#: sssd.conf.5.xml:1950 msgid "refresh_expired_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1935 +#: sssd.conf.5.xml:1953 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1940 +#: sssd.conf.5.xml:1958 msgid "" "The background refresh will process users, groups and netgroups in the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1944 +#: sssd.conf.5.xml:1962 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1948 sssd-ldap.5.xml:746 sssd-ipa.5.xml:248 +#: sssd.conf.5.xml:1966 sssd-ldap.5.xml:746 sssd-ipa.5.xml:254 msgid "Default: 0 (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1954 +#: sssd.conf.5.xml:1972 msgid "cache_credentials (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1957 +#: sssd.conf.5.xml:1975 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1961 +#: sssd.conf.5.xml:1979 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1971 +#: sssd.conf.5.xml:1989 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1974 +#: sssd.conf.5.xml:1992 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " @@ -2426,24 +2445,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1981 +#: sssd.conf.5.xml:1999 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1986 +#: sssd.conf.5.xml:2004 msgid "Default: 8" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1992 +#: sssd.conf.5.xml:2010 msgid "account_cache_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1995 +#: sssd.conf.5.xml:2013 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -2452,17 +2471,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2002 +#: sssd.conf.5.xml:2020 msgid "Default: 0 (unlimited)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2007 +#: sssd.conf.5.xml:2025 msgid "pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2018 +#: sssd.conf.5.xml:2036 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -2471,33 +2490,33 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2025 +#: sssd.conf.5.xml:2043 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2031 +#: sssd.conf.5.xml:2049 msgid "id_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2034 +#: sssd.conf.5.xml:2052 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2038 +#: sssd.conf.5.xml:2056 msgid "<quote>proxy</quote>: Support a legacy NSS provider" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2041 sssd.conf.5.xml:2178 +#: sssd.conf.5.xml:2059 sssd.conf.5.xml:2196 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2045 +#: sssd.conf.5.xml:2063 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -2505,8 +2524,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2053 sssd.conf.5.xml:2158 sssd.conf.5.xml:2213 -#: sssd.conf.5.xml:2276 +#: sssd.conf.5.xml:2071 sssd.conf.5.xml:2176 sssd.conf.5.xml:2231 +#: sssd.conf.5.xml:2294 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -2515,8 +2534,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2062 sssd.conf.5.xml:2167 sssd.conf.5.xml:2222 -#: sssd.conf.5.xml:2285 +#: sssd.conf.5.xml:2080 sssd.conf.5.xml:2185 sssd.conf.5.xml:2240 +#: sssd.conf.5.xml:2303 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2524,19 +2543,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2073 +#: sssd.conf.5.xml:2091 msgid "use_fully_qualified_names (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2076 +#: sssd.conf.5.xml:2094 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2081 +#: sssd.conf.5.xml:2099 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -2545,7 +2564,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2089 +#: sssd.conf.5.xml:2107 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -2553,22 +2572,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2096 +#: sssd.conf.5.xml:2114 msgid "Default: FALSE (TRUE if default_domain_suffix is used)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2102 +#: sssd.conf.5.xml:2120 msgid "ignore_group_members (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2105 +#: sssd.conf.5.xml:2123 msgid "Do not return group members for group lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2108 +#: sssd.conf.5.xml:2126 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -2580,7 +2599,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2126 +#: sssd.conf.5.xml:2144 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " @@ -2588,19 +2607,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2137 +#: sssd.conf.5.xml:2155 msgid "auth_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2140 +#: sssd.conf.5.xml:2158 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2144 sssd.conf.5.xml:2206 +#: sssd.conf.5.xml:2162 sssd.conf.5.xml:2224 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2608,7 +2627,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2151 +#: sssd.conf.5.xml:2169 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2616,30 +2635,30 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2175 +#: sssd.conf.5.xml:2193 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2182 +#: sssd.conf.5.xml:2200 msgid "<quote>none</quote> disables authentication explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2185 +#: sssd.conf.5.xml:2203 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2191 +#: sssd.conf.5.xml:2209 msgid "access_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2194 +#: sssd.conf.5.xml:2212 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -2647,19 +2666,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2200 +#: sssd.conf.5.xml:2218 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2203 +#: sssd.conf.5.xml:2221 msgid "<quote>deny</quote> always deny access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2230 +#: sssd.conf.5.xml:2248 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -2668,7 +2687,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2237 +#: sssd.conf.5.xml:2255 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum></" @@ -2676,29 +2695,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2244 +#: sssd.conf.5.xml:2262 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2247 +#: sssd.conf.5.xml:2265 msgid "Default: <quote>permit</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2252 +#: sssd.conf.5.xml:2270 msgid "chpass_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2255 +#: sssd.conf.5.xml:2273 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2260 +#: sssd.conf.5.xml:2278 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -2706,7 +2725,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2268 +#: sssd.conf.5.xml:2286 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2714,35 +2733,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2293 +#: sssd.conf.5.xml:2311 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2297 +#: sssd.conf.5.xml:2315 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2300 +#: sssd.conf.5.xml:2318 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2307 +#: sssd.conf.5.xml:2325 msgid "sudo_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2310 +#: sssd.conf.5.xml:2328 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2314 +#: sssd.conf.5.xml:2332 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2750,32 +2769,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2322 +#: sssd.conf.5.xml:2340 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2326 +#: sssd.conf.5.xml:2344 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2330 +#: sssd.conf.5.xml:2348 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2333 sssd.conf.5.xml:2411 sssd.conf.5.xml:2476 -#: sssd.conf.5.xml:2501 +#: sssd.conf.5.xml:2351 sssd.conf.5.xml:2437 sssd.conf.5.xml:2507 +#: sssd.conf.5.xml:2532 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2337 +#: sssd.conf.5.xml:2355 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -2785,13 +2804,22 @@ msgid "" "<manvolnum>5</manvolnum> </citerefentry>." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2370 +msgid "" +"<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " +"background unless the sudo provider is explicitly disabled. Set " +"<emphasis>sudo_provider = None</emphasis> to disable all sudo-related " +"activity in SSSD if you do not want to use sudo with SSSD at all." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2354 +#: sssd.conf.5.xml:2380 msgid "selinux_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2357 +#: sssd.conf.5.xml:2383 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -2799,7 +2827,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2363 +#: sssd.conf.5.xml:2389 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -2807,31 +2835,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2371 +#: sssd.conf.5.xml:2397 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2374 +#: sssd.conf.5.xml:2400 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2380 +#: sssd.conf.5.xml:2406 msgid "subdomains_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2383 +#: sssd.conf.5.xml:2409 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2389 +#: sssd.conf.5.xml:2415 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -2839,7 +2867,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2398 +#: sssd.conf.5.xml:2424 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -2848,17 +2876,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2407 +#: sssd.conf.5.xml:2433 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2417 +#: sssd.conf.5.xml:2443 msgid "session_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2420 +#: sssd.conf.5.xml:2446 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " @@ -2866,36 +2894,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2427 +#: sssd.conf.5.xml:2453 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2431 +#: sssd.conf.5.xml:2457 msgid "" "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2435 +#: sssd.conf.5.xml:2461 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can perform " "session related tasks." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2465 +msgid "" +"<emphasis>NOTE:</emphasis> In order to have this feature working as expected " +"SSSD must be running as \"root\" and not as the unprivileged user." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2442 +#: sssd.conf.5.xml:2473 msgid "autofs_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2445 +#: sssd.conf.5.xml:2476 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2449 +#: sssd.conf.5.xml:2480 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2903,7 +2938,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2456 +#: sssd.conf.5.xml:2487 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2911,7 +2946,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2464 +#: sssd.conf.5.xml:2495 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2919,24 +2954,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2473 +#: sssd.conf.5.xml:2504 msgid "<quote>none</quote> disables autofs explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2483 +#: sssd.conf.5.xml:2514 msgid "hostid_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2486 +#: sssd.conf.5.xml:2517 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2490 +#: sssd.conf.5.xml:2521 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -2944,12 +2979,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2498 +#: sssd.conf.5.xml:2529 msgid "<quote>none</quote> disables hostid explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2511 +#: sssd.conf.5.xml:2542 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -2959,7 +2994,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2520 +#: sssd.conf.5.xml:2551 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -2968,29 +3003,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2525 +#: sssd.conf.5.xml:2556 msgid "username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2528 +#: sssd.conf.5.xml:2559 msgid "username@domain.name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2531 +#: sssd.conf.5.xml:2562 msgid "domain\\username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2534 +#: sssd.conf.5.xml:2565 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2539 +#: sssd.conf.5.xml:2570 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -2998,7 +3033,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2545 +#: sssd.conf.5.xml:2576 msgid "" "PLEASE NOTE: the support for non-unique named subpatterns is not available " "on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre " @@ -3006,66 +3041,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2552 +#: sssd.conf.5.xml:2583 msgid "" "PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?" "P<name>) to label subpatterns." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2599 +#: sssd.conf.5.xml:2630 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2605 +#: sssd.conf.5.xml:2636 msgid "lookup_family_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2608 +#: sssd.conf.5.xml:2639 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2612 +#: sssd.conf.5.xml:2643 msgid "Supported values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2615 +#: sssd.conf.5.xml:2646 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2618 +#: sssd.conf.5.xml:2649 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2621 +#: sssd.conf.5.xml:2652 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2624 +#: sssd.conf.5.xml:2655 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2627 +#: sssd.conf.5.xml:2658 msgid "Default: ipv4_first" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2633 +#: sssd.conf.5.xml:2664 msgid "dns_resolver_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2636 +#: sssd.conf.5.xml:2667 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the " "internal fail over service before assuming that the service is unreachable. " @@ -3074,77 +3109,77 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2643 +#: sssd.conf.5.xml:2674 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2648 sssd-ldap.5.xml:1278 sssd-ldap.5.xml:1320 -#: sssd-ldap.5.xml:1338 sssd-krb5.5.xml:248 +#: sssd.conf.5.xml:2679 sssd-ldap.5.xml:1396 sssd-ldap.5.xml:1438 +#: sssd-ldap.5.xml:1456 sssd-krb5.5.xml:248 msgid "Default: 6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2654 +#: sssd.conf.5.xml:2685 msgid "dns_discovery_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2657 +#: sssd.conf.5.xml:2688 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2661 +#: sssd.conf.5.xml:2692 msgid "Default: Use the domain part of machine's hostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2667 +#: sssd.conf.5.xml:2698 msgid "override_gid (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2670 +#: sssd.conf.5.xml:2701 msgid "Override the primary GID value with the one specified." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2676 +#: sssd.conf.5.xml:2707 msgid "case_sensitive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2684 +#: sssd.conf.5.xml:2715 msgid "True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2687 +#: sssd.conf.5.xml:2718 msgid "Case sensitive. This value is invalid for AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2693 +#: sssd.conf.5.xml:2724 msgid "False" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2695 +#: sssd.conf.5.xml:2726 msgid "Case insensitive." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2699 +#: sssd.conf.5.xml:2730 msgid "Preserving" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2702 +#: sssd.conf.5.xml:2733 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " @@ -3152,7 +3187,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2679 +#: sssd.conf.5.xml:2710 msgid "" "Treat user and group names as case sensitive. At the moment, this option is " "not supported in the local provider. Possible option values are: " @@ -3160,17 +3195,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2714 +#: sssd.conf.5.xml:2745 msgid "Default: True (False for AD provider)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2720 +#: sssd.conf.5.xml:2751 msgid "subdomain_inherit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2723 +#: sssd.conf.5.xml:2754 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " @@ -3178,34 +3213,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2729 +#: sssd.conf.5.xml:2760 msgid "ignore_group_members" msgstr "ignore_group_members" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2732 +#: sssd.conf.5.xml:2763 msgid "ldap_purge_cache_timeout" msgstr "ldap_purge_cache_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2735 sssd-ldap.5.xml:1111 +#: sssd.conf.5.xml:2766 sssd-ldap.5.xml:1120 msgid "ldap_use_tokengroups" msgstr "ldap_use_tokengroups" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2738 +#: sssd.conf.5.xml:2769 msgid "ldap_user_principal" msgstr "ldap_user_principal" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2741 +#: sssd.conf.5.xml:2772 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:2747 +#: sssd.conf.5.xml:2778 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" @@ -3215,32 +3250,32 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2745 sssd-secrets.5.xml:448 +#: sssd.conf.5.xml:2776 sssd-secrets.5.xml:448 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "Esimerkki: <placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2754 +#: sssd.conf.5.xml:2785 msgid "Note: This option only works with the IPA and AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2761 +#: sssd.conf.5.xml:2792 msgid "subdomain_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2772 +#: sssd.conf.5.xml:2803 msgid "%F" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2773 +#: sssd.conf.5.xml:2804 msgid "flat (NetBIOS) name of a subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2764 +#: sssd.conf.5.xml:2795 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -3250,34 +3285,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2778 +#: sssd.conf.5.xml:2809 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2782 +#: sssd.conf.5.xml:2813 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2787 +#: sssd.conf.5.xml:2818 msgid "realmd_tags (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2790 +#: sssd.conf.5.xml:2821 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2796 +#: sssd.conf.5.xml:2827 msgid "cached_auth_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2799 +#: sssd.conf.5.xml:2830 msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " @@ -3285,20 +3320,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2805 +#: sssd.conf.5.xml:2836 msgid "Special value 0 implies that this feature is disabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2809 +#: sssd.conf.5.xml:2840 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " "<quote>initgroups.</quote>" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2851 +msgid "auto_private_groups (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2854 +msgid "" +"If this option is enabled, SSSD will automatically create user private " +"groups based on user's UID number. The GID number is ignored in this case." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2859 +msgid "" +"For POSIX subdomains, setting the option in the main domain is inherited in " +"the subdomain." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2863 +msgid "" +"For ID-mapping subdomains, auto_private_groups is already enabled for the " +"subdomains and setting it to false will not have any effect for the " +"subdomain." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2868 +msgid "" +"NOTE: Because the GID number and the user private group are inferred from " +"the UID number, it is not supported to have multiple entries with the same " +"UID or GID number with this option. In other words, enabling this option " +"enforces uniqueness across the ID space." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1670 +#: sssd.conf.5.xml:1677 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -3306,29 +3377,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2827 +#: sssd.conf.5.xml:2887 msgid "proxy_pam_target (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2830 +#: sssd.conf.5.xml:2890 msgid "The proxy target PAM proxies to." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2833 +#: sssd.conf.5.xml:2893 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2841 +#: sssd.conf.5.xml:2901 msgid "proxy_lib_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2844 +#: sssd.conf.5.xml:2904 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -3336,12 +3407,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2854 +#: sssd.conf.5.xml:2914 msgid "proxy_fast_alias (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2857 +#: sssd.conf.5.xml:2917 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -3350,12 +3421,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2871 +#: sssd.conf.5.xml:2931 msgid "proxy_max_children (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2874 +#: sssd.conf.5.xml:2934 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " @@ -3363,19 +3434,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:2823 +#: sssd.conf.5.xml:2883 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2890 +#: sssd.conf.5.xml:2950 msgid "Application domains" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2892 +#: sssd.conf.5.xml:2952 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> <refentrytitle>sssd-ifp</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) is appealing to " @@ -3392,7 +3463,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2912 +#: sssd.conf.5.xml:2972 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " @@ -3400,17 +3471,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:2918 +#: sssd.conf.5.xml:2978 msgid "Application domain parameters" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2920 +#: sssd.conf.5.xml:2980 msgid "inherit_from (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2923 +#: sssd.conf.5.xml:2983 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " @@ -3419,7 +3490,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2937 +#: sssd.conf.5.xml:2997 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " @@ -3429,7 +3500,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:2945 +#: sssd.conf.5.xml:3005 #, no-wrap msgid "" "[sssd]\n" @@ -3449,12 +3520,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2963 +#: sssd.conf.5.xml:3023 msgid "The local domain section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2965 +#: sssd.conf.5.xml:3025 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -3462,73 +3533,73 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2972 +#: sssd.conf.5.xml:3032 msgid "default_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2975 +#: sssd.conf.5.xml:3035 msgid "The default shell for users created with SSSD userspace tools." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2979 +#: sssd.conf.5.xml:3039 msgid "Default: <filename>/bin/bash</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2984 +#: sssd.conf.5.xml:3044 msgid "base_directory (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2987 +#: sssd.conf.5.xml:3047 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2992 +#: sssd.conf.5.xml:3052 msgid "Default: <filename>/home</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2997 +#: sssd.conf.5.xml:3057 msgid "create_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3000 +#: sssd.conf.5.xml:3060 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3004 sssd.conf.5.xml:3016 +#: sssd.conf.5.xml:3064 sssd.conf.5.xml:3076 msgid "Default: TRUE" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3009 +#: sssd.conf.5.xml:3069 msgid "remove_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3012 +#: sssd.conf.5.xml:3072 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3021 +#: sssd.conf.5.xml:3081 msgid "homedir_umask (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3024 +#: sssd.conf.5.xml:3084 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -3536,17 +3607,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3032 +#: sssd.conf.5.xml:3092 msgid "Default: 077" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3037 +#: sssd.conf.5.xml:3097 msgid "skel_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3040 +#: sssd.conf.5.xml:3100 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -3555,17 +3626,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3050 +#: sssd.conf.5.xml:3110 msgid "Default: <filename>/etc/skel</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3055 +#: sssd.conf.5.xml:3115 msgid "mail_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3058 +#: sssd.conf.5.xml:3118 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -3573,17 +3644,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3065 +#: sssd.conf.5.xml:3125 msgid "Default: <filename>/var/mail</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3070 +#: sssd.conf.5.xml:3130 msgid "userdel_cmd (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3073 +#: sssd.conf.5.xml:3133 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -3591,17 +3662,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3079 +#: sssd.conf.5.xml:3139 msgid "Default: None, no command is run" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3089 +#: sssd.conf.5.xml:3149 msgid "TRUSTED DOMAIN SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3091 +#: sssd.conf.5.xml:3151 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called <quote>[domain/" @@ -3612,64 +3683,64 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3098 +#: sssd.conf.5.xml:3158 msgid "ldap_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3099 +#: sssd.conf.5.xml:3159 msgid "ldap_user_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3100 +#: sssd.conf.5.xml:3160 msgid "ldap_group_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3101 +#: sssd.conf.5.xml:3161 msgid "ldap_netgroup_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3102 +#: sssd.conf.5.xml:3162 msgid "ldap_service_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3103 +#: sssd.conf.5.xml:3163 msgid "ad_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3104 +#: sssd.conf.5.xml:3164 msgid "ad_backup_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3105 +#: sssd.conf.5.xml:3165 msgid "ad_site," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3106 +#: sssd.conf.5.xml:3166 msgid "use_fully_qualified_names" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3108 +#: sssd.conf.5.xml:3168 msgid "" "For more details about these options see their individual description in the " "manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3114 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:3174 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3120 +#: sssd.conf.5.xml:3180 #, no-wrap msgid "" "[sssd]\n" @@ -3699,7 +3770,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3116 +#: sssd.conf.5.xml:3176 msgid "" "1. The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -3708,7 +3779,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3153 +#: sssd.conf.5.xml:3213 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" @@ -3716,7 +3787,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3147 +#: sssd.conf.5.xml:3207 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -3764,7 +3835,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:75 sssd-ad.5.xml:99 +#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:81 sssd-ad.5.xml:112 #: sssd-krb5.5.xml:63 sssd-ifp.5.xml:44 sssd-files.5.xml:57 #: sssd-secrets.5.xml:120 sssd-session-recording.5.xml:58 sssd-kcm.8.xml:139 msgid "CONFIGURATION OPTIONS" @@ -3865,7 +3936,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:662 sssd-ad.5.xml:270 +#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:662 sssd-ad.5.xml:283 #: sss_override.8.xml:137 sss_override.8.xml:234 msgid "Examples:" msgstr "" @@ -4066,7 +4137,7 @@ msgid "The LDAP attribute that corresponds to the user's primary group id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:297 sssd-ldap.5.xml:920 +#: sssd-ldap.5.xml:297 sssd-ldap.5.xml:929 msgid "Default: gidNumber" msgstr "" @@ -4144,7 +4215,7 @@ msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:364 sssd-ldap.5.xml:946 +#: sssd-ldap.5.xml:364 sssd-ldap.5.xml:955 msgid "" "Default: not set in the general case, objectGUID for AD and ipaUniqueID for " "IPA" @@ -4163,7 +4234,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:379 sssd-ldap.5.xml:961 +#: sssd-ldap.5.xml:379 sssd-ldap.5.xml:970 msgid "Default: objectSid for ActiveDirectory, not set for other servers." msgstr "" @@ -4173,14 +4244,14 @@ msgid "ldap_user_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:389 sssd-ldap.5.xml:971 sssd-ldap.5.xml:1194 +#: sssd-ldap.5.xml:389 sssd-ldap.5.xml:980 sssd-ldap.5.xml:1203 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:393 sssd-ldap.5.xml:975 sssd-ldap.5.xml:1201 +#: sssd-ldap.5.xml:393 sssd-ldap.5.xml:984 sssd-ldap.5.xml:1210 msgid "Default: modifyTimestamp" msgstr "" @@ -4512,7 +4583,7 @@ msgid "The LDAP attribute that contains the user's SSH public keys." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:692 +#: sssd-ldap.5.xml:692 sssd-ldap.5.xml:1306 msgid "Default: sshPublicKey" msgstr "" @@ -4575,8 +4646,8 @@ msgid "The LDAP attribute that corresponds to the user's full name." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:759 sssd-ldap.5.xml:1152 sssd-ldap.5.xml:1226 -#: sssd-ldap.5.xml:2276 sssd-ipa.5.xml:588 +#: sssd-ldap.5.xml:759 sssd-ldap.5.xml:1161 sssd-ldap.5.xml:1235 +#: sssd-ldap.5.xml:1344 sssd-ldap.5.xml:2394 sssd-ipa.5.xml:607 msgid "Default: cn" msgstr "" @@ -4591,7 +4662,7 @@ msgid "The LDAP attribute that lists the user's group memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:772 +#: sssd-ldap.5.xml:772 sssd-ldap.5.xml:1274 msgid "Default: memberOf" msgstr "" @@ -4723,105 +4794,115 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:881 +msgid "" +"Note: If an email address of a user conflicts with an email address or fully " +"qualified name of another user, then SSSD will not be able to serve those " +"users properly. If for some reason several users need to share the same " +"email address then set this option to a nonexistent attribute name in order " +"to disable user lookup/login by email." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:890 msgid "Default: mail" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:887 +#: sssd-ldap.5.xml:896 msgid "ldap_group_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:890 +#: sssd-ldap.5.xml:899 msgid "The object class of a group entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:893 +#: sssd-ldap.5.xml:902 msgid "Default: posixGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:899 +#: sssd-ldap.5.xml:908 msgid "ldap_group_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:902 +#: sssd-ldap.5.xml:911 msgid "The LDAP attribute that corresponds to the group name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:906 +#: sssd-ldap.5.xml:915 msgid "Default: cn (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:913 +#: sssd-ldap.5.xml:922 msgid "ldap_group_gid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:916 +#: sssd-ldap.5.xml:925 msgid "The LDAP attribute that corresponds to the group's id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:926 +#: sssd-ldap.5.xml:935 msgid "ldap_group_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:929 +#: sssd-ldap.5.xml:938 msgid "The LDAP attribute that contains the names of the group's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:933 +#: sssd-ldap.5.xml:942 msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:939 +#: sssd-ldap.5.xml:948 msgid "ldap_group_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:942 +#: sssd-ldap.5.xml:951 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:953 +#: sssd-ldap.5.xml:962 msgid "ldap_group_objectsid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:956 +#: sssd-ldap.5.xml:965 msgid "" "The LDAP attribute that contains the objectSID of an LDAP group object. This " "is usually only necessary for ActiveDirectory servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:968 +#: sssd-ldap.5.xml:977 msgid "ldap_group_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:981 +#: sssd-ldap.5.xml:990 msgid "ldap_group_type (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:984 +#: sssd-ldap.5.xml:993 msgid "" "The LDAP attribute that contains an integer value indicating the type of the " "group and maybe other flags." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:989 +#: sssd-ldap.5.xml:998 msgid "" "This attribute is currently only used by the AD provider to determine if a " "group is a domain local groups and has to be filtered out for trusted " @@ -4829,34 +4910,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:995 +#: sssd-ldap.5.xml:1004 msgid "Default: groupType in the AD provider, otherwise not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1002 +#: sssd-ldap.5.xml:1011 msgid "ldap_group_external_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1005 +#: sssd-ldap.5.xml:1014 msgid "" "The LDAP attribute that references group members that are defined in an " "external domain. At the moment, only IPA's external members are supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1011 +#: sssd-ldap.5.xml:1020 msgid "Default: ipaExternalMember in the IPA provider, otherwise unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1018 +#: sssd-ldap.5.xml:1027 msgid "ldap_group_nesting_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1021 +#: sssd-ldap.5.xml:1030 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -4864,7 +4945,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1028 +#: sssd-ldap.5.xml:1037 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -4874,7 +4955,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1037 +#: sssd-ldap.5.xml:1046 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " @@ -4884,17 +4965,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1046 +#: sssd-ldap.5.xml:1055 msgid "Default: 2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1052 +#: sssd-ldap.5.xml:1061 msgid "ldap_groups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1055 +#: sssd-ldap.5.xml:1064 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which may speed up group lookup operations on deployments with " @@ -4902,14 +4983,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1061 +#: sssd-ldap.5.xml:1070 msgid "" "In most common cases, it is best to leave this option disabled. It generally " "only provides a performance increase on very complex nestings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1066 sssd-ldap.5.xml:1093 +#: sssd-ldap.5.xml:1075 sssd-ldap.5.xml:1102 msgid "" "If this option is enabled, SSSD will use it if it detects that the server " "supports it during initial connection. So \"True\" here essentially means " @@ -4917,7 +4998,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1072 sssd-ldap.5.xml:1099 +#: sssd-ldap.5.xml:1081 sssd-ldap.5.xml:1108 msgid "" "Note: This feature is currently known to work only with Active Directory " "2008 R1 and later. See <ulink url=\"http://msdn.microsoft.com/en-us/library/" @@ -4926,12 +5007,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1084 +#: sssd-ldap.5.xml:1093 msgid "ldap_initgroups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1087 +#: sssd-ldap.5.xml:1096 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which might speed up initgroups operations (most notably when " @@ -4939,168 +5020,272 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1114 +#: sssd-ldap.5.xml:1123 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1119 +#: sssd-ldap.5.xml:1128 msgid "Default: True for AD and IPA otherwise False." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1125 +#: sssd-ldap.5.xml:1134 msgid "ldap_netgroup_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1128 +#: sssd-ldap.5.xml:1137 msgid "The object class of a netgroup entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1131 +#: sssd-ldap.5.xml:1140 msgid "In IPA provider, ipa_netgroup_object_class should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1135 +#: sssd-ldap.5.xml:1144 msgid "Default: nisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1141 +#: sssd-ldap.5.xml:1150 msgid "ldap_netgroup_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1144 +#: sssd-ldap.5.xml:1153 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1148 +#: sssd-ldap.5.xml:1157 msgid "In IPA provider, ipa_netgroup_name should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1158 +#: sssd-ldap.5.xml:1167 msgid "ldap_netgroup_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1161 +#: sssd-ldap.5.xml:1170 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1165 +#: sssd-ldap.5.xml:1174 msgid "In IPA provider, ipa_netgroup_member should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1169 +#: sssd-ldap.5.xml:1178 msgid "Default: memberNisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1175 +#: sssd-ldap.5.xml:1184 msgid "ldap_netgroup_triple (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1178 +#: sssd-ldap.5.xml:1187 msgid "" "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1182 sssd-ldap.5.xml:1198 +#: sssd-ldap.5.xml:1191 sssd-ldap.5.xml:1207 msgid "This option is not available in IPA provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1185 +#: sssd-ldap.5.xml:1194 msgid "Default: nisNetgroupTriple" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1191 +#: sssd-ldap.5.xml:1200 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1207 -msgid "ldap_service_object_class (string)" +#: sssd-ldap.5.xml:1216 +msgid "ldap_host_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1210 -msgid "The object class of a service entry in LDAP." +#: sssd-ldap.5.xml:1219 +msgid "The object class of a host entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1213 +#: sssd-ldap.5.xml:1222 sssd-ldap.5.xml:1331 msgid "Default: ipService" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1219 +#: sssd-ldap.5.xml:1228 +msgid "ldap_host_name (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1231 sssd-ldap.5.xml:1257 +msgid "The LDAP attribute that corresponds to the host's name." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1241 +msgid "ldap_host_fqdn (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1244 +msgid "" +"The LDAP attribute that corresponds to the host's fully-qualified domain " +"name." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1248 +#, fuzzy +#| msgid "Default: false" +msgid "Default: fqdn" +msgstr "Oletus:epätosi" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1254 +msgid "ldap_host_serverhostname (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1261 +#, fuzzy +#| msgid "Default: not set" +msgid "Default: serverHostname" +msgstr "Oletus: ei asetettu" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1267 +msgid "ldap_host_member_of (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1270 +msgid "The LDAP attribute that lists the host's group memberships." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1280 +msgid "ldap_host_search_base (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1283 +msgid "Optional. Use the given string as search base for host objects." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1287 sssd-ipa.5.xml:359 sssd-ipa.5.xml:378 +#: sssd-ipa.5.xml:397 sssd-ipa.5.xml:416 +msgid "" +"See <quote>ldap_search_base</quote> for information about configuring " +"multiple search bases." +msgstr "" + +#. type: Content of: <listitem><para> +#: sssd-ldap.5.xml:1292 sssd-ipa.5.xml:364 include/ldap_search_bases.xml:27 +msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1299 +msgid "ldap_host_ssh_public_key (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1302 +msgid "The LDAP attribute that contains the host's SSH public keys." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1312 +msgid "ldap_host_uuid (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1315 +msgid "The LDAP attribute that contains the UUID/GUID of an LDAP host object." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1325 +msgid "ldap_service_object_class (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1328 +msgid "The object class of a service entry in LDAP." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1337 msgid "ldap_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1222 +#: sssd-ldap.5.xml:1340 msgid "" "The LDAP attribute that contains the name of service attributes and their " "aliases." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1232 +#: sssd-ldap.5.xml:1350 msgid "ldap_service_port (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1235 +#: sssd-ldap.5.xml:1353 msgid "The LDAP attribute that contains the port managed by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1239 +#: sssd-ldap.5.xml:1357 msgid "Default: ipServicePort" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1245 +#: sssd-ldap.5.xml:1363 msgid "ldap_service_proto (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1248 +#: sssd-ldap.5.xml:1366 msgid "" "The LDAP attribute that contains the protocols understood by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1252 +#: sssd-ldap.5.xml:1370 msgid "Default: ipServiceProtocol" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1258 +#: sssd-ldap.5.xml:1376 msgid "ldap_service_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1263 +#: sssd-ldap.5.xml:1381 msgid "ldap_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1266 +#: sssd-ldap.5.xml:1384 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -5108,7 +5293,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1272 +#: sssd-ldap.5.xml:1390 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -5116,12 +5301,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1284 +#: sssd-ldap.5.xml:1402 msgid "ldap_enumeration_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1287 +#: sssd-ldap.5.xml:1405 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -5129,12 +5314,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1300 +#: sssd-ldap.5.xml:1418 msgid "ldap_network_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1303 +#: sssd-ldap.5.xml:1421 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -5145,12 +5330,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1326 +#: sssd-ldap.5.xml:1444 msgid "ldap_opt_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1329 +#: sssd-ldap.5.xml:1447 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -5159,12 +5344,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1344 +#: sssd-ldap.5.xml:1462 msgid "ldap_connection_expire_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1347 +#: sssd-ldap.5.xml:1465 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -5173,34 +5358,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1355 sssd-ldap.5.xml:2433 +#: sssd-ldap.5.xml:1473 sssd-ldap.5.xml:2551 msgid "Default: 900 (15 minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1361 +#: sssd-ldap.5.xml:1479 msgid "ldap_page_size (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1364 +#: sssd-ldap.5.xml:1482 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1369 +#: sssd-ldap.5.xml:1487 msgid "Default: 1000" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1375 +#: sssd-ldap.5.xml:1493 msgid "ldap_disable_paging (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1378 +#: sssd-ldap.5.xml:1496 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -5208,14 +5393,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1384 +#: sssd-ldap.5.xml:1502 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1390 +#: sssd-ldap.5.xml:1508 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -5223,17 +5408,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1402 +#: sssd-ldap.5.xml:1520 msgid "ldap_disable_range_retrieval (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1405 +#: sssd-ldap.5.xml:1523 msgid "Disable Active Directory range retrieval." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1408 +#: sssd-ldap.5.xml:1526 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -5243,12 +5428,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1423 +#: sssd-ldap.5.xml:1541 msgid "ldap_sasl_minssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1426 +#: sssd-ldap.5.xml:1544 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -5256,17 +5441,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1432 +#: sssd-ldap.5.xml:1550 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1439 +#: sssd-ldap.5.xml:1557 msgid "ldap_deref_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1442 +#: sssd-ldap.5.xml:1560 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -5274,13 +5459,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1448 +#: sssd-ldap.5.xml:1566 msgid "" "You can turn off dereference lookups completely by setting the value to 0." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1452 +#: sssd-ldap.5.xml:1570 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -5289,7 +5474,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1460 +#: sssd-ldap.5.xml:1578 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -5297,26 +5482,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1473 +#: sssd-ldap.5.xml:1591 msgid "ldap_tls_reqcert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1476 +#: sssd-ldap.5.xml:1594 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1482 +#: sssd-ldap.5.xml:1600 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1486 +#: sssd-ldap.5.xml:1604 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5324,7 +5509,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1493 +#: sssd-ldap.5.xml:1611 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5332,7 +5517,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1499 +#: sssd-ldap.5.xml:1617 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -5340,41 +5525,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1505 +#: sssd-ldap.5.xml:1623 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1509 +#: sssd-ldap.5.xml:1627 msgid "Default: hard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1515 +#: sssd-ldap.5.xml:1633 msgid "ldap_tls_cacert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1518 +#: sssd-ldap.5.xml:1636 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1523 sssd-ldap.5.xml:1541 sssd-ldap.5.xml:1582 +#: sssd-ldap.5.xml:1641 sssd-ldap.5.xml:1659 sssd-ldap.5.xml:1700 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1530 +#: sssd-ldap.5.xml:1648 msgid "ldap_tls_cacertdir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1533 +#: sssd-ldap.5.xml:1651 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -5383,32 +5568,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1548 +#: sssd-ldap.5.xml:1666 msgid "ldap_tls_cert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1551 +#: sssd-ldap.5.xml:1669 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1561 +#: sssd-ldap.5.xml:1679 msgid "ldap_tls_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1564 +#: sssd-ldap.5.xml:1682 msgid "Specifies the file that contains the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1573 +#: sssd-ldap.5.xml:1691 msgid "ldap_tls_cipher_suite (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1576 +#: sssd-ldap.5.xml:1694 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -5416,24 +5601,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1589 +#: sssd-ldap.5.xml:1707 msgid "ldap_id_use_start_tls (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1592 +#: sssd-ldap.5.xml:1710 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1602 +#: sssd-ldap.5.xml:1720 msgid "ldap_id_mapping (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1605 +#: sssd-ldap.5.xml:1723 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -5441,17 +5626,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1611 +#: sssd-ldap.5.xml:1729 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1621 +#: sssd-ldap.5.xml:1739 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1624 +#: sssd-ldap.5.xml:1742 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -5462,29 +5647,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1636 +#: sssd-ldap.5.xml:1754 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1642 +#: sssd-ldap.5.xml:1760 msgid "ldap_sasl_mech (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1645 +#: sssd-ldap.5.xml:1763 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI is tested and " "supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1655 +#: sssd-ldap.5.xml:1773 msgid "ldap_sasl_authid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1658 +#: sssd-ldap.5.xml:1776 msgid "" "Specify the SASL authorization id to use. When GSSAPI is used, this " "represents the Kerberos principal used for authentication to the directory. " @@ -5493,17 +5678,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1666 +#: sssd-ldap.5.xml:1784 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1672 +#: sssd-ldap.5.xml:1790 msgid "ldap_sasl_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1675 +#: sssd-ldap.5.xml:1793 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -5511,49 +5696,49 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1681 +#: sssd-ldap.5.xml:1799 msgid "Default: the value of krb5_realm." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1687 +#: sssd-ldap.5.xml:1805 msgid "ldap_sasl_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1690 +#: sssd-ldap.5.xml:1808 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1695 +#: sssd-ldap.5.xml:1813 msgid "Default: false;" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1701 +#: sssd-ldap.5.xml:1819 msgid "ldap_krb5_keytab (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1704 +#: sssd-ldap.5.xml:1822 msgid "Specify the keytab to use when using SASL/GSSAPI." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1707 +#: sssd-ldap.5.xml:1825 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1713 +#: sssd-ldap.5.xml:1831 msgid "ldap_krb5_init_creds (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1716 +#: sssd-ldap.5.xml:1834 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -5561,27 +5746,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1728 +#: sssd-ldap.5.xml:1846 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1731 +#: sssd-ldap.5.xml:1849 msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1735 sssd-ad.5.xml:914 +#: sssd-ldap.5.xml:1853 sssd-ad.5.xml:934 msgid "Default: 86400 (24 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1741 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1859 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1744 +#: sssd-ldap.5.xml:1862 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -5593,7 +5778,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1756 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1874 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -5601,7 +5786,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1761 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1879 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -5609,39 +5794,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1770 sssd-ipa.5.xml:432 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1888 sssd-ipa.5.xml:428 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1773 +#: sssd-ldap.5.xml:1891 msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1776 +#: sssd-ldap.5.xml:1894 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1782 sssd-krb5.5.xml:462 +#: sssd-ldap.5.xml:1900 sssd-krb5.5.xml:462 msgid "krb5_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1785 +#: sssd-ldap.5.xml:1903 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1797 sssd-krb5.5.xml:477 +#: sssd-ldap.5.xml:1915 sssd-krb5.5.xml:477 msgid "krb5_use_kdcinfo (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1800 sssd-krb5.5.xml:480 +#: sssd-ldap.5.xml:1918 sssd-krb5.5.xml:480 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -5651,7 +5836,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1811 sssd-krb5.5.xml:491 +#: sssd-ldap.5.xml:1929 sssd-krb5.5.xml:491 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -5659,26 +5844,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1825 +#: sssd-ldap.5.xml:1943 msgid "ldap_pwd_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1828 +#: sssd-ldap.5.xml:1946 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1833 +#: sssd-ldap.5.xml:1951 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1838 +#: sssd-ldap.5.xml:1956 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -5686,7 +5871,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1844 +#: sssd-ldap.5.xml:1962 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -5694,31 +5879,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1853 +#: sssd-ldap.5.xml:1971 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1861 +#: sssd-ldap.5.xml:1979 msgid "ldap_referrals (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1864 +#: sssd-ldap.5.xml:1982 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1868 +#: sssd-ldap.5.xml:1986 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1873 +#: sssd-ldap.5.xml:1991 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -5727,56 +5912,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1887 +#: sssd-ldap.5.xml:2005 msgid "ldap_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1890 +#: sssd-ldap.5.xml:2008 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1894 +#: sssd-ldap.5.xml:2012 msgid "Default: ldap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1900 +#: sssd-ldap.5.xml:2018 msgid "ldap_chpass_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1903 +#: sssd-ldap.5.xml:2021 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1908 +#: sssd-ldap.5.xml:2026 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1914 +#: sssd-ldap.5.xml:2032 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1917 +#: sssd-ldap.5.xml:2035 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1929 +#: sssd-ldap.5.xml:2047 msgid "ldap_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1932 +#: sssd-ldap.5.xml:2050 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -5792,12 +5977,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1952 +#: sssd-ldap.5.xml:2070 msgid "Example:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1955 +#: sssd-ldap.5.xml:2073 #, no-wrap msgid "" "access_provider = ldap\n" @@ -5806,14 +5991,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1959 +#: sssd-ldap.5.xml:2077 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1964 +#: sssd-ldap.5.xml:2082 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -5822,24 +6007,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1972 sssd-ldap.5.xml:2029 +#: sssd-ldap.5.xml:2090 sssd-ldap.5.xml:2147 msgid "Default: Empty" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1978 +#: sssd-ldap.5.xml:2096 msgid "ldap_account_expire_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1981 +#: sssd-ldap.5.xml:2099 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1985 +#: sssd-ldap.5.xml:2103 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -5847,19 +6032,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1992 +#: sssd-ldap.5.xml:2110 msgid "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1995 +#: sssd-ldap.5.xml:2113 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2000 +#: sssd-ldap.5.xml:2118 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -5868,7 +6053,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2007 +#: sssd-ldap.5.xml:2125 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -5876,7 +6061,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2013 +#: sssd-ldap.5.xml:2131 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -5885,7 +6070,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2022 +#: sssd-ldap.5.xml:2140 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -5893,22 +6078,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2035 +#: sssd-ldap.5.xml:2153 msgid "ldap_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2038 +#: sssd-ldap.5.xml:2156 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2042 +#: sssd-ldap.5.xml:2160 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2045 +#: sssd-ldap.5.xml:2163 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -5918,14 +6103,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2055 +#: sssd-ldap.5.xml:2173 msgid "" "<emphasis> Please note that this option is superseded by the <quote>ppolicy</" "quote> option and might be removed in a future release. </emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2062 +#: sssd-ldap.5.xml:2180 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -5938,12 +6123,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2079 +#: sssd-ldap.5.xml:2197 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2083 +#: sssd-ldap.5.xml:2201 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " @@ -5953,7 +6138,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2093 +#: sssd-ldap.5.xml:2211 msgid "" "The difference between these options is the action taken if user password is " "expired: pwd_expire_policy_reject - user is denied to log in, " @@ -5963,63 +6148,63 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2101 +#: sssd-ldap.5.xml:2219 msgid "" "Note If user password is expired no explicit message is prompted by SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2105 +#: sssd-ldap.5.xml:2223 msgid "" "Please note that 'access_provider = ldap' must be set for this feature to " "work. Also 'ldap_pwd_policy' must be set to an appropriate password policy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2110 +#: sssd-ldap.5.xml:2228 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2115 +#: sssd-ldap.5.xml:2233 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2119 +#: sssd-ldap.5.xml:2237 msgid "" "<emphasis>rhost</emphasis>: use the rhost attribute to determine whether " "remote host can access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2123 +#: sssd-ldap.5.xml:2241 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control option" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2128 +#: sssd-ldap.5.xml:2246 msgid "Default: filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2131 +#: sssd-ldap.5.xml:2249 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2138 +#: sssd-ldap.5.xml:2256 msgid "ldap_pwdlockout_dn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2141 +#: sssd-ldap.5.xml:2259 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " @@ -6028,74 +6213,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2149 +#: sssd-ldap.5.xml:2267 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2152 +#: sssd-ldap.5.xml:2270 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2158 +#: sssd-ldap.5.xml:2276 msgid "ldap_deref (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2161 +#: sssd-ldap.5.xml:2279 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2166 +#: sssd-ldap.5.xml:2284 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2170 +#: sssd-ldap.5.xml:2288 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2175 +#: sssd-ldap.5.xml:2293 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2180 +#: sssd-ldap.5.xml:2298 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2185 +#: sssd-ldap.5.xml:2303 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2193 +#: sssd-ldap.5.xml:2311 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2196 +#: sssd-ldap.5.xml:2314 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2200 +#: sssd-ldap.5.xml:2318 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -6106,7 +6291,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2211 +#: sssd-ldap.5.xml:2329 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -6114,26 +6299,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2223 sssd-ifp.5.xml:136 +#: sssd-ldap.5.xml:2341 sssd-ifp.5.xml:136 #, fuzzy #| msgid "enum_cache_timeout (integer)" msgid "wildcard_limit (integer)" msgstr "enum_cache_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2226 +#: sssd-ldap.5.xml:2344 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2230 +#: sssd-ldap.5.xml:2348 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2234 +#: sssd-ldap.5.xml:2352 msgid "Default: 1000 (often the size of one page)" msgstr "" @@ -6148,12 +6333,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2244 +#: sssd-ldap.5.xml:2362 msgid "SUDO OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2246 +#: sssd-ldap.5.xml:2364 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -6161,208 +6346,208 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2257 +#: sssd-ldap.5.xml:2375 msgid "ldap_sudorule_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2260 +#: sssd-ldap.5.xml:2378 msgid "The object class of a sudo rule entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2263 +#: sssd-ldap.5.xml:2381 msgid "Default: sudoRole" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2269 +#: sssd-ldap.5.xml:2387 msgid "ldap_sudorule_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2272 +#: sssd-ldap.5.xml:2390 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2282 +#: sssd-ldap.5.xml:2400 msgid "ldap_sudorule_command (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2285 +#: sssd-ldap.5.xml:2403 msgid "The LDAP attribute that corresponds to the command name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2289 +#: sssd-ldap.5.xml:2407 msgid "Default: sudoCommand" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2295 +#: sssd-ldap.5.xml:2413 msgid "ldap_sudorule_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2298 +#: sssd-ldap.5.xml:2416 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2303 +#: sssd-ldap.5.xml:2421 msgid "Default: sudoHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2309 +#: sssd-ldap.5.xml:2427 msgid "ldap_sudorule_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2312 +#: sssd-ldap.5.xml:2430 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2316 +#: sssd-ldap.5.xml:2434 msgid "Default: sudoUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2322 +#: sssd-ldap.5.xml:2440 msgid "ldap_sudorule_option (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2325 +#: sssd-ldap.5.xml:2443 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2329 +#: sssd-ldap.5.xml:2447 msgid "Default: sudoOption" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2335 +#: sssd-ldap.5.xml:2453 msgid "ldap_sudorule_runasuser (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2338 +#: sssd-ldap.5.xml:2456 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2342 +#: sssd-ldap.5.xml:2460 msgid "Default: sudoRunAsUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2348 +#: sssd-ldap.5.xml:2466 msgid "ldap_sudorule_runasgroup (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2351 +#: sssd-ldap.5.xml:2469 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2355 +#: sssd-ldap.5.xml:2473 msgid "Default: sudoRunAsGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2361 +#: sssd-ldap.5.xml:2479 msgid "ldap_sudorule_notbefore (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2364 +#: sssd-ldap.5.xml:2482 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2368 +#: sssd-ldap.5.xml:2486 msgid "Default: sudoNotBefore" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2374 +#: sssd-ldap.5.xml:2492 msgid "ldap_sudorule_notafter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2377 +#: sssd-ldap.5.xml:2495 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2382 +#: sssd-ldap.5.xml:2500 msgid "Default: sudoNotAfter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2388 +#: sssd-ldap.5.xml:2506 msgid "ldap_sudorule_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2391 +#: sssd-ldap.5.xml:2509 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2395 +#: sssd-ldap.5.xml:2513 msgid "Default: sudoOrder" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2401 +#: sssd-ldap.5.xml:2519 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2404 +#: sssd-ldap.5.xml:2522 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2409 +#: sssd-ldap.5.xml:2527 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2414 +#: sssd-ldap.5.xml:2532 msgid "Default: 21600 (6 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2420 +#: sssd-ldap.5.xml:2538 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2423 +#: sssd-ldap.5.xml:2541 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest USN " @@ -6370,101 +6555,101 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2429 +#: sssd-ldap.5.xml:2547 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2439 +#: sssd-ldap.5.xml:2557 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2442 +#: sssd-ldap.5.xml:2560 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2453 +#: sssd-ldap.5.xml:2571 msgid "ldap_sudo_hostnames (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2456 +#: sssd-ldap.5.xml:2574 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2461 +#: sssd-ldap.5.xml:2579 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2466 sssd-ldap.5.xml:2489 sssd-ldap.5.xml:2507 -#: sssd-ldap.5.xml:2525 +#: sssd-ldap.5.xml:2584 sssd-ldap.5.xml:2607 sssd-ldap.5.xml:2625 +#: sssd-ldap.5.xml:2643 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2471 sssd-ldap.5.xml:2494 +#: sssd-ldap.5.xml:2589 sssd-ldap.5.xml:2612 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2477 +#: sssd-ldap.5.xml:2595 msgid "ldap_sudo_ip (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2480 +#: sssd-ldap.5.xml:2598 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2485 +#: sssd-ldap.5.xml:2603 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2500 +#: sssd-ldap.5.xml:2618 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2503 +#: sssd-ldap.5.xml:2621 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2518 +#: sssd-ldap.5.xml:2636 msgid "ldap_sudo_include_regexp (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2521 +#: sssd-ldap.5.xml:2639 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2537 +#: sssd-ldap.5.xml:2655 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -6473,111 +6658,111 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2547 +#: sssd-ldap.5.xml:2665 msgid "AUTOFS OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2549 +#: sssd-ldap.5.xml:2667 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2555 +#: sssd-ldap.5.xml:2673 msgid "ldap_autofs_map_master_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2558 +#: sssd-ldap.5.xml:2676 msgid "The name of the automount master map in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2561 +#: sssd-ldap.5.xml:2679 msgid "Default: auto.master" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2568 +#: sssd-ldap.5.xml:2686 msgid "ldap_autofs_map_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2571 +#: sssd-ldap.5.xml:2689 msgid "The object class of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2574 +#: sssd-ldap.5.xml:2692 msgid "Default: nisMap (rfc2307, autofs_provider=ad), otherwise automountMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2582 +#: sssd-ldap.5.xml:2700 msgid "ldap_autofs_map_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2585 +#: sssd-ldap.5.xml:2703 msgid "The name of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2588 +#: sssd-ldap.5.xml:2706 msgid "" "Default: nisMapName (rfc2307, autofs_provider=ad), otherwise automountMapName" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2596 +#: sssd-ldap.5.xml:2714 msgid "ldap_autofs_entry_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2599 +#: sssd-ldap.5.xml:2717 msgid "" "The object class of an automount entry in LDAP. The entry usually " "corresponds to a mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2604 +#: sssd-ldap.5.xml:2722 msgid "Default: nisObject (rfc2307, autofs_provider=ad), otherwise automount" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2612 +#: sssd-ldap.5.xml:2730 msgid "ldap_autofs_entry_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2615 sssd-ldap.5.xml:2630 +#: sssd-ldap.5.xml:2733 sssd-ldap.5.xml:2748 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2619 +#: sssd-ldap.5.xml:2737 msgid "Default: cn (rfc2307, autofs_provider=ad), otherwise automountKey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2627 +#: sssd-ldap.5.xml:2745 msgid "ldap_autofs_entry_value (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2634 +#: sssd-ldap.5.xml:2752 msgid "" "Default: nisMapEntry (rfc2307, autofs_provider=ad), otherwise " "automountInformation" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2553 +#: sssd-ldap.5.xml:2671 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " @@ -6586,32 +6771,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2645 +#: sssd-ldap.5.xml:2763 msgid "ADVANCED OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2652 +#: sssd-ldap.5.xml:2770 msgid "ldap_netgroup_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2657 +#: sssd-ldap.5.xml:2775 msgid "ldap_user_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2662 +#: sssd-ldap.5.xml:2780 msgid "ldap_group_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> -#: sssd-ldap.5.xml:2667 +#: sssd-ldap.5.xml:2785 msgid "<note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> -#: sssd-ldap.5.xml:2669 +#: sssd-ldap.5.xml:2787 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " @@ -6620,22 +6805,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist> -#: sssd-ldap.5.xml:2676 +#: sssd-ldap.5.xml:2794 msgid "</note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2678 +#: sssd-ldap.5.xml:2796 msgid "ldap_sudo_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2683 +#: sssd-ldap.5.xml:2801 msgid "ldap_autofs_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2647 +#: sssd-ldap.5.xml:2765 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -6644,14 +6829,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2698 sssd-simple.5.xml:131 sssd-ipa.5.xml:717 -#: sssd-ad.5.xml:1018 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 +#: sssd-ldap.5.xml:2816 sssd-simple.5.xml:131 sssd-ipa.5.xml:736 +#: sssd-ad.5.xml:1038 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 #: sssd-files.5.xml:71 sssd-session-recording.5.xml:144 msgid "EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2700 +#: sssd-ldap.5.xml:2818 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -6659,7 +6844,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2706 +#: sssd-ldap.5.xml:2824 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -6672,27 +6857,27 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2705 sssd-ldap.5.xml:2723 sssd-simple.5.xml:139 -#: sssd-ipa.5.xml:725 sssd-ad.5.xml:1026 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 +#: sssd-ldap.5.xml:2823 sssd-ldap.5.xml:2841 sssd-simple.5.xml:139 +#: sssd-ipa.5.xml:744 sssd-ad.5.xml:1046 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 #: sssd-files.5.xml:78 sssd-session-recording.5.xml:150 #: include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2717 +#: sssd-ldap.5.xml:2835 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2719 +#: sssd-ldap.5.xml:2837 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2724 +#: sssd-ldap.5.xml:2842 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -6708,13 +6893,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2739 sssd_krb5_locator_plugin.8.xml:61 sssd-simple.5.xml:148 -#: sssd-ad.5.xml:1041 sssd.8.xml:195 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2857 sssd_krb5_locator_plugin.8.xml:61 sssd-simple.5.xml:148 +#: sssd-ad.5.xml:1061 sssd.8.xml:230 sss_seed.8.xml:163 msgid "NOTES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2741 +#: sssd-ldap.5.xml:2859 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -7120,7 +7305,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:70 sssd-ipa.5.xml:76 sssd-ad.5.xml:100 +#: sssd-simple.5.xml:70 sssd-ipa.5.xml:82 sssd-ad.5.xml:113 msgid "" "Refer to the section <quote>DOMAIN SECTIONS</quote> of the <citerefentry> " "<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" @@ -7970,7 +8155,7 @@ msgstr "" #: sss-certmap.5.xml:577 msgid "" "This template will add the OID which is stored in the registeredID component " -"of the SAN as as dotted-decimal string." +"of the SAN as a dotted-decimal string." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> @@ -8061,30 +8246,38 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:67 msgid "" +"If <quote>auth_provider=ipa</quote> or <quote>access_provider=ipa</quote> is " +"configured in sssd.conf then the id_provider must also be set to <quote>ipa</" +"quote>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:73 +msgid "" "The IPA provider will use the PAC responder if the Kerberos tickets of users " "from trusted realms contain a PAC. To make configuration easier the PAC " "responder is started automatically if the IPA ID provider is configured." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:83 +#: sssd-ipa.5.xml:89 msgid "ipa_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:86 +#: sssd-ipa.5.xml:92 msgid "" "Specifies the name of the IPA domain. This is optional. If not provided, " "the configuration domain name is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:94 +#: sssd-ipa.5.xml:100 msgid "ipa_server, ipa_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:97 +#: sssd-ipa.5.xml:103 msgid "" "The comma-separated list of IP addresses or hostnames of the IPA servers to " "which SSSD should connect in the order of preference. For more information " @@ -8094,12 +8287,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:110 +#: sssd-ipa.5.xml:116 msgid "ipa_hostname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:113 +#: sssd-ipa.5.xml:119 msgid "" "Optional. May be set on machines where the hostname(5) does not reflect the " "fully qualified name used in the IPA domain to identify this host. The " @@ -8107,12 +8300,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:122 sssd-ad.5.xml:843 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:863 msgid "dyndns_update (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:125 +#: sssd-ipa.5.xml:131 msgid "" "Optional. This option tells SSSD to automatically update the DNS server " "built into FreeIPA with the IP address of this client. The update is secured " @@ -8122,14 +8315,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:134 sssd-ad.5.xml:857 +#: sssd-ipa.5.xml:140 sssd-ad.5.xml:877 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:139 +#: sssd-ipa.5.xml:145 msgid "" "NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_update</" "emphasis> option, users should migrate to using <emphasis>dyndns_update</" @@ -8137,12 +8330,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:151 sssd-ad.5.xml:868 +#: sssd-ipa.5.xml:157 sssd-ad.5.xml:888 msgid "dyndns_ttl (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:154 sssd-ad.5.xml:871 +#: sssd-ipa.5.xml:160 sssd-ad.5.xml:891 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -8150,7 +8343,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:159 +#: sssd-ipa.5.xml:165 msgid "" "NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_ttl</" "emphasis> option, users should migrate to using <emphasis>dyndns_ttl</" @@ -8158,17 +8351,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:165 +#: sssd-ipa.5.xml:171 msgid "Default: 1200 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:171 sssd-ad.5.xml:882 +#: sssd-ipa.5.xml:177 sssd-ad.5.xml:902 msgid "dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:174 sssd-ad.5.xml:885 +#: sssd-ipa.5.xml:180 sssd-ad.5.xml:905 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " @@ -8177,7 +8370,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:181 +#: sssd-ipa.5.xml:187 msgid "" "NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_iface</" "emphasis> option, users should migrate to using <emphasis>dyndns_iface</" @@ -8185,24 +8378,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:187 +#: sssd-ipa.5.xml:193 msgid "" "Default: Use the IP addresses of the interface which is used for IPA LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:191 sssd-ad.5.xml:896 +#: sssd-ipa.5.xml:197 sssd-ad.5.xml:916 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:197 sssd-ad.5.xml:947 +#: sssd-ipa.5.xml:203 sssd-ad.5.xml:967 msgid "dyndns_auth (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:200 sssd-ad.5.xml:950 +#: sssd-ipa.5.xml:206 sssd-ad.5.xml:970 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " @@ -8210,22 +8403,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:206 sssd-ad.5.xml:956 +#: sssd-ipa.5.xml:212 sssd-ad.5.xml:976 msgid "Default: GSS-TSIG" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:212 +#: sssd-ipa.5.xml:218 msgid "ipa_enable_dns_sites (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:215 sssd-ad.5.xml:197 +#: sssd-ipa.5.xml:221 sssd-ad.5.xml:210 msgid "Enables DNS sites - location based service discovery." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:219 +#: sssd-ipa.5.xml:225 msgid "" "If true and service discovery (see Service Discovery paragraph at the bottom " "of the man page) is enabled, then the SSSD will first attempt location " @@ -8237,12 +8430,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:238 sssd-ad.5.xml:902 +#: sssd-ipa.5.xml:244 sssd-ad.5.xml:922 msgid "dyndns_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:241 +#: sssd-ipa.5.xml:247 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -8250,228 +8443,215 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:254 sssd-ad.5.xml:920 +#: sssd-ipa.5.xml:260 sssd-ad.5.xml:940 msgid "dyndns_update_ptr (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:257 sssd-ad.5.xml:923 +#: sssd-ipa.5.xml:263 sssd-ad.5.xml:943 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:262 +#: sssd-ipa.5.xml:268 msgid "" "This option should be False in most IPA deployments as the IPA server " "generates the PTR records automatically when forward records are changed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:268 +#: sssd-ipa.5.xml:274 msgid "Default: False (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:274 sssd-ad.5.xml:934 +#: sssd-ipa.5.xml:280 sssd-ad.5.xml:954 msgid "dyndns_force_tcp (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:277 sssd-ad.5.xml:937 +#: sssd-ipa.5.xml:283 sssd-ad.5.xml:957 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:281 sssd-ad.5.xml:941 +#: sssd-ipa.5.xml:287 sssd-ad.5.xml:961 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:287 sssd-ad.5.xml:962 +#: sssd-ipa.5.xml:293 sssd-ad.5.xml:982 msgid "dyndns_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:290 sssd-ad.5.xml:965 +#: sssd-ipa.5.xml:296 sssd-ad.5.xml:985 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:295 sssd-ad.5.xml:970 +#: sssd-ipa.5.xml:301 sssd-ad.5.xml:990 msgid "" "Setting this option makes sense for environments where the DNS server is " "different from the identity server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:300 sssd-ad.5.xml:975 +#: sssd-ipa.5.xml:306 sssd-ad.5.xml:995 msgid "" "Please note that this option will be only used in fallback attempt when " "previous attempt using autodetected settings failed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:305 sssd-ad.5.xml:980 +#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1000 msgid "Default: None (let nsupdate choose the server)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:311 +#: sssd-ipa.5.xml:317 msgid "ipa_deskprofile_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:314 +#: sssd-ipa.5.xml:320 msgid "" "Optional. Use the given string as search base for Desktop Profile related " "objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:318 sssd-ipa.5.xml:331 +#: sssd-ipa.5.xml:324 sssd-ipa.5.xml:337 msgid "Default: Use base DN" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:324 +#: sssd-ipa.5.xml:330 msgid "ipa_hbac_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:327 +#: sssd-ipa.5.xml:333 msgid "Optional. Use the given string as search base for HBAC related objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:337 +#: sssd-ipa.5.xml:343 msgid "ipa_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:340 -msgid "Optional. Use the given string as search base for host objects." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:344 sssd-ipa.5.xml:363 sssd-ipa.5.xml:382 sssd-ipa.5.xml:401 -#: sssd-ipa.5.xml:420 -msgid "" -"See <quote>ldap_search_base</quote> for information about configuring " -"multiple search bases." -msgstr "" - -#. type: Content of: <listitem><para> -#: sssd-ipa.5.xml:349 sssd-ipa.5.xml:368 include/ldap_search_bases.xml:27 -msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" +#: sssd-ipa.5.xml:346 +msgid "Deprecated. Use ldap_host_search_base instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:356 +#: sssd-ipa.5.xml:352 msgid "ipa_selinux_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:359 +#: sssd-ipa.5.xml:355 msgid "Optional. Use the given string as search base for SELinux user maps." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:375 +#: sssd-ipa.5.xml:371 msgid "ipa_subdomains_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:378 +#: sssd-ipa.5.xml:374 msgid "Optional. Use the given string as search base for trusted domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:387 +#: sssd-ipa.5.xml:383 msgid "Default: the value of <emphasis>cn=trusts,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:394 +#: sssd-ipa.5.xml:390 msgid "ipa_master_domain_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:397 +#: sssd-ipa.5.xml:393 msgid "Optional. Use the given string as search base for master domain object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:406 +#: sssd-ipa.5.xml:402 msgid "Default: the value of <emphasis>cn=ad,cn=etc,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:413 +#: sssd-ipa.5.xml:409 msgid "ipa_views_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:416 +#: sssd-ipa.5.xml:412 msgid "Optional. Use the given string as search base for views containers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:425 +#: sssd-ipa.5.xml:421 msgid "Default: the value of <emphasis>cn=views,cn=accounts,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:435 +#: sssd-ipa.5.xml:431 msgid "" "The name of the Kerberos realm. This is optional and defaults to the value " "of <quote>ipa_domain</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:439 +#: sssd-ipa.5.xml:435 msgid "" "The name of the Kerberos realm has a special meaning in IPA - it is " "converted into the base DN to use for performing LDAP operations." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:447 sssd-ad.5.xml:989 +#: sssd-ipa.5.xml:443 sssd-ad.5.xml:1009 msgid "krb5_confd_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:450 sssd-ad.5.xml:992 +#: sssd-ipa.5.xml:446 sssd-ad.5.xml:1012 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:454 sssd-ad.5.xml:996 +#: sssd-ipa.5.xml:450 sssd-ad.5.xml:1016 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:458 sssd-ad.5.xml:1000 +#: sssd-ipa.5.xml:454 sssd-ad.5.xml:1020 msgid "" "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:465 +#: sssd-ipa.5.xml:461 msgid "ipa_deskprofile_refresh (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:468 +#: sssd-ipa.5.xml:464 msgid "" "The amount of time between lookups of the Desktop Profile rules against the " "IPA server. This will reduce the latency and load on the IPA server if there " @@ -8479,36 +8659,36 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:475 sssd-ipa.5.xml:505 sssd-ipa.5.xml:521 sssd-ad.5.xml:408 +#: sssd-ipa.5.xml:471 sssd-ipa.5.xml:501 sssd-ipa.5.xml:517 sssd-ad.5.xml:428 msgid "Default: 5 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:481 +#: sssd-ipa.5.xml:477 msgid "ipa_deskprofile_request_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:484 +#: sssd-ipa.5.xml:480 msgid "" "The amount of time between lookups of the Desktop Profile rules against the " "IPA server in case the last request did not return any rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:489 +#: sssd-ipa.5.xml:485 #, fuzzy #| msgid "Default: not set" msgid "Default: 60 (minutes)" msgstr "Oletus: ei asetettu" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:495 +#: sssd-ipa.5.xml:491 msgid "ipa_hbac_refresh (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:498 +#: sssd-ipa.5.xml:494 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server. " "This will reduce the latency and load on the IPA server if there are many " @@ -8516,12 +8696,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:511 +#: sssd-ipa.5.xml:507 msgid "ipa_hbac_selinux (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:514 +#: sssd-ipa.5.xml:510 msgid "" "The amount of time between lookups of the SELinux maps against the IPA " "server. This will reduce the latency and load on the IPA server if there are " @@ -8529,192 +8709,214 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:527 +#: sssd-ipa.5.xml:523 msgid "ipa_server_mode (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:530 +#: sssd-ipa.5.xml:526 msgid "" "This option will be set by the IPA installer (ipa-server-install) " "automatically and denotes if SSSD is running on an IPA server or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:535 +#: sssd-ipa.5.xml:531 msgid "" "On an IPA server SSSD will lookup users and groups from trusted domains " "directly while on a client it will ask an IPA server." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:536 +msgid "" +"NOTE: There are currently some assumptions that must be met when SSSD is " +"running on an IPA server." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ipa.5.xml:541 +msgid "" +"The <quote>ipa_server</quote> option must be configured to point to the IPA " +"server itself. This is already the default set by the IPA installer, so no " +"manual change is required." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ipa.5.xml:550 +msgid "" +"The <quote>full_name_format</quote> option must not be tweaked to only print " +"short names for users from trusted domains." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:546 +#: sssd-ipa.5.xml:565 msgid "ipa_automount_location (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:549 +#: sssd-ipa.5.xml:568 msgid "The automounter location this IPA client will be using" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:552 +#: sssd-ipa.5.xml:571 msgid "Default: The location named \"default\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:560 +#: sssd-ipa.5.xml:579 msgid "VIEWS AND OVERRIDES" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:569 +#: sssd-ipa.5.xml:588 msgid "ipa_view_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:572 +#: sssd-ipa.5.xml:591 msgid "Objectclass of the view container." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:575 +#: sssd-ipa.5.xml:594 msgid "Default: nsContainer" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:581 +#: sssd-ipa.5.xml:600 msgid "ipa_view_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:584 +#: sssd-ipa.5.xml:603 msgid "Name of the attribute holding the name of the view." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:594 +#: sssd-ipa.5.xml:613 msgid "ipa_override_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:597 +#: sssd-ipa.5.xml:616 msgid "Objectclass of the override objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:600 +#: sssd-ipa.5.xml:619 msgid "Default: ipaOverrideAnchor" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:606 +#: sssd-ipa.5.xml:625 msgid "ipa_anchor_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:609 +#: sssd-ipa.5.xml:628 msgid "" "Name of the attribute containing the reference to the original object in a " "remote domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:613 +#: sssd-ipa.5.xml:632 msgid "Default: ipaAnchorUUID" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:619 +#: sssd-ipa.5.xml:638 msgid "ipa_user_override_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:622 +#: sssd-ipa.5.xml:641 msgid "" "Name of the objectclass for user overrides. It is used to determine if the " "found override object is related to a user or a group." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:627 +#: sssd-ipa.5.xml:646 msgid "User overrides can contain attributes given by" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:630 +#: sssd-ipa.5.xml:649 msgid "ldap_user_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:633 +#: sssd-ipa.5.xml:652 msgid "ldap_user_uid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:636 +#: sssd-ipa.5.xml:655 msgid "ldap_user_gid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:639 +#: sssd-ipa.5.xml:658 msgid "ldap_user_gecos" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:642 +#: sssd-ipa.5.xml:661 msgid "ldap_user_home_directory" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:645 +#: sssd-ipa.5.xml:664 msgid "ldap_user_shell" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:648 +#: sssd-ipa.5.xml:667 msgid "ldap_user_ssh_public_key" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:653 +#: sssd-ipa.5.xml:672 msgid "Default: ipaUserOverride" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:659 +#: sssd-ipa.5.xml:678 msgid "ipa_group_override_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:662 +#: sssd-ipa.5.xml:681 msgid "" "Name of the objectclass for group overrides. It is used to determine if the " "found override object is related to a user or a group." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:667 +#: sssd-ipa.5.xml:686 msgid "Group overrides can contain attributes given by" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:670 +#: sssd-ipa.5.xml:689 msgid "ldap_group_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:673 +#: sssd-ipa.5.xml:692 msgid "ldap_group_gid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:678 +#: sssd-ipa.5.xml:697 msgid "Default: ipaGroupOverride" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:562 +#: sssd-ipa.5.xml:581 msgid "" "SSSD can handle views and overrides which are offered by FreeIPA 4.1 and " "later version. Since all paths and objectclasses are fixed on the server " @@ -8724,19 +8926,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ipa.5.xml:690 +#: sssd-ipa.5.xml:709 msgid "SUBDOMAINS PROVIDER" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:692 +#: sssd-ipa.5.xml:711 msgid "" "The IPA subdomains provider behaves slightly differently if it is configured " "explicitly or implicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:696 +#: sssd-ipa.5.xml:715 msgid "" "If the option 'subdomains_provider = ipa' is found in the domain section of " "sssd.conf, the IPA subdomains provider is configured explicitly, and all " @@ -8744,7 +8946,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:702 +#: sssd-ipa.5.xml:721 msgid "" "If the option 'subdomains_provider' is not set in the domain section of sssd." "conf but there is the option 'id_provider = ipa', the IPA subdomains " @@ -8756,7 +8958,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:719 +#: sssd-ipa.5.xml:738 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -8764,7 +8966,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:726 +#: sssd-ipa.5.xml:745 #, no-wrap msgid "" "[domain/example.com]\n" @@ -8800,7 +9002,7 @@ msgid "" "This provider requires that the machine be joined to the AD domain and a " "keytab is available. Back end communication occurs over a GSSAPI-encrypted " "channel, SSL/TLS options should not be used with the AD provider and will be " -"superceded by Kerberos usage." +"superseded by Kerberos usage." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> @@ -8848,8 +9050,16 @@ msgid "" "side." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ad.5.xml:79 +msgid "" +"If <quote>auth_provider=ad</quote> or <quote>access_provider=ad</quote> is " +"configured in sssd.conf then the id_provider must also be set to <quote>ad</" +"quote>." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:85 +#: sssd-ad.5.xml:91 #, no-wrap msgid "" "ldap_id_mapping = False\n" @@ -8857,20 +9067,25 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:79 +#: sssd-ad.5.xml:85 msgid "" "By default, the AD provider will map UID and GID values from the objectSID " "parameter in Active Directory. For details on this, see the <quote>ID " "MAPPING</quote> section below. If you want to disable ID mapping and instead " "rely on POSIX attributes defined in Active Directory, you should set " -"<placeholder type=\"programlisting\" id=\"0\"/> In order to retrieve users " -"and groups using POSIX attributes from trusted domains, the AD administrator " -"must make sure that the POSIX attributes are replicated to the Global " -"Catalog." +"<placeholder type=\"programlisting\" id=\"0\"/> If POSIX attributes should " +"be used, it is recommended for performance reasons that the attributes are " +"also replicated to the Global Catalog. If POSIX attributes are replicated, " +"SSSD will attempt to locate the domain of a requested numerical ID with the " +"help of the Global Catalog and only search that domain. In contrast, if " +"POSIX attributes are not replicated to the Global Catalog, SSSD must search " +"all the domains in the forest sequentially. Please note that the " +"<quote>cache_first</quote> option might be also helpful in speeding up " +"domainless searches." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:92 +#: sssd-ad.5.xml:105 msgid "" "Users, groups and other entities served by SSSD are always treated as case-" "insensitive in the AD provider for compatibility with Active Directory's " @@ -8878,38 +9093,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:107 +#: sssd-ad.5.xml:120 msgid "ad_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:110 +#: sssd-ad.5.xml:123 msgid "" "Specifies the name of the Active Directory domain. This is optional. If not " "provided, the configuration domain name is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:115 +#: sssd-ad.5.xml:128 msgid "" "For proper operation, this option should be specified as the lower-case " "version of the long version of the Active Directory domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:120 +#: sssd-ad.5.xml:133 msgid "" "The short domain name (also known as the NetBIOS or the flat name) is " "autodetected by the SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:127 +#: sssd-ad.5.xml:140 msgid "ad_enabled_domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:130 +#: sssd-ad.5.xml:143 msgid "" "A comma-separated list of enabled Active Directory domains. If provided, " "SSSD will ignore any domains not listed in this option. If left unset, all " @@ -8917,7 +9132,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:140 +#: sssd-ad.5.xml:153 #, no-wrap msgid "" "ad_enabled_domains = sales.example.com, eng.example.com\n" @@ -8925,7 +9140,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:136 +#: sssd-ad.5.xml:149 msgid "" "For proper operation, this option must be specified in all lower-case and as " "the fully qualified domain name of the Active Directory domain. For example: " @@ -8933,19 +9148,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:144 +#: sssd-ad.5.xml:157 msgid "" "The short domain name (also known as the NetBIOS or the flat name) will be " "autodetected by SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:154 +#: sssd-ad.5.xml:167 msgid "ad_server, ad_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:157 +#: sssd-ad.5.xml:170 msgid "" "The comma-separated list of hostnames of the AD servers to which SSSD should " "connect in order of preference. For more information on failover and server " @@ -8953,26 +9168,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:164 +#: sssd-ad.5.xml:177 msgid "" "This is optional if autodiscovery is enabled. For more information on " "service discovery, refer to the <quote>SERVICE DISCOVERY</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:169 +#: sssd-ad.5.xml:182 msgid "" "Note: Trusted domains will always auto-discover servers even if the primary " "server is explicitly defined in the ad_server option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:177 +#: sssd-ad.5.xml:190 msgid "ad_hostname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:180 +#: sssd-ad.5.xml:193 msgid "" "Optional. May be set on machines where the hostname(5) does not reflect the " "fully qualified name used in the Active Directory domain to identify this " @@ -8980,19 +9195,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:186 +#: sssd-ad.5.xml:199 msgid "" "This field is used to determine the host principal in use in the keytab. It " "must match the hostname for which the keytab was issued." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:194 +#: sssd-ad.5.xml:207 msgid "ad_enable_dns_sites (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:201 +#: sssd-ad.5.xml:214 msgid "" "If true and service discovery (see Service Discovery paragraph at the bottom " "of the man page) is enabled, the SSSD will first attempt to discover the " @@ -9003,12 +9218,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:217 +#: sssd-ad.5.xml:230 msgid "ad_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:220 +#: sssd-ad.5.xml:233 msgid "" "This option specifies LDAP access control filter that the user must match in " "order to be allowed access. Please note that the <quote>access_provider</" @@ -9017,7 +9232,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:228 +#: sssd-ad.5.xml:241 msgid "" "The option also supports specifying different filters per domain or forest. " "This extended filter would consist of: <quote>KEYWORD:NAME:FILTER</quote>. " @@ -9026,7 +9241,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:236 +#: sssd-ad.5.xml:249 msgid "" "If the keyword equals to <quote>DOM</quote> or is missing, then <quote>NAME</" "quote> specifies the domain or subdomain the filter applies to. If the " @@ -9035,14 +9250,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:244 +#: sssd-ad.5.xml:257 msgid "" "Multiple filters can be separated with the <quote>?</quote> character, " "similarly to how search bases work." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:249 +#: sssd-ad.5.xml:262 msgid "" "Nested group membership must be searched for using a special OID " "<quote>:1.2.840.113556.1.4.1941:</quote> in addition to the full DOM:domain." @@ -9055,7 +9270,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:262 +#: sssd-ad.5.xml:275 msgid "" "The most specific match is always used. For example, if the option specified " "filter for a domain the user is a member of and a global filter, the per-" @@ -9064,7 +9279,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ad.5.xml:273 +#: sssd-ad.5.xml:286 #, no-wrap msgid "" "# apply filter on domain called dom1 only:\n" @@ -9082,24 +9297,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:292 +#: sssd-ad.5.xml:305 msgid "ad_site (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:295 +#: sssd-ad.5.xml:308 msgid "" "Specify AD site to which client should try to connect. If this option is " "not provided, the AD site will be auto-discovered." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:306 +#: sssd-ad.5.xml:319 msgid "ad_enable_gc (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:309 +#: sssd-ad.5.xml:322 msgid "" "By default, the SSSD connects to the Global Catalog first to retrieve users " "from trusted domains and uses the LDAP port to retrieve group memberships or " @@ -9108,7 +9323,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:317 +#: sssd-ad.5.xml:330 msgid "" "Please note that disabling Global Catalog support does not disable " "retrieving users from trusted domains. The SSSD would connect to the LDAP " @@ -9117,12 +9332,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:331 +#: sssd-ad.5.xml:344 msgid "ad_gpo_access_control (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:334 +#: sssd-ad.5.xml:347 msgid "" "This option specifies the operation mode for GPO-based access control " "functionality: whether it operates in disabled mode, enforcing mode, or " @@ -9132,14 +9347,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:343 +#: sssd-ad.5.xml:356 msgid "" "GPO-based access control functionality uses GPO policy settings to determine " "whether or not a particular user is allowed to logon to a particular host." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:349 +#: sssd-ad.5.xml:362 +msgid "" +"NOTE: The current version of SSSD does not support host (computer) entries " +"in the GPO 'Security Filtering' list. Only user and group entries are " +"supported. Host entries in the list have no effect." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:369 msgid "" "NOTE: If the operation mode is set to enforcing, it is possible that users " "that were previously allowed logon access will now be denied logon access " @@ -9152,23 +9375,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:362 +#: sssd-ad.5.xml:382 msgid "There are three supported values for this option:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:366 +#: sssd-ad.5.xml:386 msgid "" "disabled: GPO-based access control rules are neither evaluated nor enforced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:372 +#: sssd-ad.5.xml:392 msgid "enforcing: GPO-based access control rules are evaluated and enforced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:378 +#: sssd-ad.5.xml:398 msgid "" "permissive: GPO-based access control rules are evaluated, but not enforced. " "Instead, a syslog message will be emitted indicating that the user would " @@ -9176,22 +9399,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:389 +#: sssd-ad.5.xml:409 msgid "Default: permissive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:392 +#: sssd-ad.5.xml:412 msgid "Default: enforcing" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:398 +#: sssd-ad.5.xml:418 msgid "ad_gpo_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:401 +#: sssd-ad.5.xml:421 msgid "" "The amount of time between lookups of GPO policy files against the AD " "server. This will reduce the latency and load on the AD server if there are " @@ -9199,12 +9422,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:414 +#: sssd-ad.5.xml:434 msgid "ad_gpo_map_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:417 +#: sssd-ad.5.xml:437 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the InteractiveLogonRight and " @@ -9212,14 +9435,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:423 +#: sssd-ad.5.xml:443 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on locally\" and \"Deny log on locally\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:437 +#: sssd-ad.5.xml:457 #, no-wrap msgid "" "ad_gpo_map_interactive = +my_pam_service, -login\n" @@ -9227,7 +9450,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:428 +#: sssd-ad.5.xml:448 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9239,78 +9462,78 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:441 sssd-ad.5.xml:537 sssd-ad.5.xml:583 sssd-ad.5.xml:628 -#: sssd-ad.5.xml:694 +#: sssd-ad.5.xml:461 sssd-ad.5.xml:557 sssd-ad.5.xml:603 sssd-ad.5.xml:648 +#: sssd-ad.5.xml:714 msgid "Default: the default set of PAM service names includes:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:445 +#: sssd-ad.5.xml:465 msgid "login" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:450 +#: sssd-ad.5.xml:470 msgid "su" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:455 +#: sssd-ad.5.xml:475 msgid "su-l" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:460 +#: sssd-ad.5.xml:480 msgid "gdm-fingerprint" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:465 +#: sssd-ad.5.xml:485 msgid "gdm-password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:470 +#: sssd-ad.5.xml:490 msgid "gdm-smartcard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:475 +#: sssd-ad.5.xml:495 msgid "kdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:480 +#: sssd-ad.5.xml:500 msgid "lightdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:485 +#: sssd-ad.5.xml:505 msgid "lxdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:490 +#: sssd-ad.5.xml:510 msgid "sddm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:495 +#: sssd-ad.5.xml:515 msgid "unity" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:500 +#: sssd-ad.5.xml:520 msgid "xdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:509 +#: sssd-ad.5.xml:529 msgid "ad_gpo_map_remote_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:512 +#: sssd-ad.5.xml:532 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the RemoteInteractiveLogonRight and " @@ -9318,7 +9541,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:518 +#: sssd-ad.5.xml:538 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on through Remote Desktop Services\" and \"Deny log on through Remote " @@ -9326,7 +9549,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:533 +#: sssd-ad.5.xml:553 #, no-wrap msgid "" "ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n" @@ -9334,7 +9557,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:524 +#: sssd-ad.5.xml:544 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9346,22 +9569,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:541 +#: sssd-ad.5.xml:561 msgid "sshd" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:546 +#: sssd-ad.5.xml:566 msgid "cockpit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:555 +#: sssd-ad.5.xml:575 msgid "ad_gpo_map_network (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:558 +#: sssd-ad.5.xml:578 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the NetworkLogonRight and " @@ -9369,7 +9592,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:564 +#: sssd-ad.5.xml:584 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Access " "this computer from the network\" and \"Deny access to this computer from the " @@ -9377,7 +9600,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:579 +#: sssd-ad.5.xml:599 #, no-wrap msgid "" "ad_gpo_map_network = +my_pam_service, -ftp\n" @@ -9385,7 +9608,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:570 +#: sssd-ad.5.xml:590 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9397,22 +9620,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:587 +#: sssd-ad.5.xml:607 msgid "ftp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:592 +#: sssd-ad.5.xml:612 msgid "samba" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:601 +#: sssd-ad.5.xml:621 msgid "ad_gpo_map_batch (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:604 +#: sssd-ad.5.xml:624 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " @@ -9420,14 +9643,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:610 +#: sssd-ad.5.xml:630 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a batch job\" and \"Deny log on as a batch job\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:624 +#: sssd-ad.5.xml:644 #, no-wrap msgid "" "ad_gpo_map_batch = +my_pam_service, -crond\n" @@ -9435,7 +9658,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:615 +#: sssd-ad.5.xml:635 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9447,17 +9670,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:632 +#: sssd-ad.5.xml:652 msgid "crond" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:641 +#: sssd-ad.5.xml:661 msgid "ad_gpo_map_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:644 +#: sssd-ad.5.xml:664 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the ServiceLogonRight and " @@ -9465,14 +9688,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:650 +#: sssd-ad.5.xml:670 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a service\" and \"Deny log on as a service\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:663 +#: sssd-ad.5.xml:683 #, no-wrap msgid "" "ad_gpo_map_service = +my_pam_service\n" @@ -9480,7 +9703,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:655 sssd-ad.5.xml:730 +#: sssd-ad.5.xml:675 sssd-ad.5.xml:750 msgid "" "It is possible to add a PAM service name to the default set by using <quote>" "+service_name</quote>. Since the default set is empty, it is not possible " @@ -9491,19 +9714,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:673 +#: sssd-ad.5.xml:693 msgid "ad_gpo_map_permit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:676 +#: sssd-ad.5.xml:696 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always granted, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:690 +#: sssd-ad.5.xml:710 #, no-wrap msgid "" "ad_gpo_map_permit = +my_pam_service, -sudo\n" @@ -9511,7 +9734,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:681 +#: sssd-ad.5.xml:701 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9523,39 +9746,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:698 +#: sssd-ad.5.xml:718 msgid "polkit-1" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:703 +#: sssd-ad.5.xml:723 msgid "sudo" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:708 +#: sssd-ad.5.xml:728 msgid "sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:713 +#: sssd-ad.5.xml:733 msgid "systemd-user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:722 +#: sssd-ad.5.xml:742 msgid "ad_gpo_map_deny (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:725 +#: sssd-ad.5.xml:745 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always denied, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:738 +#: sssd-ad.5.xml:758 #, no-wrap msgid "" "ad_gpo_map_deny = +my_pam_service\n" @@ -9563,12 +9786,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:748 +#: sssd-ad.5.xml:768 msgid "ad_gpo_default_right (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:751 +#: sssd-ad.5.xml:771 msgid "" "This option defines how access control is evaluated for PAM service names " "that are not explicitly listed in one of the ad_gpo_map_* options. This " @@ -9581,57 +9804,57 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:764 +#: sssd-ad.5.xml:784 msgid "Supported values for this option include:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:768 +#: sssd-ad.5.xml:788 msgid "interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:773 +#: sssd-ad.5.xml:793 msgid "remote_interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:778 +#: sssd-ad.5.xml:798 msgid "network" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:783 +#: sssd-ad.5.xml:803 msgid "batch" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:788 +#: sssd-ad.5.xml:808 msgid "service" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:793 +#: sssd-ad.5.xml:813 msgid "permit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:798 +#: sssd-ad.5.xml:818 msgid "deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:804 +#: sssd-ad.5.xml:824 msgid "Default: deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:810 +#: sssd-ad.5.xml:830 msgid "ad_maximum_machine_account_password_age (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:813 +#: sssd-ad.5.xml:833 msgid "" "SSSD will check once a day if the machine account password is older than the " "given age in days and try to renew it. A value of 0 will disable the renewal " @@ -9639,17 +9862,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:819 +#: sssd-ad.5.xml:839 msgid "Default: 30 days" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:825 +#: sssd-ad.5.xml:845 msgid "ad_machine_account_password_renewal_opts (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:828 +#: sssd-ad.5.xml:848 msgid "" "This option should only be used to test the machine account renewal task. " "The option expects 2 integers separated by a colon (':'). The first integer " @@ -9659,12 +9882,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:837 +#: sssd-ad.5.xml:857 msgid "Default: 86400:750 (24h and 15m)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:846 +#: sssd-ad.5.xml:866 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -9675,19 +9898,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:876 +#: sssd-ad.5.xml:896 msgid "Default: 3600 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:892 +#: sssd-ad.5.xml:912 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:905 +#: sssd-ad.5.xml:925 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -9697,12 +9920,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:928 sss_rpcidmapd.5.xml:76 +#: sssd-ad.5.xml:948 sss_rpcidmapd.5.xml:76 msgid "Default: True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1020 +#: sssd-ad.5.xml:1040 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -9710,7 +9933,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1027 +#: sssd-ad.5.xml:1047 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -9725,7 +9948,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1047 +#: sssd-ad.5.xml:1067 #, no-wrap msgid "" "access_provider = ldap\n" @@ -9734,7 +9957,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1043 +#: sssd-ad.5.xml:1063 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -9742,7 +9965,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1053 +#: sssd-ad.5.xml:1073 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -9752,7 +9975,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1061 +#: sssd-ad.5.xml:1081 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " @@ -10062,33 +10285,73 @@ msgid "" "files for every SSSD service and domain." msgstr "" +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:94 +msgid "" +"This option is deprecated. It is replaced by <option>--logger=files</option>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sssd.8.xml:101 +msgid "<option>--logger=</option><replaceable>value</replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:105 +msgid "" +"Location where SSSD will send log messages. This option overrides the value " +"of the deprecated option <option>--debug-to-files</option>. The deprecated " +"option will still work if the <option>--logger</option> is not used." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:112 +msgid "" +"<emphasis>stderr</emphasis>: Redirect debug messages to standard error " +"output." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:116 +msgid "" +"<emphasis>files</emphasis>: Redirect debug messages to the log files. By " +"default, the log files are stored in <filename>/var/log/sssd</filename> and " +"there are separate log files for every SSSD service and domain." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:122 +msgid "" +"<emphasis>journald</emphasis>: Redirect debug messages to systemd-journald" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:97 +#: sssd.8.xml:132 msgid "<option>-D</option>,<option>--daemon</option>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:101 +#: sssd.8.xml:136 msgid "Become a daemon after starting up." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:107 sss_seed.8.xml:136 +#: sssd.8.xml:142 sss_seed.8.xml:136 msgid "<option>-i</option>,<option>--interactive</option>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:111 +#: sssd.8.xml:146 msgid "Run in the foreground, don't become a daemon." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:117 +#: sssd.8.xml:152 msgid "<option>-c</option>,<option>--config</option>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:121 +#: sssd.8.xml:156 msgid "" "Specify a non-default config file. The default is <filename>/etc/sssd/sssd." "conf</filename>. For reference on the config file syntax and options, " @@ -10097,39 +10360,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:135 +#: sssd.8.xml:170 msgid "<option>--version</option>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:139 +#: sssd.8.xml:174 msgid "Print version number and exit." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.8.xml:147 +#: sssd.8.xml:182 msgid "Signals" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:150 +#: sssd.8.xml:185 msgid "SIGTERM/SIGINT" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:153 +#: sssd.8.xml:188 msgid "" "Informs the SSSD to gracefully terminate all of its child processes and then " "shut down the monitor." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:159 +#: sssd.8.xml:194 msgid "SIGHUP" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:162 +#: sssd.8.xml:197 msgid "" "Tells the SSSD to stop writing to its current debug file descriptors and to " "close and reopen them. This is meant to facilitate log rolling with programs " @@ -10137,12 +10400,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:170 +#: sssd.8.xml:205 msgid "SIGUSR1" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:173 +#: sssd.8.xml:208 msgid "" "Tells the SSSD to simulate offline operation for the duration of the " "<quote>offline_timeout</quote> parameter. This is useful for testing. The " @@ -10151,12 +10414,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:182 +#: sssd.8.xml:217 msgid "SIGUSR2" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:185 +#: sssd.8.xml:220 msgid "" "Tells the SSSD to go online immediately. This is useful for testing. The " "signal can be sent to either the sssd process or any sssd_be process " @@ -10164,7 +10427,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.8.xml:197 +#: sssd.8.xml:232 msgid "" "If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", client " "applications will not use the fast in memory cache." @@ -12522,7 +12785,7 @@ msgid "" "project was born to deal with this problem in cloud like environments, but " "we found the idea compelling even at a single system level. As a security " "service, SSSD is ideal to host this capability while offering the same API " -"via a Unix Socket. This will make it possible to use local calls and have " +"via a UNIX Socket. This will make it possible to use local calls and have " "them transparently routed to a local or a remote key management store like " "IPA Vault for storage, escrow and recovery." msgstr "" diff --git a/src/man/po/fr.po b/src/man/po/fr.po index f7309b1d142..5e0a58defa8 100644 --- a/src/man/po/fr.po +++ b/src/man/po/fr.po @@ -16,7 +16,7 @@ msgid "" msgstr "" "Project-Id-Version: sssd-docs 1.15.3\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2017-10-20 16:15+0200\n" +"POT-Creation-Date: 2018-03-09 12:30+0100\n" "PO-Revision-Date: 2016-03-19 03:04-0400\n" "Last-Translator: Jean-Baptiste Holcroft <jean-baptiste@holcroft.fr>\n" "Language-Team: French (http://www.transifex.com/projects/p/sssd/language/" @@ -340,9 +340,9 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:133 sssd.conf.5.xml:543 sssd.conf.5.xml:837 -#: sssd.conf.5.xml:1467 sssd-ldap.5.xml:1722 sssd-ldap.5.xml:1819 -#: sssd-ldap.5.xml:1881 sssd-ldap.5.xml:2447 sssd-ldap.5.xml:2512 -#: sssd-ldap.5.xml:2530 sssd-ad.5.xml:211 sssd-ad.5.xml:325 sssd-ad.5.xml:862 +#: sssd.conf.5.xml:1474 sssd-ldap.5.xml:1840 sssd-ldap.5.xml:1937 +#: sssd-ldap.5.xml:1999 sssd-ldap.5.xml:2565 sssd-ldap.5.xml:2630 +#: sssd-ldap.5.xml:2648 sssd-ad.5.xml:224 sssd-ad.5.xml:338 sssd-ad.5.xml:882 #: sssd-krb5.5.xml:499 sssd-secrets.5.xml:351 sssd-secrets.5.xml:364 msgid "Default: true" msgstr "Par défaut : true" @@ -364,16 +364,16 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:146 sssd.conf.5.xml:540 sssd.conf.5.xml:721 -#: sssd.conf.5.xml:1400 sssd.conf.5.xml:2865 sssd-ldap.5.xml:708 -#: sssd-ldap.5.xml:1596 sssd-ldap.5.xml:1615 sssd-ldap.5.xml:1791 -#: sssd-ldap.5.xml:2217 sssd-ipa.5.xml:145 sssd-ipa.5.xml:232 -#: sssd-ipa.5.xml:540 sssd-krb5.5.xml:266 sssd-krb5.5.xml:300 +#: sssd.conf.5.xml:1407 sssd.conf.5.xml:2925 sssd-ldap.5.xml:708 +#: sssd-ldap.5.xml:1714 sssd-ldap.5.xml:1733 sssd-ldap.5.xml:1909 +#: sssd-ldap.5.xml:2335 sssd-ipa.5.xml:151 sssd-ipa.5.xml:238 +#: sssd-ipa.5.xml:559 sssd-krb5.5.xml:266 sssd-krb5.5.xml:300 #: sssd-krb5.5.xml:471 msgid "Default: false" msgstr "Par défaut : false" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2255 +#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2373 #: sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 sssd-systemtap.5.xml:210 #: sssd-systemtap.5.xml:248 sssd-systemtap.5.xml:304 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" @@ -398,8 +398,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:169 sssd.conf.5.xml:1352 sssd.conf.5.xml:2881 -#: sssd-ldap.5.xml:1467 include/ldap_id_mapping.xml:264 +#: sssd.conf.5.xml:169 sssd.conf.5.xml:1359 sssd.conf.5.xml:2941 +#: sssd-ldap.5.xml:1585 include/ldap_id_mapping.xml:264 msgid "Default: 10" msgstr "Par défaut : 10" @@ -414,7 +414,7 @@ msgid "The [sssd] section" msgstr "La section [sssd]" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:191 sssd.conf.5.xml:2970 +#: sssd.conf.5.xml:191 sssd.conf.5.xml:3030 msgid "Section parameters" msgstr "Paramètres de sections" @@ -442,7 +442,7 @@ msgstr "services" msgid "" "Comma separated list of services that are started when sssd itself starts. " "<phrase condition=\"have_systemd\"> The services' list is optional on " -"platforms where systemd is supported, as they will either be socket or dbus " +"platforms where systemd is supported, as they will either be socket or D-Bus " "activated when needed. </phrase>" msgstr "" @@ -503,7 +503,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:259 sssd.conf.5.xml:2508 +#: sssd.conf.5.xml:259 sssd.conf.5.xml:2539 msgid "re_expression (string)" msgstr "re_expression (chaîne)" @@ -525,12 +525,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:276 sssd.conf.5.xml:2559 +#: sssd.conf.5.xml:276 sssd.conf.5.xml:2590 msgid "full_name_format (string)" msgstr "full_name_format (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:279 sssd.conf.5.xml:2562 +#: sssd.conf.5.xml:279 sssd.conf.5.xml:2593 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -542,33 +542,33 @@ msgstr "" "domaine." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:290 sssd.conf.5.xml:2573 +#: sssd.conf.5.xml:290 sssd.conf.5.xml:2604 msgid "%1$s" msgstr "%1$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:291 sssd.conf.5.xml:2574 +#: sssd.conf.5.xml:291 sssd.conf.5.xml:2605 msgid "user name" msgstr "nom d'utilisateur" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:294 sssd.conf.5.xml:2577 +#: sssd.conf.5.xml:294 sssd.conf.5.xml:2608 msgid "%2$s" msgstr "%2$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:297 sssd.conf.5.xml:2580 +#: sssd.conf.5.xml:297 sssd.conf.5.xml:2611 msgid "domain name as specified in the SSSD config file." msgstr "" "nom de domaine tel qu'indiqué dans le fichier de configuration de SSSD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:303 sssd.conf.5.xml:2586 +#: sssd.conf.5.xml:303 sssd.conf.5.xml:2617 msgid "%3$s" msgstr "%3$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:306 sssd.conf.5.xml:2589 +#: sssd.conf.5.xml:306 sssd.conf.5.xml:2620 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." @@ -578,7 +578,7 @@ msgstr "" "d'approbation IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:287 sssd.conf.5.xml:2570 +#: sssd.conf.5.xml:287 sssd.conf.5.xml:2601 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -736,12 +736,13 @@ msgstr "" "use_fully_qualified_names à False." #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:418 sssd.conf.5.xml:1156 sssd-ldap.5.xml:679 -#: sssd-ldap.5.xml:1555 sssd-ldap.5.xml:1567 sssd-ldap.5.xml:1649 -#: sssd-ad.5.xml:667 sssd-ad.5.xml:742 sssd-krb5.5.xml:410 sssd-krb5.5.xml:556 -#: sssd-secrets.5.xml:339 sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 -#: sssd-secrets.5.xml:404 sssd-secrets.5.xml:415 -#: include/ldap_id_mapping.xml:205 include/ldap_id_mapping.xml:216 +#: sssd.conf.5.xml:418 sssd.conf.5.xml:1163 sssd-ldap.5.xml:679 +#: sssd-ldap.5.xml:1319 sssd-ldap.5.xml:1673 sssd-ldap.5.xml:1685 +#: sssd-ldap.5.xml:1767 sssd-ad.5.xml:687 sssd-ad.5.xml:762 sssd.8.xml:126 +#: sssd-krb5.5.xml:410 sssd-krb5.5.xml:556 sssd-secrets.5.xml:339 +#: sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 sssd-secrets.5.xml:404 +#: sssd-secrets.5.xml:415 include/ldap_id_mapping.xml:205 +#: include/ldap_id_mapping.xml:216 msgid "Default: not set" msgstr "Par défaut : non défini" @@ -934,8 +935,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:587 sssd.conf.5.xml:1364 sssd.conf.5.xml:2931 -#: sssd-ad.5.xml:148 sssd-ad.5.xml:286 sssd-ad.5.xml:300 +#: sssd.conf.5.xml:587 sssd.conf.5.xml:1371 sssd.conf.5.xml:2991 +#: sssd-ad.5.xml:161 sssd-ad.5.xml:299 sssd-ad.5.xml:313 msgid "Default: Not set" msgstr "Par défaut : non défini" @@ -1026,7 +1027,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:655 sssd.conf.5.xml:687 sssd.conf.5.xml:968 -#: sssd.conf.5.xml:1222 sssd-ldap.5.xml:1294 +#: sssd.conf.5.xml:1229 sssd-ldap.5.xml:1412 msgid "Default: 60" msgstr "Par défaut : 60" @@ -1081,12 +1082,12 @@ msgid "" "resource exhaustion on the system. The minimum acceptable value for this " "option is 60 seconds. Setting this option to 0 (zero) means that no timeout " "will be set up to the responder. This option only has effect when SSSD is " -"built with systemd support and when services are either socket or dbus " +"built with systemd support and when services are either socket or D-Bus " "activated." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:709 sssd.conf.5.xml:980 sssd.conf.5.xml:1559 +#: sssd.conf.5.xml:709 sssd.conf.5.xml:981 sssd.conf.5.xml:1566 #: sssd-ldap.5.xml:722 msgid "Default: 300" msgstr "Par défaut : 300" @@ -1181,7 +1182,7 @@ msgstr "" "de non réponse à moins de 10 secondes (0 pour désactiver l'option)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:775 sssd.conf.5.xml:1421 +#: sssd.conf.5.xml:775 sssd.conf.5.xml:1428 msgid "Default: 50" msgstr "Par défaut : 50" @@ -1203,7 +1204,7 @@ msgstr "" "appel au moteur." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:789 sssd.conf.5.xml:1445 +#: sssd.conf.5.xml:789 sssd.conf.5.xml:1452 msgid "Default: 15" msgstr "Par défaut : 15" @@ -1220,7 +1221,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:802 sssd.conf.5.xml:1210 sssd.conf.5.xml:2815 sssd.8.xml:79 +#: sssd.conf.5.xml:802 sssd.conf.5.xml:1217 sssd.conf.5.xml:2846 sssd.8.xml:79 msgid "Default: 0" msgstr "Par défaut : 0" @@ -1298,7 +1299,7 @@ msgstr "" " " #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:856 sssd.conf.5.xml:1289 sssd.conf.5.xml:1308 +#: sssd.conf.5.xml:856 sssd.conf.5.xml:1296 sssd.conf.5.xml:1315 #: sssd-krb5.5.xml:539 include/override_homedir.xml:59 msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "exemple : <placeholder type=\"programlisting\" id=\"0\"/>" @@ -1464,12 +1465,12 @@ msgstr "" "nécessaire, habituellement /bin/sh)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:961 sssd.conf.5.xml:1215 +#: sssd.conf.5.xml:961 sssd.conf.5.xml:1222 msgid "get_domains_timeout (int)" msgstr "get_domains_timeout (int)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:964 sssd.conf.5.xml:1218 +#: sssd.conf.5.xml:964 sssd.conf.5.xml:1225 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." @@ -1486,23 +1487,30 @@ msgstr "memcache_timeout (int)" #: sssd.conf.5.xml:976 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " -"valid." +"valid. Setting this option to zero will disable the in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:983 +#: sssd.conf.5.xml:984 +msgid "" +"WARNING: Disabling the in-memory cache will have significant negative impact " +"on SSSD's performance and should only be used for testing." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:990 msgid "" "NOTE: If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", " "client applications will not use the fast in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:991 sssd-ifp.5.xml:74 +#: sssd.conf.5.xml:998 sssd-ifp.5.xml:74 msgid "user_attributes (string)" msgstr "user_attributes (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:994 +#: sssd.conf.5.xml:1001 msgid "" "Some of the additional NSS responder requests can return more attributes " "than just the POSIX ones defined by the NSS interface. The list of " @@ -1513,48 +1521,48 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1007 +#: sssd.conf.5.xml:1014 msgid "" "To make configuration more easy the NSS responder will check the InfoPipe " "option if it is not set for the NSS responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1012 +#: sssd.conf.5.xml:1019 msgid "Default: not set, fallback to InfoPipe option" msgstr "Par défaut : non défini, repli sur l'option InfoPipe" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1017 +#: sssd.conf.5.xml:1024 msgid "pwfield (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1020 +#: sssd.conf.5.xml:1027 msgid "" "The value that NSS operations that return users or groups will return for " "the <quote>password</quote> field." msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:1025 include/override_homedir.xml:56 +#: sssd.conf.5.xml:1032 include/override_homedir.xml:56 msgid "This option can also be set per-domain." msgstr "Cette option peut aussi être définie pour chaque domaine." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1028 +#: sssd.conf.5.xml:1035 msgid "" "Default: <quote>*</quote> (remote domains) or <quote>x</quote> (the files " "domain)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1036 +#: sssd.conf.5.xml:1043 msgid "PAM configuration options" msgstr "Options de configuration de PAM" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1038 +#: sssd.conf.5.xml:1045 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." @@ -1563,12 +1571,12 @@ msgstr "" "Module (PAM)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1043 +#: sssd.conf.5.xml:1050 msgid "offline_credentials_expiration (integer)" msgstr "offline_credentials_expiration (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1046 +#: sssd.conf.5.xml:1053 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." @@ -1578,17 +1586,17 @@ msgstr "" "connexion réussie)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1051 sssd.conf.5.xml:1064 +#: sssd.conf.5.xml:1058 sssd.conf.5.xml:1071 msgid "Default: 0 (No limit)" msgstr "Par défaut : 0 (pas de limite)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1057 +#: sssd.conf.5.xml:1064 msgid "offline_failed_login_attempts (integer)" msgstr "offline_failed_login_attempts (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1060 +#: sssd.conf.5.xml:1067 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." @@ -1597,12 +1605,12 @@ msgstr "" "échouées sont autorisées." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1070 +#: sssd.conf.5.xml:1077 msgid "offline_failed_login_delay (integer)" msgstr "offline_failed_login_delay (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1073 +#: sssd.conf.5.xml:1080 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." @@ -1612,7 +1620,7 @@ msgstr "" "soit possible." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1078 +#: sssd.conf.5.xml:1085 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -1623,17 +1631,17 @@ msgstr "" "connexion réussie en ligne peut réactiver l'authentification." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1084 sssd.conf.5.xml:1182 +#: sssd.conf.5.xml:1091 sssd.conf.5.xml:1189 msgid "Default: 5" msgstr "Par défaut : 5" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1090 +#: sssd.conf.5.xml:1097 msgid "pam_verbosity (integer)" msgstr "pam_verbosity (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1093 +#: sssd.conf.5.xml:1100 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." @@ -1643,44 +1651,44 @@ msgstr "" "affichés sera important." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1098 +#: sssd.conf.5.xml:1105 msgid "Currently sssd supports the following values:" msgstr "Actuellement sssd supporte les valeurs suivantes :" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1101 +#: sssd.conf.5.xml:1108 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "<emphasis>0</emphasis> : ne pas afficher de message" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1104 +#: sssd.conf.5.xml:1111 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "<emphasis>1</emphasis> : afficher seulement les messages importants" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1108 +#: sssd.conf.5.xml:1115 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "<emphasis>2</emphasis> : afficher les messages d'information" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1111 +#: sssd.conf.5.xml:1118 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" "<emphasis>3</emphasis> : afficher tous les messages et informations de " "débogage" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1115 sssd.8.xml:63 +#: sssd.conf.5.xml:1122 sssd.8.xml:63 msgid "Default: 1" msgstr "Par défaut : 1" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1121 +#: sssd.conf.5.xml:1128 msgid "pam_response_filter (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1124 +#: sssd.conf.5.xml:1131 msgid "" "A comma separated list of strings which allows to remove (filter) data sent " "by the PAM responder to pam_sss PAM module. There are different kind of " @@ -1689,61 +1697,61 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1132 +#: sssd.conf.5.xml:1139 msgid "" "While messages already can be controlled with the help of the pam_verbosity " "option this option allows to filter out other kind of responses as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1139 +#: sssd.conf.5.xml:1146 msgid "ENV" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1140 +#: sssd.conf.5.xml:1147 msgid "Do not send any environment variables to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1143 +#: sssd.conf.5.xml:1150 msgid "ENV:var_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1144 +#: sssd.conf.5.xml:1151 msgid "Do not send environment variable var_name to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1148 +#: sssd.conf.5.xml:1155 msgid "ENV:var_name:service" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1149 +#: sssd.conf.5.xml:1156 msgid "Do not send environment variable var_name to service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1137 +#: sssd.conf.5.xml:1144 msgid "" "Currently the following filters are supported: <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1159 +#: sssd.conf.5.xml:1166 msgid "Example: ENV:KRB5CCNAME:sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1165 +#: sssd.conf.5.xml:1172 msgid "pam_id_timeout (integer)" msgstr "pam_id_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1168 +#: sssd.conf.5.xml:1175 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1755,7 +1763,7 @@ msgstr "" "les dernières informations." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1174 +#: sssd.conf.5.xml:1181 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -1769,17 +1777,17 @@ msgstr "" "fournisseur d'identité." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1188 +#: sssd.conf.5.xml:1195 msgid "pam_pwd_expiration_warning (integer)" msgstr "pam_pwd_expiration_warning (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1191 sssd.conf.5.xml:2010 +#: sssd.conf.5.xml:1198 sssd.conf.5.xml:2028 msgid "Display a warning N days before the password expires." msgstr "Afficher une alerte N jours avant l'expiration du mot de passe." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1194 +#: sssd.conf.5.xml:1201 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1790,7 +1798,7 @@ msgstr "" "ne peut afficher de message d'alerte." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1200 sssd.conf.5.xml:2013 +#: sssd.conf.5.xml:1207 sssd.conf.5.xml:2031 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." @@ -1800,7 +1808,7 @@ msgstr "" "sera automatiquement affiché." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1205 +#: sssd.conf.5.xml:1212 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." @@ -1809,12 +1817,12 @@ msgstr "" "<emphasis>pwd_expiration_warning</emphasis> pour un domaine particulier." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:1234 msgid "pam_trusted_users (string)" msgstr "pam_trusted_users (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1230 +#: sssd.conf.5.xml:1237 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to run PAM conversations against trusted domains. Users not " @@ -1824,37 +1832,37 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1240 +#: sssd.conf.5.xml:1247 msgid "Default: All users are considered trusted by default" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1244 +#: sssd.conf.5.xml:1251 msgid "" "Please note that UID 0 is always allowed to access the PAM responder even in " "case it is not in the pam_trusted_users list." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1251 +#: sssd.conf.5.xml:1258 msgid "pam_public_domains (string)" msgstr "pam_public_domains (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1254 +#: sssd.conf.5.xml:1261 msgid "" "Specifies the comma-separated list of domain names that are accessible even " "to untrusted users." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1258 +#: sssd.conf.5.xml:1265 msgid "Two special values for pam_public_domains option are defined:" msgstr "" "Deux valeurs spéciales pour l'option pam_public_domains sont définies :" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1262 +#: sssd.conf.5.xml:1269 msgid "" "all (Untrusted users are allowed to access all domains in PAM responder.)" msgstr "" @@ -1862,7 +1870,7 @@ msgstr "" "à tous les domaines PAM dans le répondeur.)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1266 +#: sssd.conf.5.xml:1273 msgid "" "none (Untrusted users are not allowed to access any domains PAM in " "responder.)" @@ -1871,32 +1879,32 @@ msgstr "" "autorisés à accéder à un des domaines PAM dans le répondeur.)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1270 sssd.conf.5.xml:1295 sssd.conf.5.xml:1314 -#: sssd.conf.5.xml:1807 sssd.conf.5.xml:2751 sssd-ldap.5.xml:1850 +#: sssd.conf.5.xml:1277 sssd.conf.5.xml:1302 sssd.conf.5.xml:1321 +#: sssd.conf.5.xml:1825 sssd.conf.5.xml:2782 sssd-ldap.5.xml:1968 msgid "Default: none" msgstr "Par défaut : aucun" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1275 +#: sssd.conf.5.xml:1282 msgid "pam_account_expired_message (string)" msgstr "pam_account_expired_message (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1278 +#: sssd.conf.5.xml:1285 msgid "" "Allows a custom expiration message to be set, replacing the default " "'Permission denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1283 +#: sssd.conf.5.xml:1290 msgid "" "Note: Please be aware that message is only printed for the SSH service " "unless pam_verbosity is set to 3 (show all messages and debug information)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1291 +#: sssd.conf.5.xml:1298 #, no-wrap msgid "" "pam_account_expired_message = Account expired, please contact help desk.\n" @@ -1904,19 +1912,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1300 +#: sssd.conf.5.xml:1307 msgid "pam_account_locked_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1303 +#: sssd.conf.5.xml:1310 msgid "" "Allows a custom lockout message to be set, replacing the default 'Permission " "denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1310 +#: sssd.conf.5.xml:1317 #, no-wrap msgid "" "pam_account_locked_message = Account locked, please contact help desk.\n" @@ -1924,12 +1932,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1319 +#: sssd.conf.5.xml:1326 msgid "pam_cert_auth (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1322 +#: sssd.conf.5.xml:1329 msgid "" "Enable certificate based Smartcard authentication. Since this requires " "additional communication with the Smartcard which will delay the " @@ -1937,58 +1945,58 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1328 sssd-ldap.5.xml:1078 sssd-ldap.5.xml:1105 -#: sssd-ldap.5.xml:1396 sssd-ldap.5.xml:1417 sssd-ldap.5.xml:1923 -#: include/ldap_id_mapping.xml:244 +#: sssd.conf.5.xml:1335 sssd.conf.5.xml:2875 sssd-ldap.5.xml:1087 +#: sssd-ldap.5.xml:1114 sssd-ldap.5.xml:1514 sssd-ldap.5.xml:1535 +#: sssd-ldap.5.xml:2041 include/ldap_id_mapping.xml:244 msgid "Default: False" msgstr "Par défaut : False" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1333 +#: sssd.conf.5.xml:1340 msgid "pam_cert_db_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1336 +#: sssd.conf.5.xml:1343 msgid "" "The path to the certificate database which contain the PKCS#11 modules to " "access the Smartcard." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1340 +#: sssd.conf.5.xml:1347 msgid "Default: /etc/pki/nssdb (NSS version)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1345 +#: sssd.conf.5.xml:1352 msgid "p11_child_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1348 +#: sssd.conf.5.xml:1355 msgid "How many seconds will pam_sss wait for p11_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1357 +#: sssd.conf.5.xml:1364 msgid "pam_app_services (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1360 +#: sssd.conf.5.xml:1367 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1373 +#: sssd.conf.5.xml:1380 msgid "SUDO configuration options" msgstr "Options de configuration de SUDO" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1375 +#: sssd.conf.5.xml:1382 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -2005,12 +2013,12 @@ msgstr "" "sudo</refentrytitle> <manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1392 +#: sssd.conf.5.xml:1399 msgid "sudo_timed (bool)" msgstr "sudo_timed (booléen)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1395 +#: sssd.conf.5.xml:1402 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." @@ -2019,14 +2027,14 @@ msgstr "" "les entrées sudoers sensibles au temps." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1407 +#: sssd.conf.5.xml:1414 #, fuzzy #| msgid "ldap_deref_threshold (integer)" msgid "sudo_threshold (integer)" msgstr "ldap_deref_threshold (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1410 +#: sssd.conf.5.xml:1417 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -2036,22 +2044,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1429 +#: sssd.conf.5.xml:1436 msgid "AUTOFS configuration options" msgstr "Options de configuration AUTOFS" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1431 +#: sssd.conf.5.xml:1438 msgid "These options can be used to configure the autofs service." msgstr "Ces options peuvent être utilisées pour configurer le service autofs." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1435 +#: sssd.conf.5.xml:1442 msgid "autofs_negative_timeout (integer)" msgstr "autofs_negative_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1438 +#: sssd.conf.5.xml:1445 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -2063,23 +2071,23 @@ msgstr "" "moteur." #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1454 +#: sssd.conf.5.xml:1461 msgid "SSH configuration options" msgstr "Options de configuration SSH" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1456 +#: sssd.conf.5.xml:1463 msgid "These options can be used to configure the SSH service." msgstr "" "Les options suivantes peuvent être utilisées pour configurer le service SSH." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1460 +#: sssd.conf.5.xml:1467 msgid "ssh_hash_known_hosts (bool)" msgstr "ssh_hash_known_hosts (bool)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1463 +#: sssd.conf.5.xml:1470 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." @@ -2087,12 +2095,12 @@ msgstr "" "Condenser ou non les noms de systèmes et adresses du fichier known_hosts" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1472 +#: sssd.conf.5.xml:1479 msgid "ssh_known_hosts_timeout (integer)" msgstr "ssh_known_hosts_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1475 +#: sssd.conf.5.xml:1482 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." @@ -2101,34 +2109,34 @@ msgstr "" "known_hosts géré après que ses clés de système ont été demandés." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1479 +#: sssd.conf.5.xml:1486 msgid "Default: 180" msgstr "Par défaut : 180" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1484 +#: sssd.conf.5.xml:1491 msgid "ca_db (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1487 +#: sssd.conf.5.xml:1494 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1492 +#: sssd.conf.5.xml:1499 msgid "Default: /etc/pki/nssdb" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1500 +#: sssd.conf.5.xml:1507 msgid "PAC responder configuration options" msgstr "Options de configuration du répondeur PAC" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1502 +#: sssd.conf.5.xml:1509 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -2139,7 +2147,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1511 +#: sssd.conf.5.xml:1518 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -2150,7 +2158,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1519 +#: sssd.conf.5.xml:1526 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." @@ -2159,19 +2167,19 @@ msgstr "" "ajouté à ces groupes." #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1525 +#: sssd.conf.5.xml:1532 msgid "These options can be used to configure the PAC responder." msgstr "" "Les options suivantes peuvent être utilisées pour configurer le répondeur " "PAC." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1529 sssd-ifp.5.xml:50 +#: sssd.conf.5.xml:1536 sssd-ifp.5.xml:50 msgid "allowed_uids (string)" msgstr "allowed_uids (string)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1532 +#: sssd.conf.5.xml:1539 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -2182,14 +2190,14 @@ msgstr "" "seront résolus en UID au démarrage." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1538 +#: sssd.conf.5.xml:1545 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" "Par défaut : 0 (seul l'utilisateur root est autorisé à accéder au répondeur " "PAC)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1542 +#: sssd.conf.5.xml:1549 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -2202,26 +2210,26 @@ msgstr "" "0 à la liste des UID d'utilisateurs autorisés." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1551 +#: sssd.conf.5.xml:1558 msgid "pac_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1554 +#: sssd.conf.5.xml:1561 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1567 +#: sssd.conf.5.xml:1574 #, fuzzy #| msgid "PAC responder configuration options" msgid "Session recording configuration options" msgstr "Options de configuration du répondeur PAC" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1569 +#: sssd.conf.5.xml:1576 #, fuzzy #| msgid "" #| "This manual page describes the configuration of the AD provider for " @@ -2245,38 +2253,38 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1582 +#: sssd.conf.5.xml:1589 #, fuzzy #| msgid "These options can be used to configure any service." msgid "These options can be used to configure session recording." msgstr "Ces options peuvent être utilisées pour configurer les services." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1586 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:1593 sssd-session-recording.5.xml:64 #, fuzzy #| msgid "user (string)" msgid "scope (string)" msgstr "user (chaîne)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1593 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:1600 sssd-session-recording.5.xml:71 #, fuzzy #| msgid "none" msgid "\"none\"" msgstr "none" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1596 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:1603 sssd-session-recording.5.xml:74 msgid "No users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1601 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:1608 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1604 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:1611 sssd-session-recording.5.xml:82 #, fuzzy #| msgid "" #| "Append this user to groups specified by the <replaceable>GROUPS</" @@ -2291,17 +2299,17 @@ msgstr "" "replaceable> est une liste séparée par des virgules de noms de groupes." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1613 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:1620 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1616 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:1623 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1589 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:1596 sssd-session-recording.5.xml:67 #, fuzzy #| msgid "" #| "The following expansions are supported: <placeholder type=\"variablelist" @@ -2314,21 +2322,21 @@ msgstr "" "\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1623 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:1630 sssd-session-recording.5.xml:101 #, fuzzy #| msgid "Default: none" msgid "Default: \"none\"" msgstr "Par défaut : aucun" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1628 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:1635 sssd-session-recording.5.xml:106 #, fuzzy #| msgid "user (string)" msgid "users (string)" msgstr "user (chaîne)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1631 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:1638 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording enabled. " "Matches user names as returned by NSS. I.e. after the possible space " @@ -2336,21 +2344,21 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1637 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:1644 sssd-session-recording.5.xml:115 #, fuzzy #| msgid "Default: empty, i.e. ldap_uri is used." msgid "Default: Empty. Matches no users." msgstr "Par défaut : vide, ldap_uri est donc utilisé." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1642 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:1649 sssd-session-recording.5.xml:120 #, fuzzy #| msgid "user (string)" msgid "groups (string)" msgstr "user (chaîne)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1645 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:1652 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " @@ -2358,7 +2366,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1651 sssd-session-recording.5.xml:129 +#: sssd.conf.5.xml:1658 sssd-session-recording.5.xml:129 msgid "" "NOTE: using this option (having it set to anything) has a considerable " "performance cost, because each uncached request for a user requires " @@ -2366,22 +2374,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1658 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:1665 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1668 +#: sssd.conf.5.xml:1675 msgid "DOMAIN SECTIONS" msgstr "SECTIONS DOMAINES" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1675 +#: sssd.conf.5.xml:1682 msgid "domain_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1678 +#: sssd.conf.5.xml:1685 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " @@ -2390,14 +2398,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1686 +#: sssd.conf.5.xml:1693 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1690 +#: sssd.conf.5.xml:1697 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " @@ -2406,31 +2414,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1698 +#: sssd.conf.5.xml:1705 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1702 +#: sssd.conf.5.xml:1709 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1706 +#: sssd.conf.5.xml:1713 msgid "Default: posix" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1712 +#: sssd.conf.5.xml:1719 msgid "min_id,max_id (integer)" msgstr "min_id,max_id (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1715 +#: sssd.conf.5.xml:1722 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." @@ -2439,7 +2447,7 @@ msgstr "" "dehors de ces limites, elle est ignorée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1720 +#: sssd.conf.5.xml:1727 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -2452,7 +2460,7 @@ msgstr "" "qui sont dans la plage seront rapportés comme prévu." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1727 +#: sssd.conf.5.xml:1734 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." @@ -2461,41 +2469,57 @@ msgstr "" "pas seulement leur recherche par nom ou identifiant." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1731 +#: sssd.conf.5.xml:1738 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "Default: 1 for min_id, 0 (no limit) for max_id" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1737 +#: sssd.conf.5.xml:1744 msgid "enumerate (bool)" msgstr "enumerate (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1740 +#: sssd.conf.5.xml:1747 msgid "" -"Determines if a domain can be enumerated. This parameter can have one of the " -"following values:" +"Determines if a domain can be enumerated, that is, whether the domain can " +"list all the users and group it contains. Note that it is not required to " +"enable enumeration in order for secondary groups to be displayed. This " +"parameter can have one of the following values:" msgstr "" -"Détermine si un domaine peut être énuméré. Ce paramètre peut avoir une des " -"valeurs suivantes :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1744 +#: sssd.conf.5.xml:1755 msgid "TRUE = Users and groups are enumerated" msgstr "TRUE = utilisateurs et groupes sont énumérés" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1747 +#: sssd.conf.5.xml:1758 msgid "FALSE = No enumerations for this domain" msgstr "FALSE = aucune énumération pour ce domaine" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1750 sssd.conf.5.xml:1965 sssd.conf.5.xml:2132 +#: sssd.conf.5.xml:1761 sssd.conf.5.xml:1983 sssd.conf.5.xml:2150 msgid "Default: FALSE" msgstr "Par défaut : FALSE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1753 +#: sssd.conf.5.xml:1764 +msgid "" +"Enumerating a domain requires SSSD to download and store ALL user and group " +"entries from the remote server." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1769 +#, fuzzy +#| msgid "" +#| "Note: Enabling enumeration has a moderate performance impact on SSSD " +#| "while enumeration is running. It may take up to several minutes after " +#| "SSSD startup to fully complete enumerations. During this time, " +#| "individual requests for information will go directly to LDAP, though it " +#| "may be slow, due to the heavy enumeration processing. Saving a large " +#| "number of entries to cache after the enumeration completes might also be " +#| "CPU intensive as the memberships have to be recomputed." msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -2503,7 +2527,9 @@ msgid "" "information will go directly to LDAP, though it may be slow, due to the " "heavy enumeration processing. Saving a large number of entries to cache " "after the enumeration completes might also be CPU intensive as the " -"memberships have to be recomputed." +"memberships have to be recomputed. This can lead to the <quote>sssd_be</" +"quote> process becoming unresponsive or even restarted by the internal " +"watchdog." msgstr "" "Note : activer l'énumération a un impact modéré sur les performances de SSSD " "lorsque l'énumération est en cours. Plusieurs minutes peuvent être " @@ -2516,7 +2542,7 @@ msgstr "" "être recalculées." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1766 +#: sssd.conf.5.xml:1784 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." @@ -2526,7 +2552,7 @@ msgstr "" "l'énumération ne se termine." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1771 +#: sssd.conf.5.xml:1789 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -2540,7 +2566,7 @@ msgstr "" "fournisseur d'identité spécifique utilisé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1779 +#: sssd.conf.5.xml:1797 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." @@ -2549,32 +2575,32 @@ msgstr "" "déconseillée, surtout dans les environnements de grande taille." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1787 +#: sssd.conf.5.xml:1805 msgid "subdomain_enumerate (string)" msgstr "subdomain_enumerate (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1794 +#: sssd.conf.5.xml:1812 msgid "all" msgstr "all" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1795 +#: sssd.conf.5.xml:1813 msgid "All discovered trusted domains will be enumerated" msgstr "Tous les domaines approuvés découverts seront énumérés" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1798 +#: sssd.conf.5.xml:1816 msgid "none" msgstr "none" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1799 +#: sssd.conf.5.xml:1817 msgid "No discovered trusted domains will be enumerated" msgstr "Aucun domaine approuvé découvert ne sera énuméré" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1790 +#: sssd.conf.5.xml:1808 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -2588,12 +2614,12 @@ msgstr "" "activer l'énumération pour ces seuls domaines." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1813 +#: sssd.conf.5.xml:1831 msgid "entry_cache_timeout (integer)" msgstr "entry_cache_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1816 +#: sssd.conf.5.xml:1834 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" @@ -2602,7 +2628,7 @@ msgstr "" "comme valides avant de les redemander au moteur" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1820 +#: sssd.conf.5.xml:1838 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -2620,17 +2646,17 @@ msgstr "" "rafraîchissement des entrées qui sont déjà en cache." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1833 +#: sssd.conf.5.xml:1851 msgid "Default: 5400" msgstr "Par défaut : 5400" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1839 +#: sssd.conf.5.xml:1857 msgid "entry_cache_user_timeout (integer)" msgstr "entry_cache_user_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1842 +#: sssd.conf.5.xml:1860 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" @@ -2639,19 +2665,19 @@ msgstr "" "d'utilisateurs comme valides avant de les redemander au moteur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1846 sssd.conf.5.xml:1859 sssd.conf.5.xml:1872 -#: sssd.conf.5.xml:1885 sssd.conf.5.xml:1898 sssd.conf.5.xml:1912 -#: sssd.conf.5.xml:1926 +#: sssd.conf.5.xml:1864 sssd.conf.5.xml:1877 sssd.conf.5.xml:1890 +#: sssd.conf.5.xml:1903 sssd.conf.5.xml:1916 sssd.conf.5.xml:1930 +#: sssd.conf.5.xml:1944 msgid "Default: entry_cache_timeout" msgstr "Par défaut : entry_cache_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1852 +#: sssd.conf.5.xml:1870 msgid "entry_cache_group_timeout (integer)" msgstr "entry_cache_group_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1855 +#: sssd.conf.5.xml:1873 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" @@ -2660,12 +2686,12 @@ msgstr "" "groupes comme valides avant de les redemander au moteur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1865 +#: sssd.conf.5.xml:1883 msgid "entry_cache_netgroup_timeout (integer)" msgstr "entry_cache_netgroup_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1868 +#: sssd.conf.5.xml:1886 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" @@ -2674,12 +2700,12 @@ msgstr "" "netgroup comme valides avant de les redemander au moteur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1878 +#: sssd.conf.5.xml:1896 msgid "entry_cache_service_timeout (integer)" msgstr "entry_cache_service_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1881 +#: sssd.conf.5.xml:1899 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" @@ -2688,12 +2714,12 @@ msgstr "" "service valides avant de les redemander au moteur" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1891 +#: sssd.conf.5.xml:1909 msgid "entry_cache_sudo_timeout (integer)" msgstr "entry_cache_sudo_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1894 +#: sssd.conf.5.xml:1912 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" @@ -2702,12 +2728,12 @@ msgstr "" "valides avant de les redemander au moteur" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1904 +#: sssd.conf.5.xml:1922 msgid "entry_cache_autofs_timeout (integer)" msgstr "entry_cache_autofs_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1907 +#: sssd.conf.5.xml:1925 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" @@ -2716,12 +2742,12 @@ msgstr "" "cartes d'automontage comme valides avant de les redemander au moteur" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1918 +#: sssd.conf.5.xml:1936 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "entry_cache_ssh_host_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1921 +#: sssd.conf.5.xml:1939 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." @@ -2730,12 +2756,12 @@ msgstr "" "rafraichissement. I.e. combien de temps mettre la clé en cache." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1932 +#: sssd.conf.5.xml:1950 msgid "refresh_expired_interval (integer)" msgstr "refresh_expired_interval (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1935 +#: sssd.conf.5.xml:1953 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." @@ -2745,48 +2771,48 @@ msgstr "" "enregistrements expirés ou sur le point de l'être." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1940 +#: sssd.conf.5.xml:1958 msgid "" "The background refresh will process users, groups and netgroups in the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1944 +#: sssd.conf.5.xml:1962 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" "Il est envisageable de configurer cette valeur à 3/4 * entry_cache_timeout." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1948 sssd-ldap.5.xml:746 sssd-ipa.5.xml:248 +#: sssd.conf.5.xml:1966 sssd-ldap.5.xml:746 sssd-ipa.5.xml:254 msgid "Default: 0 (disabled)" msgstr "Par défaut : 0 (désactivé)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1954 +#: sssd.conf.5.xml:1972 msgid "cache_credentials (bool)" msgstr "cache_credentials (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1957 +#: sssd.conf.5.xml:1975 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" "Détermine si les données d'identification de l'utilisateur sont aussi mis en " "cache dans le cache LDB local" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1961 +#: sssd.conf.5.xml:1979 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" "Les informations d'identification utilisateur sont stockées dans une table " "de hachage SHA512, et non en texte brut" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1971 +#: sssd.conf.5.xml:1989 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1974 +#: sssd.conf.5.xml:1992 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " @@ -2794,24 +2820,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1981 +#: sssd.conf.5.xml:1999 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1986 +#: sssd.conf.5.xml:2004 msgid "Default: 8" msgstr "Par défaut : 8" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1992 +#: sssd.conf.5.xml:2010 msgid "account_cache_expiration (integer)" msgstr "account_cache_expiration (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1995 +#: sssd.conf.5.xml:2013 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -2824,17 +2850,17 @@ msgstr "" "paramètre doit être supérieur ou égal à offline_credentials_expiration." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2002 +#: sssd.conf.5.xml:2020 msgid "Default: 0 (unlimited)" msgstr "Par défaut : 0 (illimité)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2007 +#: sssd.conf.5.xml:2025 msgid "pwd_expiration_warning (integer)" msgstr "pwd_expiration_warning (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2018 +#: sssd.conf.5.xml:2036 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -2847,17 +2873,17 @@ msgstr "" "fournisseur oauth doit être configuré pour le moteur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2025 +#: sssd.conf.5.xml:2043 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "Par défaut : 7 (Kerberos), 0 (LDAP)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2031 +#: sssd.conf.5.xml:2049 msgid "id_provider (string)" msgstr "id_provider (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2034 +#: sssd.conf.5.xml:2052 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" @@ -2865,18 +2891,18 @@ msgstr "" "d'identification pris en charge sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2038 +#: sssd.conf.5.xml:2056 msgid "<quote>proxy</quote>: Support a legacy NSS provider" msgstr "<quote>proxy</quote> : prise en charge de l'ancien fournisseur NSS" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2041 sssd.conf.5.xml:2178 +#: sssd.conf.5.xml:2059 sssd.conf.5.xml:2196 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "" "<quote>local</quote> : Fournisseur interne SSSD pour les utilisateurs locaux" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2045 +#: sssd.conf.5.xml:2063 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -2888,8 +2914,8 @@ msgstr "" "LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2053 sssd.conf.5.xml:2158 sssd.conf.5.xml:2213 -#: sssd.conf.5.xml:2276 +#: sssd.conf.5.xml:2071 sssd.conf.5.xml:2176 sssd.conf.5.xml:2231 +#: sssd.conf.5.xml:2294 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -2902,8 +2928,8 @@ msgstr "" "configuration de FreeIPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2062 sssd.conf.5.xml:2167 sssd.conf.5.xml:2222 -#: sssd.conf.5.xml:2285 +#: sssd.conf.5.xml:2080 sssd.conf.5.xml:2185 sssd.conf.5.xml:2240 +#: sssd.conf.5.xml:2303 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2915,12 +2941,12 @@ msgstr "" "d'Active Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2073 +#: sssd.conf.5.xml:2091 msgid "use_fully_qualified_names (bool)" msgstr "use_fully_qualified_names (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2076 +#: sssd.conf.5.xml:2094 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." @@ -2930,7 +2956,7 @@ msgstr "" "communiqué à NSS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2081 +#: sssd.conf.5.xml:2099 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -2944,7 +2970,7 @@ msgstr "" "trouve." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2089 +#: sssd.conf.5.xml:2107 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -2956,22 +2982,22 @@ msgstr "" "qualifié sera demandé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2096 +#: sssd.conf.5.xml:2114 msgid "Default: FALSE (TRUE if default_domain_suffix is used)" msgstr "Par défaut : false (true si default_domain_suffix est utilisée)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2102 +#: sssd.conf.5.xml:2120 msgid "ignore_group_members (bool)" msgstr "ignore_group_members (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2105 +#: sssd.conf.5.xml:2123 msgid "Do not return group members for group lookups." msgstr "Ne pas envoyer les membres des groupes sur les recherches de groupes." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2108 +#: sssd.conf.5.xml:2126 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -2983,7 +3009,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2126 +#: sssd.conf.5.xml:2144 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " @@ -2991,12 +3017,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2137 +#: sssd.conf.5.xml:2155 msgid "auth_provider (string)" msgstr "auth_provider (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2140 +#: sssd.conf.5.xml:2158 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" @@ -3005,7 +3031,7 @@ msgstr "" "pris en charge sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2144 sssd.conf.5.xml:2206 +#: sssd.conf.5.xml:2162 sssd.conf.5.xml:2224 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3017,7 +3043,7 @@ msgstr "" "LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2151 +#: sssd.conf.5.xml:2169 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3028,7 +3054,7 @@ msgstr "" "citerefentry> pour plus d'informations sur la configuration de Kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2175 +#: sssd.conf.5.xml:2193 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" @@ -3036,12 +3062,12 @@ msgstr "" "PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2182 +#: sssd.conf.5.xml:2200 msgid "<quote>none</quote> disables authentication explicitly." msgstr "<quote>none</quote> désactive l'authentification explicitement." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2185 +#: sssd.conf.5.xml:2203 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." @@ -3050,12 +3076,12 @@ msgstr "" "gérer les requêtes d'authentification." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2191 +#: sssd.conf.5.xml:2209 msgid "access_provider (string)" msgstr "access_provider (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2194 +#: sssd.conf.5.xml:2212 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -3066,7 +3092,7 @@ msgstr "" "installés). Les fournisseurs internes spécifiques sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2200 +#: sssd.conf.5.xml:2218 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." @@ -3075,12 +3101,12 @@ msgstr "" "d'accès autorisé pour un domaine local." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2203 +#: sssd.conf.5.xml:2221 msgid "<quote>deny</quote> always deny access." msgstr "<quote>deny</quote> toujours refuser les accès." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2230 +#: sssd.conf.5.xml:2248 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -3093,7 +3119,7 @@ msgstr "" "d'informations sur la configuration du module d'accès simple." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2237 +#: sssd.conf.5.xml:2255 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum></" @@ -3101,22 +3127,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2244 +#: sssd.conf.5.xml:2262 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2247 +#: sssd.conf.5.xml:2265 msgid "Default: <quote>permit</quote>" msgstr "Par défaut : <quote>permit</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2252 +#: sssd.conf.5.xml:2270 msgid "chpass_provider (string)" msgstr "chpass_provider (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2255 +#: sssd.conf.5.xml:2273 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" @@ -3125,7 +3151,7 @@ msgstr "" "domaine. Les fournisseurs pris en charge sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2260 +#: sssd.conf.5.xml:2278 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -3133,7 +3159,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2268 +#: sssd.conf.5.xml:2286 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3145,7 +3171,7 @@ msgstr "" "Kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2293 +#: sssd.conf.5.xml:2311 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" @@ -3153,14 +3179,14 @@ msgstr "" "autre cible PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2297 +#: sssd.conf.5.xml:2315 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" "<quote>none</quote> pour désactiver explicitement le changement de mot de " "passe." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2300 +#: sssd.conf.5.xml:2318 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." @@ -3169,19 +3195,19 @@ msgstr "" "peut gérer les changements de mot de passe." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2307 +#: sssd.conf.5.xml:2325 msgid "sudo_provider (string)" msgstr "sudo_provider (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2310 +#: sssd.conf.5.xml:2328 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" "Le fournisseur SUDO, utilisé pour le domaine. Les fournisseurs SUDO pris en " "charge sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2314 +#: sssd.conf.5.xml:2332 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3193,7 +3219,7 @@ msgstr "" "LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2322 +#: sssd.conf.5.xml:2340 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." @@ -3202,7 +3228,7 @@ msgstr "" "par défaut pour IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2326 +#: sssd.conf.5.xml:2344 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." @@ -3211,20 +3237,20 @@ msgstr "" "par défaut pour AD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2330 +#: sssd.conf.5.xml:2348 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "<quote>none</quote> désactive explicitement SUDO." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2333 sssd.conf.5.xml:2411 sssd.conf.5.xml:2476 -#: sssd.conf.5.xml:2501 +#: sssd.conf.5.xml:2351 sssd.conf.5.xml:2437 sssd.conf.5.xml:2507 +#: sssd.conf.5.xml:2532 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" "Par défaut : La valeur de <quote>id_provider</quote> est utilisée si elle " "est définie." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2337 +#: sssd.conf.5.xml:2355 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -3234,13 +3260,22 @@ msgid "" "<manvolnum>5</manvolnum> </citerefentry>." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2370 +msgid "" +"<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " +"background unless the sudo provider is explicitly disabled. Set " +"<emphasis>sudo_provider = None</emphasis> to disable all sudo-related " +"activity in SSSD if you do not want to use sudo with SSSD at all." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2354 +#: sssd.conf.5.xml:2380 msgid "selinux_provider (string)" msgstr "selinux_provider (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2357 +#: sssd.conf.5.xml:2383 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -3251,7 +3286,7 @@ msgstr "" "fournisseur d'accès. Les fournisseurs selinux pris en charge sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2363 +#: sssd.conf.5.xml:2389 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3263,14 +3298,14 @@ msgstr "" "IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2371 +#: sssd.conf.5.xml:2397 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" "<quote>none</quote> n'autorise pas la récupération explicite des paramètres " "selinux." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2374 +#: sssd.conf.5.xml:2400 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." @@ -3279,12 +3314,12 @@ msgstr "" "gérer le chargement selinux" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2380 +#: sssd.conf.5.xml:2406 msgid "subdomains_provider (string)" msgstr "subdomains_provider (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2383 +#: sssd.conf.5.xml:2409 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" @@ -3294,7 +3329,7 @@ msgstr "" "fournisseurs de sous-domaine pris en charge sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2389 +#: sssd.conf.5.xml:2415 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3306,7 +3341,7 @@ msgstr "" "IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2398 +#: sssd.conf.5.xml:2424 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -3315,20 +3350,20 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2407 +#: sssd.conf.5.xml:2433 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" "<quote>none</quote> désactive la récupération explicite des sous-domaines." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2417 +#: sssd.conf.5.xml:2443 #, fuzzy #| msgid "selinux_provider (string)" msgid "session_provider (string)" msgstr "selinux_provider (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2420 +#: sssd.conf.5.xml:2446 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " @@ -3336,18 +3371,18 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2427 +#: sssd.conf.5.xml:2453 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2431 +#: sssd.conf.5.xml:2457 msgid "" "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2435 +#: sssd.conf.5.xml:2461 #, fuzzy #| msgid "" #| "Default: <quote>id_provider</quote> is used if it is set and can handle " @@ -3359,13 +3394,20 @@ msgstr "" "Par défaut : <quote>id_provider</quote> est utilisé s'il est défini et peut " "gérer le chargement selinux" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2465 +msgid "" +"<emphasis>NOTE:</emphasis> In order to have this feature working as expected " +"SSSD must be running as \"root\" and not as the unprivileged user." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2442 +#: sssd.conf.5.xml:2473 msgid "autofs_provider (string)" msgstr "autofs_provider (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2445 +#: sssd.conf.5.xml:2476 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" @@ -3373,7 +3415,7 @@ msgstr "" "en charge sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2449 +#: sssd.conf.5.xml:2480 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3385,7 +3427,7 @@ msgstr "" "LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2456 +#: sssd.conf.5.xml:2487 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3397,7 +3439,7 @@ msgstr "" "IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2464 +#: sssd.conf.5.xml:2495 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3405,17 +3447,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2473 +#: sssd.conf.5.xml:2504 msgid "<quote>none</quote> disables autofs explicitly." msgstr "<quote>none</quote> désactive explicitement autofs." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2483 +#: sssd.conf.5.xml:2514 msgid "hostid_provider (string)" msgstr "hostid_provider (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2486 +#: sssd.conf.5.xml:2517 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" @@ -3424,7 +3466,7 @@ msgstr "" "systèmes. Les fournisseurs de hostid pris en charge sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2490 +#: sssd.conf.5.xml:2521 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3436,12 +3478,12 @@ msgstr "" "configuration de IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2498 +#: sssd.conf.5.xml:2529 msgid "<quote>none</quote> disables hostid explicitly." msgstr "<quote>none</quote> désactive explicitement hostid." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2511 +#: sssd.conf.5.xml:2542 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -3457,7 +3499,7 @@ msgstr "" "domaine." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2520 +#: sssd.conf.5.xml:2551 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -3470,22 +3512,22 @@ msgstr "" "styles différents pour les noms d'utilisateurs :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2525 +#: sssd.conf.5.xml:2556 msgid "username" msgstr "username" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2528 +#: sssd.conf.5.xml:2559 msgid "username@domain.name" msgstr "username@domain.name" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2531 +#: sssd.conf.5.xml:2562 msgid "domain\\username" msgstr "domain\\username" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2534 +#: sssd.conf.5.xml:2565 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." @@ -3495,7 +3537,7 @@ msgstr "" "utilisateurs de domaines Windows." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2539 +#: sssd.conf.5.xml:2570 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -3506,7 +3548,7 @@ msgstr "" "importe le domaine après »" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2545 +#: sssd.conf.5.xml:2576 msgid "" "PLEASE NOTE: the support for non-unique named subpatterns is not available " "on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre " @@ -3518,7 +3560,7 @@ msgstr "" "prendre en charge les sous-motifs nommés multiples." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2552 +#: sssd.conf.5.xml:2583 msgid "" "PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?" "P<name>) to label subpatterns." @@ -3527,17 +3569,17 @@ msgstr "" "la syntaxe Python (?P<name>) pour nommer les sous-motifs." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2599 +#: sssd.conf.5.xml:2630 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "Par défaut : <quote>%1$s@%2$s</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2605 +#: sssd.conf.5.xml:2636 msgid "lookup_family_order (string)" msgstr "lookup_family_order (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2608 +#: sssd.conf.5.xml:2639 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." @@ -3546,48 +3588,48 @@ msgstr "" "utiliser pour effectuer les requêtes DNS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2612 +#: sssd.conf.5.xml:2643 msgid "Supported values:" msgstr "Valeurs prises en charge :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2615 +#: sssd.conf.5.xml:2646 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" "ipv4_first : essayer de chercher une adresse IPv4, et en cas d'échec, " "essayer IPv6." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2618 +#: sssd.conf.5.xml:2649 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" "ipv4_only : ne tenter de résoudre les noms de systèmes qu'en adresses IPv4." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2621 +#: sssd.conf.5.xml:2652 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" "ipv6_first : essayer de chercher une adresse IPv6, et en cas d'échec, tenter " "IPv4." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2624 +#: sssd.conf.5.xml:2655 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" "ipv6_only : ne tenter de résoudre les noms de systèmes qu'en adresses IPv6." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2627 +#: sssd.conf.5.xml:2658 msgid "Default: ipv4_first" msgstr "Par défaut : ipv4_first" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2633 +#: sssd.conf.5.xml:2664 msgid "dns_resolver_timeout (integer)" msgstr "dns_resolver_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2636 +#: sssd.conf.5.xml:2667 #, fuzzy #| msgid "" #| "Defines the amount of time (in seconds) to wait for a reply from the DNS " @@ -3604,25 +3646,25 @@ msgstr "" "domaine continuera à opérer en mode déconnecté." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2643 +#: sssd.conf.5.xml:2674 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2648 sssd-ldap.5.xml:1278 sssd-ldap.5.xml:1320 -#: sssd-ldap.5.xml:1338 sssd-krb5.5.xml:248 +#: sssd.conf.5.xml:2679 sssd-ldap.5.xml:1396 sssd-ldap.5.xml:1438 +#: sssd-ldap.5.xml:1456 sssd-krb5.5.xml:248 msgid "Default: 6" msgstr "Par défaut : 6" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2654 +#: sssd.conf.5.xml:2685 msgid "dns_discovery_domain (string)" msgstr "dns_discovery_domain (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2657 +#: sssd.conf.5.xml:2688 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." @@ -3631,54 +3673,54 @@ msgstr "" "du domaine faisant partie de la requête DNS de découverte de services." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2661 +#: sssd.conf.5.xml:2692 msgid "Default: Use the domain part of machine's hostname" msgstr "" "Par défaut : utiliser la partie du domaine qui est dans le nom de système de " "la machine." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2667 +#: sssd.conf.5.xml:2698 msgid "override_gid (integer)" msgstr "override_gid (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2670 +#: sssd.conf.5.xml:2701 msgid "Override the primary GID value with the one specified." msgstr "Redéfinit le GID primaire avec la valeur spécifiée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2676 +#: sssd.conf.5.xml:2707 msgid "case_sensitive (string)" msgstr "case_sensitive (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2684 +#: sssd.conf.5.xml:2715 msgid "True" msgstr "True" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2687 +#: sssd.conf.5.xml:2718 msgid "Case sensitive. This value is invalid for AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2693 +#: sssd.conf.5.xml:2724 msgid "False" msgstr "False" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2695 +#: sssd.conf.5.xml:2726 msgid "Case insensitive." msgstr "Insensible à la casse." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2699 +#: sssd.conf.5.xml:2730 msgid "Preserving" msgstr "Preserving" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2702 +#: sssd.conf.5.xml:2733 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " @@ -3690,7 +3732,7 @@ msgstr "" "sortie." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2679 +#: sssd.conf.5.xml:2710 msgid "" "Treat user and group names as case sensitive. At the moment, this option is " "not supported in the local provider. Possible option values are: " @@ -3698,17 +3740,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2714 +#: sssd.conf.5.xml:2745 msgid "Default: True (False for AD provider)" msgstr "Par défaut : true (false pour le fournisseur AD)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2720 +#: sssd.conf.5.xml:2751 msgid "subdomain_inherit (string)" msgstr "subdomain_inherit (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2723 +#: sssd.conf.5.xml:2754 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " @@ -3716,34 +3758,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2729 +#: sssd.conf.5.xml:2760 msgid "ignore_group_members" msgstr "ignore_group_members" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2732 +#: sssd.conf.5.xml:2763 msgid "ldap_purge_cache_timeout" msgstr "ldap_purge_cache_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2735 sssd-ldap.5.xml:1111 +#: sssd.conf.5.xml:2766 sssd-ldap.5.xml:1120 msgid "ldap_use_tokengroups" msgstr "ldap_use_tokengroups" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2738 +#: sssd.conf.5.xml:2769 msgid "ldap_user_principal" msgstr "ldap_user_principal" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2741 +#: sssd.conf.5.xml:2772 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:2747 +#: sssd.conf.5.xml:2778 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" @@ -3753,32 +3795,32 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2745 sssd-secrets.5.xml:448 +#: sssd.conf.5.xml:2776 sssd-secrets.5.xml:448 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "Exemple : <placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2754 +#: sssd.conf.5.xml:2785 msgid "Note: This option only works with the IPA and AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2761 +#: sssd.conf.5.xml:2792 msgid "subdomain_homedir (string)" msgstr "subdomain_homedir (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2772 +#: sssd.conf.5.xml:2803 msgid "%F" msgstr "%F" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2773 +#: sssd.conf.5.xml:2804 msgid "flat (NetBIOS) name of a subdomain." msgstr "nom plat (NetBIOS) d'un sous-domaine." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2764 +#: sssd.conf.5.xml:2795 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -3794,7 +3836,7 @@ msgstr "" "\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2778 +#: sssd.conf.5.xml:2809 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" @@ -3802,17 +3844,17 @@ msgstr "" "emphasis>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2782 +#: sssd.conf.5.xml:2813 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "Par défaut : <filename>/home/%d/%u</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2787 +#: sssd.conf.5.xml:2818 msgid "realmd_tags (string)" msgstr "realmd_tags (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2790 +#: sssd.conf.5.xml:2821 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" @@ -3820,12 +3862,12 @@ msgstr "" "ce domaine." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2796 +#: sssd.conf.5.xml:2827 msgid "cached_auth_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2799 +#: sssd.conf.5.xml:2830 msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " @@ -3833,20 +3875,58 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2805 +#: sssd.conf.5.xml:2836 msgid "Special value 0 implies that this feature is disabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2809 +#: sssd.conf.5.xml:2840 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " "<quote>initgroups.</quote>" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2851 +#, fuzzy +#| msgid "autofs_provider (string)" +msgid "auto_private_groups (string)" +msgstr "autofs_provider (string)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2854 +msgid "" +"If this option is enabled, SSSD will automatically create user private " +"groups based on user's UID number. The GID number is ignored in this case." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2859 +msgid "" +"For POSIX subdomains, setting the option in the main domain is inherited in " +"the subdomain." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2863 +msgid "" +"For ID-mapping subdomains, auto_private_groups is already enabled for the " +"subdomains and setting it to false will not have any effect for the " +"subdomain." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2868 +msgid "" +"NOTE: Because the GID number and the user private group are inferred from " +"the UID number, it is not supported to have multiple entries with the same " +"UID or GID number with this option. In other words, enabling this option " +"enforces uniqueness across the ID space." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1670 +#: sssd.conf.5.xml:1677 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -3858,17 +3938,17 @@ msgstr "" "id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2827 +#: sssd.conf.5.xml:2887 msgid "proxy_pam_target (string)" msgstr "proxy_pam_target (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2830 +#: sssd.conf.5.xml:2890 msgid "The proxy target PAM proxies to." msgstr "Le proxy cible duquel PAM devient mandataire." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2833 +#: sssd.conf.5.xml:2893 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." @@ -3877,12 +3957,12 @@ msgstr "" "ou en créer une nouvelle et ajouter le nom de service ici." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2841 +#: sssd.conf.5.xml:2901 msgid "proxy_lib_name (string)" msgstr "proxy_lib_name (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2844 +#: sssd.conf.5.xml:2904 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -3893,12 +3973,12 @@ msgstr "" "$(libName)_$(function), par exemple _nss_files_getpwent." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2854 +#: sssd.conf.5.xml:2914 msgid "proxy_fast_alias (boolean)" msgstr "proxy_fast_alias (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2857 +#: sssd.conf.5.xml:2917 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -3912,12 +3992,12 @@ msgstr "" "afin d'améliorer les performances." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2871 +#: sssd.conf.5.xml:2931 msgid "proxy_max_children (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2874 +#: sssd.conf.5.xml:2934 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " @@ -3925,7 +4005,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:2823 +#: sssd.conf.5.xml:2883 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" @@ -3934,12 +4014,12 @@ msgstr "" "id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2890 +#: sssd.conf.5.xml:2950 msgid "Application domains" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2892 +#: sssd.conf.5.xml:2952 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> <refentrytitle>sssd-ifp</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) is appealing to " @@ -3956,7 +4036,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2912 +#: sssd.conf.5.xml:2972 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " @@ -3964,17 +4044,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:2918 +#: sssd.conf.5.xml:2978 msgid "Application domain parameters" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2920 +#: sssd.conf.5.xml:2980 msgid "inherit_from (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2923 +#: sssd.conf.5.xml:2983 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " @@ -3983,7 +4063,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2937 +#: sssd.conf.5.xml:2997 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " @@ -3993,7 +4073,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:2945 +#: sssd.conf.5.xml:3005 #, no-wrap msgid "" "[sssd]\n" @@ -4013,12 +4093,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2963 +#: sssd.conf.5.xml:3023 msgid "The local domain section" msgstr "La section du domaine local" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2965 +#: sssd.conf.5.xml:3025 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -4029,29 +4109,29 @@ msgstr "" "dire un domaine qui utilise <replaceable>id_provider=local</replaceable>." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2972 +#: sssd.conf.5.xml:3032 msgid "default_shell (string)" msgstr "default_shell (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2975 +#: sssd.conf.5.xml:3035 msgid "The default shell for users created with SSSD userspace tools." msgstr "" "L'interpréteur de commandes par défaut pour les utilisateurs créés avec les " "outils en espace utilisateur SSSD." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2979 +#: sssd.conf.5.xml:3039 msgid "Default: <filename>/bin/bash</filename>" msgstr "Par défaut : <filename>/bin/bash</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2984 +#: sssd.conf.5.xml:3044 msgid "base_directory (string)" msgstr "base_directory (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2987 +#: sssd.conf.5.xml:3047 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." @@ -4060,17 +4140,17 @@ msgstr "" "replaceable> et l'utilisent comme dossier personnel." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2992 +#: sssd.conf.5.xml:3052 msgid "Default: <filename>/home</filename>" msgstr "Par défaut : <filename>/home</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2997 +#: sssd.conf.5.xml:3057 msgid "create_homedir (bool)" msgstr "create_homedir (booléen)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3000 +#: sssd.conf.5.xml:3060 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." @@ -4079,17 +4159,17 @@ msgstr "" "utilisateurs. Peut être outrepassé par la ligne de commande." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3004 sssd.conf.5.xml:3016 +#: sssd.conf.5.xml:3064 sssd.conf.5.xml:3076 msgid "Default: TRUE" msgstr "Par défaut : TRUE" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3009 +#: sssd.conf.5.xml:3069 msgid "remove_homedir (bool)" msgstr "remove_homedir (booléen)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3012 +#: sssd.conf.5.xml:3072 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." @@ -4098,12 +4178,12 @@ msgstr "" "suppression des utilisateurs. Peut être outrepassé par la ligne de commande." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3021 +#: sssd.conf.5.xml:3081 msgid "homedir_umask (integer)" msgstr "homedir_umask (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3024 +#: sssd.conf.5.xml:3084 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -4114,17 +4194,17 @@ msgstr "" "défaut sur un répertoire personnel nouvellement créé." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3032 +#: sssd.conf.5.xml:3092 msgid "Default: 077" msgstr "Par défaut : 077" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3037 +#: sssd.conf.5.xml:3097 msgid "skel_dir (string)" msgstr "skel_dir (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3040 +#: sssd.conf.5.xml:3100 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -4137,17 +4217,17 @@ msgstr "" "manvolnum> </citerefentry>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3050 +#: sssd.conf.5.xml:3110 msgid "Default: <filename>/etc/skel</filename>" msgstr "Par défaut : <filename>/etc/skel</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3055 +#: sssd.conf.5.xml:3115 msgid "mail_dir (string)" msgstr "mail_dir (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3058 +#: sssd.conf.5.xml:3118 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -4158,17 +4238,17 @@ msgstr "" "précisé, la valeur par défaut est utilisée." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3065 +#: sssd.conf.5.xml:3125 msgid "Default: <filename>/var/mail</filename>" msgstr "Par défaut : <filename>/var/mail</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3070 +#: sssd.conf.5.xml:3130 msgid "userdel_cmd (string)" msgstr "userdel_cmd (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3073 +#: sssd.conf.5.xml:3133 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -4179,17 +4259,17 @@ msgstr "" "code en retour de la commande n'est pas pris en compte." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3079 +#: sssd.conf.5.xml:3139 msgid "Default: None, no command is run" msgstr "Par défaut : None, aucune commande lancée" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3089 +#: sssd.conf.5.xml:3149 msgid "TRUSTED DOMAIN SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3091 +#: sssd.conf.5.xml:3151 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called <quote>[domain/" @@ -4200,64 +4280,64 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3098 +#: sssd.conf.5.xml:3158 msgid "ldap_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3099 +#: sssd.conf.5.xml:3159 msgid "ldap_user_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3100 +#: sssd.conf.5.xml:3160 msgid "ldap_group_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3101 +#: sssd.conf.5.xml:3161 msgid "ldap_netgroup_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3102 +#: sssd.conf.5.xml:3162 msgid "ldap_service_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3103 +#: sssd.conf.5.xml:3163 msgid "ad_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3104 +#: sssd.conf.5.xml:3164 msgid "ad_backup_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3105 +#: sssd.conf.5.xml:3165 msgid "ad_site," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3106 +#: sssd.conf.5.xml:3166 msgid "use_fully_qualified_names" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3108 +#: sssd.conf.5.xml:3168 msgid "" "For more details about these options see their individual description in the " "manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3114 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:3174 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3120 +#: sssd.conf.5.xml:3180 #, no-wrap msgid "" "[sssd]\n" @@ -4311,7 +4391,7 @@ msgstr "" "enumerate = False\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3116 +#: sssd.conf.5.xml:3176 #, fuzzy #| msgid "" #| "The following example shows a typical SSSD config. It does not describe " @@ -4330,7 +4410,7 @@ msgstr "" "\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3153 +#: sssd.conf.5.xml:3213 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" @@ -4338,7 +4418,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3147 +#: sssd.conf.5.xml:3207 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -4400,7 +4480,7 @@ msgstr "" "en tant que fournisseur d'accès." #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:75 sssd-ad.5.xml:99 +#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:81 sssd-ad.5.xml:112 #: sssd-krb5.5.xml:63 sssd-ifp.5.xml:44 sssd-files.5.xml:57 #: sssd-secrets.5.xml:120 sssd-session-recording.5.xml:58 sssd-kcm.8.xml:139 msgid "CONFIGURATION OPTIONS" @@ -4522,7 +4602,7 @@ msgstr "" "http://www.ietf.org/rfc/rfc2254.txt" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:662 sssd-ad.5.xml:270 +#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:662 sssd-ad.5.xml:283 #: sss_override.8.xml:137 sss_override.8.xml:234 msgid "Examples:" msgstr "Exemples :" @@ -4754,7 +4834,7 @@ msgstr "" "L'attribut LDAP correspondant à l'id du groupe primaire de l'utilisateur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:297 sssd-ldap.5.xml:920 +#: sssd-ldap.5.xml:297 sssd-ldap.5.xml:929 msgid "Default: gidNumber" msgstr "Par défaut : gidNumber" @@ -4835,7 +4915,7 @@ msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:364 sssd-ldap.5.xml:946 +#: sssd-ldap.5.xml:364 sssd-ldap.5.xml:955 msgid "" "Default: not set in the general case, objectGUID for AD and ipaUniqueID for " "IPA" @@ -4858,7 +4938,7 @@ msgstr "" "n'est habituellement nécessaire que pour les serveurs Active Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:379 sssd-ldap.5.xml:961 +#: sssd-ldap.5.xml:379 sssd-ldap.5.xml:970 msgid "Default: objectSid for ActiveDirectory, not set for other servers." msgstr "" @@ -4868,7 +4948,7 @@ msgid "ldap_user_modify_timestamp (string)" msgstr "ldap_user_modify_timestamp (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:389 sssd-ldap.5.xml:971 sssd-ldap.5.xml:1194 +#: sssd-ldap.5.xml:389 sssd-ldap.5.xml:980 sssd-ldap.5.xml:1203 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." @@ -4877,7 +4957,7 @@ msgstr "" "l'objet parent." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:393 sssd-ldap.5.xml:975 sssd-ldap.5.xml:1201 +#: sssd-ldap.5.xml:393 sssd-ldap.5.xml:984 sssd-ldap.5.xml:1210 msgid "Default: modifyTimestamp" msgstr "Par défaut : modifyTimestamp" @@ -5271,7 +5351,7 @@ msgid "The LDAP attribute that contains the user's SSH public keys." msgstr "L'attribut LDAP qui contient les clés publiques SSH de l'utilisateur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:692 +#: sssd-ldap.5.xml:692 sssd-ldap.5.xml:1306 msgid "Default: sshPublicKey" msgstr "Par défaut : sshPublicKey" @@ -5343,8 +5423,8 @@ msgid "The LDAP attribute that corresponds to the user's full name." msgstr "L'attribut LDAP correspondant au nom complet de l'utilisateur." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:759 sssd-ldap.5.xml:1152 sssd-ldap.5.xml:1226 -#: sssd-ldap.5.xml:2276 sssd-ipa.5.xml:588 +#: sssd-ldap.5.xml:759 sssd-ldap.5.xml:1161 sssd-ldap.5.xml:1235 +#: sssd-ldap.5.xml:1344 sssd-ldap.5.xml:2394 sssd-ipa.5.xml:607 msgid "Default: cn" msgstr "Par défaut : cn" @@ -5360,7 +5440,7 @@ msgstr "" "L'attribut LDAP énumérant les groupes auquel appartient un utilisateur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:772 +#: sssd-ldap.5.xml:772 sssd-ldap.5.xml:1274 msgid "Default: memberOf" msgstr "Par défaut : memberOf" @@ -5534,81 +5614,91 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:881 +msgid "" +"Note: If an email address of a user conflicts with an email address or fully " +"qualified name of another user, then SSSD will not be able to serve those " +"users properly. If for some reason several users need to share the same " +"email address then set this option to a nonexistent attribute name in order " +"to disable user lookup/login by email." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:890 msgid "Default: mail" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:887 +#: sssd-ldap.5.xml:896 msgid "ldap_group_object_class (string)" msgstr "ldap_group_object_class (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:890 +#: sssd-ldap.5.xml:899 msgid "The object class of a group entry in LDAP." msgstr "La classe d'objet d'une entrée de groupe dans LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:893 +#: sssd-ldap.5.xml:902 msgid "Default: posixGroup" msgstr "Par défaut : posixGroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:899 +#: sssd-ldap.5.xml:908 msgid "ldap_group_name (string)" msgstr "ldap_group_name (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:902 +#: sssd-ldap.5.xml:911 msgid "The LDAP attribute that corresponds to the group name." msgstr "L'attribut LDAP correspondant au nom du groupe." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:906 +#: sssd-ldap.5.xml:915 msgid "Default: cn (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:913 +#: sssd-ldap.5.xml:922 msgid "ldap_group_gid_number (string)" msgstr "ldap_group_gid_number (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:916 +#: sssd-ldap.5.xml:925 msgid "The LDAP attribute that corresponds to the group's id." msgstr "L'attribut LDAP correspondant à l'identifiant de groupe." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:926 +#: sssd-ldap.5.xml:935 msgid "ldap_group_member (string)" msgstr "ldap_group_member (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:929 +#: sssd-ldap.5.xml:938 msgid "The LDAP attribute that contains the names of the group's members." msgstr "L'attribut LDAP contenant les noms des membres du groupe." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:933 +#: sssd-ldap.5.xml:942 msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" msgstr "Par défaut : memberuid (rfc2307) / member (rfc2307bis)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:939 +#: sssd-ldap.5.xml:948 msgid "ldap_group_uuid (string)" msgstr "ldap_group_uuid (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:942 +#: sssd-ldap.5.xml:951 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:953 +#: sssd-ldap.5.xml:962 msgid "ldap_group_objectsid (string)" msgstr "ldap_group_objectsid (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:956 +#: sssd-ldap.5.xml:965 msgid "" "The LDAP attribute that contains the objectSID of an LDAP group object. This " "is usually only necessary for ActiveDirectory servers." @@ -5617,17 +5707,17 @@ msgstr "" "n'est habituellement nécessaire que pour les serveurs Active Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:968 +#: sssd-ldap.5.xml:977 msgid "ldap_group_modify_timestamp (string)" msgstr "ldap_group_modify_timestamp (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:981 +#: sssd-ldap.5.xml:990 msgid "ldap_group_type (integer)" msgstr "ldap_group_type (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:984 +#: sssd-ldap.5.xml:993 msgid "" "The LDAP attribute that contains an integer value indicating the type of the " "group and maybe other flags." @@ -5636,7 +5726,7 @@ msgstr "" "voire d'autres indicateurs." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:989 +#: sssd-ldap.5.xml:998 msgid "" "This attribute is currently only used by the AD provider to determine if a " "group is a domain local groups and has to be filtered out for trusted " @@ -5647,34 +5737,34 @@ msgstr "" "hors des domaines approuvés." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:995 +#: sssd-ldap.5.xml:1004 msgid "Default: groupType in the AD provider, otherwise not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1002 +#: sssd-ldap.5.xml:1011 msgid "ldap_group_external_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1005 +#: sssd-ldap.5.xml:1014 msgid "" "The LDAP attribute that references group members that are defined in an " "external domain. At the moment, only IPA's external members are supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1011 +#: sssd-ldap.5.xml:1020 msgid "Default: ipaExternalMember in the IPA provider, otherwise unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1018 +#: sssd-ldap.5.xml:1027 msgid "ldap_group_nesting_level (integer)" msgstr "ldap_group_nesting_level (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1021 +#: sssd-ldap.5.xml:1030 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -5686,7 +5776,7 @@ msgstr "" "schéma RFC2307." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1028 +#: sssd-ldap.5.xml:1037 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -5696,7 +5786,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1037 +#: sssd-ldap.5.xml:1046 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " @@ -5706,17 +5796,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1046 +#: sssd-ldap.5.xml:1055 msgid "Default: 2" msgstr "Par défaut : 2" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1052 +#: sssd-ldap.5.xml:1061 msgid "ldap_groups_use_matching_rule_in_chain" msgstr "ldap_groups_use_matching_rule_in_chain" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1055 +#: sssd-ldap.5.xml:1064 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which may speed up group lookup operations on deployments with " @@ -5728,7 +5818,7 @@ msgstr "" "complexes." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1061 +#: sssd-ldap.5.xml:1070 msgid "" "In most common cases, it is best to leave this option disabled. It generally " "only provides a performance increase on very complex nestings." @@ -5738,7 +5828,7 @@ msgstr "" "imbrications très complexes." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1066 sssd-ldap.5.xml:1093 +#: sssd-ldap.5.xml:1075 sssd-ldap.5.xml:1102 msgid "" "If this option is enabled, SSSD will use it if it detects that the server " "supports it during initial connection. So \"True\" here essentially means " @@ -5749,7 +5839,7 @@ msgstr "" "essentiellement « auto-detect »." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1072 sssd-ldap.5.xml:1099 +#: sssd-ldap.5.xml:1081 sssd-ldap.5.xml:1108 msgid "" "Note: This feature is currently known to work only with Active Directory " "2008 R1 and later. See <ulink url=\"http://msdn.microsoft.com/en-us/library/" @@ -5762,12 +5852,12 @@ msgstr "" "documentation de MSDN(TM)</ulink> pour plus de détails." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1084 +#: sssd-ldap.5.xml:1093 msgid "ldap_initgroups_use_matching_rule_in_chain" msgstr "ldap_initgroups_use_matching_rule_in_chain" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1087 +#: sssd-ldap.5.xml:1096 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which might speed up initgroups operations (most notably when " @@ -5779,7 +5869,7 @@ msgstr "" "complexes)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1114 +#: sssd-ldap.5.xml:1123 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." @@ -5789,76 +5879,76 @@ msgstr "" "2008 et versions ultérieures." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1119 +#: sssd-ldap.5.xml:1128 msgid "Default: True for AD and IPA otherwise False." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1125 +#: sssd-ldap.5.xml:1134 msgid "ldap_netgroup_object_class (string)" msgstr "ldap_netgroup_object_class (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1128 +#: sssd-ldap.5.xml:1137 msgid "The object class of a netgroup entry in LDAP." msgstr "La classe d'objet d'une entrée de netgroup dans LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1131 +#: sssd-ldap.5.xml:1140 msgid "In IPA provider, ipa_netgroup_object_class should be used instead." msgstr "" "Pour un fournisseur IPA, ipa_netgroup_object_class doit être utilisé à la " "place." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1135 +#: sssd-ldap.5.xml:1144 msgid "Default: nisNetgroup" msgstr "Par défaut : nisNetgroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1141 +#: sssd-ldap.5.xml:1150 msgid "ldap_netgroup_name (string)" msgstr "ldap_netgroup_name (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1144 +#: sssd-ldap.5.xml:1153 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "L'attribut LDAP correspondant au nom du netgroup." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1148 +#: sssd-ldap.5.xml:1157 msgid "In IPA provider, ipa_netgroup_name should be used instead." msgstr "" "Dans le fournisseur IPA, ipa_netgroup_name doit être utilisé à la place." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1158 +#: sssd-ldap.5.xml:1167 msgid "ldap_netgroup_member (string)" msgstr "ldap_netgroup_member (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1161 +#: sssd-ldap.5.xml:1170 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "L'attribut LDAP contenant les noms des membres du netgroup." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1165 +#: sssd-ldap.5.xml:1174 msgid "In IPA provider, ipa_netgroup_member should be used instead." msgstr "" "Dans le fournisseur IPA, ipa_netgroup_member doit être utilisé à la place." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1169 +#: sssd-ldap.5.xml:1178 msgid "Default: memberNisNetgroup" msgstr "Par défaut : memberNisNetgroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1175 +#: sssd-ldap.5.xml:1184 msgid "ldap_netgroup_triple (string)" msgstr "ldap_netgroup_triple (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1178 +#: sssd-ldap.5.xml:1187 msgid "" "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" @@ -5866,42 +5956,179 @@ msgstr "" "netgroup." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1182 sssd-ldap.5.xml:1198 +#: sssd-ldap.5.xml:1191 sssd-ldap.5.xml:1207 msgid "This option is not available in IPA provider." msgstr "Cette option n'est pas disponible dans le fournisseur IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1185 +#: sssd-ldap.5.xml:1194 msgid "Default: nisNetgroupTriple" msgstr "Par défaut : nisNetgroupTriple" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1191 +#: sssd-ldap.5.xml:1200 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "ldap_netgroup_modify_timestamp (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1207 -msgid "ldap_service_object_class (string)" -msgstr "ldap_service_object_class (chaîne)" +#: sssd-ldap.5.xml:1216 +#, fuzzy +#| msgid "ldap_user_object_class (string)" +msgid "ldap_host_object_class (string)" +msgstr "ldap_user_object_class (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1210 -msgid "The object class of a service entry in LDAP." -msgstr "La classe d'objet d'une entrée de service LDAP." +#: sssd-ldap.5.xml:1219 +#, fuzzy +#| msgid "The object class of a user entry in LDAP." +msgid "The object class of a host entry in LDAP." +msgstr "La classe d'objet d'une entrée utilisateur dans LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1213 +#: sssd-ldap.5.xml:1222 sssd-ldap.5.xml:1331 msgid "Default: ipService" msgstr "Par défaut : ipService" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1219 +#: sssd-ldap.5.xml:1228 +#, fuzzy +#| msgid "ad_hostname (string)" +msgid "ldap_host_name (string)" +msgstr "ad_hostname (string)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1231 sssd-ldap.5.xml:1257 +#, fuzzy +#| msgid "The LDAP attribute that corresponds to the group name." +msgid "The LDAP attribute that corresponds to the host's name." +msgstr "L'attribut LDAP correspondant au nom du groupe." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1241 +#, fuzzy +#| msgid "ldap_pwdlockout_dn (string)" +msgid "ldap_host_fqdn (string)" +msgstr "ldap_pwdlockout_dn (chaîne)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1244 +#, fuzzy +#| msgid "The LDAP attribute that corresponds to the user's full name." +msgid "" +"The LDAP attribute that corresponds to the host's fully-qualified domain " +"name." +msgstr "L'attribut LDAP correspondant au nom complet de l'utilisateur." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1248 +#, fuzzy +#| msgid "Default: cn" +msgid "Default: fqdn" +msgstr "Par défaut : cn" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1254 +#, fuzzy +#| msgid "ldap_dns_service_name (string)" +msgid "ldap_host_serverhostname (string)" +msgstr "ldap_dns_service_name (chaîne)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1261 +#, fuzzy +#| msgid "Default: sudoHost" +msgid "Default: serverHostname" +msgstr "Par défaut : sudoHost" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1267 +#, fuzzy +#| msgid "ldap_user_member_of (string)" +msgid "ldap_host_member_of (string)" +msgstr "ldap_user_member_of (chaîne)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1270 +#, fuzzy +#| msgid "The LDAP attribute that lists the user's group memberships." +msgid "The LDAP attribute that lists the host's group memberships." +msgstr "" +"L'attribut LDAP énumérant les groupes auquel appartient un utilisateur." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1280 +#, fuzzy +#| msgid "ipa_host_search_base (string)" +msgid "ldap_host_search_base (string)" +msgstr "ipa_host_search_base (string)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1283 +msgid "Optional. Use the given string as search base for host objects." +msgstr "" +"Facultatif. Utiliser la chaîne donnée comme base de recherche pour héberger " +"des objets." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1287 sssd-ipa.5.xml:359 sssd-ipa.5.xml:378 +#: sssd-ipa.5.xml:397 sssd-ipa.5.xml:416 +msgid "" +"See <quote>ldap_search_base</quote> for information about configuring " +"multiple search bases." +msgstr "" +"Cf. <quote>ldap_search_base</quote> pour plus d'informations sur la " +"configuration des bases de recherche multiples." + +#. type: Content of: <listitem><para> +#: sssd-ldap.5.xml:1292 sssd-ipa.5.xml:364 include/ldap_search_bases.xml:27 +msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" +msgstr "Par défaut : la valeur de <emphasis>ldap_search_base</emphasis>" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1299 +#, fuzzy +#| msgid "ldap_user_ssh_public_key (string)" +msgid "ldap_host_ssh_public_key (string)" +msgstr "ldap_user_ssh_public_key (chaîne)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1302 +#, fuzzy +#| msgid "The LDAP attribute that contains the user's SSH public keys." +msgid "The LDAP attribute that contains the host's SSH public keys." +msgstr "L'attribut LDAP qui contient les clés publiques SSH de l'utilisateur." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1312 +#, fuzzy +#| msgid "ldap_user_uuid (string)" +msgid "ldap_host_uuid (string)" +msgstr "ldap_user_uuid (chaîne)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1315 +#, fuzzy +#| msgid "The LDAP attribute that contains the port managed by this service." +msgid "The LDAP attribute that contains the UUID/GUID of an LDAP host object." +msgstr "L'attribut LDAP qui contient le port géré par ce service." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1325 +msgid "ldap_service_object_class (string)" +msgstr "ldap_service_object_class (chaîne)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1328 +msgid "The object class of a service entry in LDAP." +msgstr "La classe d'objet d'une entrée de service LDAP." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1337 msgid "ldap_service_name (string)" msgstr "ldap_service_name (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1222 +#: sssd-ldap.5.xml:1340 msgid "" "The LDAP attribute that contains the name of service attributes and their " "aliases." @@ -5910,48 +6137,48 @@ msgstr "" "alias." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1232 +#: sssd-ldap.5.xml:1350 msgid "ldap_service_port (string)" msgstr "ldap_service_port (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1235 +#: sssd-ldap.5.xml:1353 msgid "The LDAP attribute that contains the port managed by this service." msgstr "L'attribut LDAP qui contient le port géré par ce service." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1239 +#: sssd-ldap.5.xml:1357 msgid "Default: ipServicePort" msgstr "Par défaut : ipServicePort" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1245 +#: sssd-ldap.5.xml:1363 msgid "ldap_service_proto (string)" msgstr "ldap_service_proto (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1248 +#: sssd-ldap.5.xml:1366 msgid "" "The LDAP attribute that contains the protocols understood by this service." msgstr "L'attribut LDAP qui contient les protocoles compris par ce service." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1252 +#: sssd-ldap.5.xml:1370 msgid "Default: ipServiceProtocol" msgstr "Par défaut : ipServiceProtocol" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1258 +#: sssd-ldap.5.xml:1376 msgid "ldap_service_search_base (string)" msgstr "ldap_service_search_base (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1263 +#: sssd-ldap.5.xml:1381 msgid "ldap_search_timeout (integer)" msgstr "ldap_search_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1266 +#: sssd-ldap.5.xml:1384 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -5962,7 +6189,7 @@ msgstr "" "activation du mode hors ligne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1272 +#: sssd-ldap.5.xml:1390 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -5973,12 +6200,12 @@ msgstr "" "différents types de recherches." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1284 +#: sssd-ldap.5.xml:1402 msgid "ldap_enumeration_search_timeout (integer)" msgstr "ldap_enumeration_search_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1287 +#: sssd-ldap.5.xml:1405 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -5989,12 +6216,12 @@ msgstr "" "résultats mis en cache (et activation du mode hors ligne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1300 +#: sssd-ldap.5.xml:1418 msgid "ldap_network_timeout (integer)" msgstr "ldap_network_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1303 +#: sssd-ldap.5.xml:1421 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -6011,12 +6238,12 @@ msgstr "" "citerefentry> rendent la main en cas d'inactivité." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1326 +#: sssd-ldap.5.xml:1444 msgid "ldap_opt_timeout (integer)" msgstr "ldap_opt_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1329 +#: sssd-ldap.5.xml:1447 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -6025,12 +6252,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1344 +#: sssd-ldap.5.xml:1462 msgid "ldap_connection_expire_timeout (integer)" msgstr "ldap_connection_expire_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1347 +#: sssd-ldap.5.xml:1465 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -6043,17 +6270,17 @@ msgstr "" "courte des deux valeurs entre celle-ci et la durée de vie TGT sera utilisée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1355 sssd-ldap.5.xml:2433 +#: sssd-ldap.5.xml:1473 sssd-ldap.5.xml:2551 msgid "Default: 900 (15 minutes)" msgstr "Par défaut : 900 (15 minutes)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1361 +#: sssd-ldap.5.xml:1479 msgid "ldap_page_size (integer)" msgstr "ldap_page_size (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1364 +#: sssd-ldap.5.xml:1482 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." @@ -6062,17 +6289,17 @@ msgstr "" "Certains serveurs LDAP imposent une limite maximale par requête." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1369 +#: sssd-ldap.5.xml:1487 msgid "Default: 1000" msgstr "Par défaut : 1000" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1375 +#: sssd-ldap.5.xml:1493 msgid "ldap_disable_paging (boolean)" msgstr "ldap_disable_paging (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1378 +#: sssd-ldap.5.xml:1496 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -6084,7 +6311,7 @@ msgstr "" "correctement." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1384 +#: sssd-ldap.5.xml:1502 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." @@ -6094,7 +6321,7 @@ msgstr "" "sera impossible de l'utiliser." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1390 +#: sssd-ldap.5.xml:1508 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -6105,17 +6332,17 @@ msgstr "" "cela peut entraîner l'échec de certaines demandes." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1402 +#: sssd-ldap.5.xml:1520 msgid "ldap_disable_range_retrieval (boolean)" msgstr "ldap_disable_range_retrieval (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1405 +#: sssd-ldap.5.xml:1523 msgid "Disable Active Directory range retrieval." msgstr "Désactiver la récupération de plage Active Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1408 +#: sssd-ldap.5.xml:1526 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -6131,12 +6358,12 @@ msgstr "" "apparaissant ainsi sans aucun membre." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1423 +#: sssd-ldap.5.xml:1541 msgid "ldap_sasl_minssf (integer)" msgstr "ldap_sasl_minssf (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1426 +#: sssd-ldap.5.xml:1544 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -6147,19 +6374,19 @@ msgstr "" "de cette option sont définies par OpenLDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1432 +#: sssd-ldap.5.xml:1550 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" "Par défaut : Utiliser la valeur par défaut du système (généralement spécifié " "par ldap.conf)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1439 +#: sssd-ldap.5.xml:1557 msgid "ldap_deref_threshold (integer)" msgstr "ldap_deref_threshold (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1442 +#: sssd-ldap.5.xml:1560 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -6170,7 +6397,7 @@ msgstr "" "membres manquants est inférieur, ils sont recherchés individuellement." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1448 +#: sssd-ldap.5.xml:1566 msgid "" "You can turn off dereference lookups completely by setting the value to 0." msgstr "" @@ -6178,7 +6405,7 @@ msgstr "" "affectant la valeur 0." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1452 +#: sssd-ldap.5.xml:1570 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -6191,7 +6418,7 @@ msgstr "" "acceptés sont 389/RHDS, OpenLDAP et Active Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1460 +#: sssd-ldap.5.xml:1578 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -6202,12 +6429,12 @@ msgstr "" "déréférencement est désactivée indépendamment de ce paramètre." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1473 +#: sssd-ldap.5.xml:1591 msgid "ldap_tls_reqcert (string)" msgstr "ldap_tls_reqcert (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1476 +#: sssd-ldap.5.xml:1594 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" @@ -6216,7 +6443,7 @@ msgstr "" "session TLS, si elle existe. Une des valeurs suivantes est utilisable :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1482 +#: sssd-ldap.5.xml:1600 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." @@ -6225,7 +6452,7 @@ msgstr "" "quelconque certificat du serveur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1486 +#: sssd-ldap.5.xml:1604 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -6236,7 +6463,7 @@ msgstr "" "certificat est fourni, il est ignoré et la session continue normalement." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1493 +#: sssd-ldap.5.xml:1611 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -6247,7 +6474,7 @@ msgstr "" "certificat est fourni, la session se termine immédiatement." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1499 +#: sssd-ldap.5.xml:1617 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -6258,22 +6485,22 @@ msgstr "" "immédiatement." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1505 +#: sssd-ldap.5.xml:1623 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "<emphasis>hard</emphasis> : identique à <quote>demand</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1509 +#: sssd-ldap.5.xml:1627 msgid "Default: hard" msgstr "Par défaut : hard" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1515 +#: sssd-ldap.5.xml:1633 msgid "ldap_tls_cacert (string)" msgstr "ldap_tls_cacert (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1518 +#: sssd-ldap.5.xml:1636 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." @@ -6282,7 +6509,7 @@ msgstr "" "certification que <command>sssd</command> reconnaîtra." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1523 sssd-ldap.5.xml:1541 sssd-ldap.5.xml:1582 +#: sssd-ldap.5.xml:1641 sssd-ldap.5.xml:1659 sssd-ldap.5.xml:1700 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" @@ -6291,12 +6518,12 @@ msgstr "" "<filename>/etc/openldap/ldap.conf</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1530 +#: sssd-ldap.5.xml:1648 msgid "ldap_tls_cacertdir (string)" msgstr "ldap_tls_cacertdir (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1533 +#: sssd-ldap.5.xml:1651 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -6310,32 +6537,32 @@ msgstr "" "corrects." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1548 +#: sssd-ldap.5.xml:1666 msgid "ldap_tls_cert (string)" msgstr "ldap_tls_cert (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1551 +#: sssd-ldap.5.xml:1669 msgid "Specifies the file that contains the certificate for the client's key." msgstr "Définit le fichier qui contient le certificat pour la clef du client." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1561 +#: sssd-ldap.5.xml:1679 msgid "ldap_tls_key (string)" msgstr "ldap_tls_key (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1564 +#: sssd-ldap.5.xml:1682 msgid "Specifies the file that contains the client's key." msgstr "Définit le fichier qui contient la clef du client." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1573 +#: sssd-ldap.5.xml:1691 msgid "ldap_tls_cipher_suite (string)" msgstr "ldap_tls_cipher_suite (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1576 +#: sssd-ldap.5.xml:1694 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -6343,12 +6570,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1589 +#: sssd-ldap.5.xml:1707 msgid "ldap_id_use_start_tls (boolean)" msgstr "ldap_id_use_start_tls (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1592 +#: sssd-ldap.5.xml:1710 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." @@ -6358,12 +6585,12 @@ msgstr "" "canal." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1602 +#: sssd-ldap.5.xml:1720 msgid "ldap_id_mapping (boolean)" msgstr "ldap_id_mapping (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1605 +#: sssd-ldap.5.xml:1723 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -6375,19 +6602,19 @@ msgstr "" "ldap_group_gid_number." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1611 +#: sssd-ldap.5.xml:1729 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" "Cette fonctionnalité ne prend actuellement en charge que la correspondance " "par objectSID avec Active Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1621 +#: sssd-ldap.5.xml:1739 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1624 +#: sssd-ldap.5.xml:1742 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -6407,17 +6634,17 @@ msgstr "" "identifiants." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1636 +#: sssd-ldap.5.xml:1754 msgid "Default: not set (both options are set to 0)" msgstr "Par défaut : non indiqué (les deux options sont à 0)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1642 +#: sssd-ldap.5.xml:1760 msgid "ldap_sasl_mech (string)" msgstr "ldap_sasl_mech (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1645 +#: sssd-ldap.5.xml:1763 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI is tested and " "supported." @@ -6426,12 +6653,12 @@ msgstr "" "pris en charge." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1655 +#: sssd-ldap.5.xml:1773 msgid "ldap_sasl_authid (string)" msgstr "ldap_sasl_authid (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1658 +#: sssd-ldap.5.xml:1776 msgid "" "Specify the SASL authorization id to use. When GSSAPI is used, this " "represents the Kerberos principal used for authentication to the directory. " @@ -6445,17 +6672,17 @@ msgstr "" "exemple host/myhost)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1666 +#: sssd-ldap.5.xml:1784 msgid "Default: host/hostname@REALM" msgstr "Par défaut : host/hostname@REALM" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1672 +#: sssd-ldap.5.xml:1790 msgid "ldap_sasl_realm (string)" msgstr "ldap_sasl_realm (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1675 +#: sssd-ldap.5.xml:1793 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -6466,17 +6693,17 @@ msgstr "" "domaine, cette option est ignorée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1681 +#: sssd-ldap.5.xml:1799 msgid "Default: the value of krb5_realm." msgstr "Par défaut : la valeur de krb5_realm." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1687 +#: sssd-ldap.5.xml:1805 msgid "ldap_sasl_canonicalize (boolean)" msgstr "ldap_sasl_canonicalize (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1690 +#: sssd-ldap.5.xml:1808 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." @@ -6485,34 +6712,34 @@ msgstr "" "le nom de l'hôte au cours d'une liaison SASL." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1695 +#: sssd-ldap.5.xml:1813 msgid "Default: false;" msgstr "Défaut : false;" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1701 +#: sssd-ldap.5.xml:1819 msgid "ldap_krb5_keytab (string)" msgstr "ldap_krb5_keytab (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1704 +#: sssd-ldap.5.xml:1822 msgid "Specify the keytab to use when using SASL/GSSAPI." msgstr "Définit le fichier keytab à utiliser pour utiliser SASL/GSSAPI." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1707 +#: sssd-ldap.5.xml:1825 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" "Par défaut : le fichier keytab du système, normalement <filename>/etc/krb5." "keytab</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1713 +#: sssd-ldap.5.xml:1831 msgid "ldap_krb5_init_creds (boolean)" msgstr "ldap_krb5_init_creds (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1716 +#: sssd-ldap.5.xml:1834 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -6523,27 +6750,27 @@ msgstr "" "SASL est utilisé et que le mécanisme choisi est GSSAPI." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1728 +#: sssd-ldap.5.xml:1846 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "ldap_krb5_ticket_lifetime (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1731 +#: sssd-ldap.5.xml:1849 msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." msgstr "Définit la durée de vie, en secondes, des TGT si GSSAPI est utilisé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1735 sssd-ad.5.xml:914 +#: sssd-ldap.5.xml:1853 sssd-ad.5.xml:934 msgid "Default: 86400 (24 hours)" msgstr "Par défaut : 86400 (24 heures)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1741 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1859 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "krb5_server, krb5_backup_server (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1744 +#: sssd-ldap.5.xml:1862 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -6563,7 +6790,7 @@ msgstr "" "<quote>DÉCOUVERTE DE SERVICES</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1756 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1874 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -6574,7 +6801,7 @@ msgstr "" "comme protocole, et passe sur _tcp si aucune entrée n'est trouvée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1761 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1879 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -6586,29 +6813,29 @@ msgstr "" "l'utilisation de <quote>krb5_server</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1770 sssd-ipa.5.xml:432 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1888 sssd-ipa.5.xml:428 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "krb5_realm (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1773 +#: sssd-ldap.5.xml:1891 msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." msgstr "Définit le DOMAINE de Kerberos (pour l'authentification SASL/GSSAPI)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1776 +#: sssd-ldap.5.xml:1894 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" "Par défaut : valeur par défaut du système, voir <filename>/etc/krb5.conf</" "filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1782 sssd-krb5.5.xml:462 +#: sssd-ldap.5.xml:1900 sssd-krb5.5.xml:462 msgid "krb5_canonicalize (boolean)" msgstr "krb5_canonicalize (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1785 +#: sssd-ldap.5.xml:1903 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" @@ -6618,12 +6845,12 @@ msgstr "" "Kerberos > = 1.7" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1797 sssd-krb5.5.xml:477 +#: sssd-ldap.5.xml:1915 sssd-krb5.5.xml:477 msgid "krb5_use_kdcinfo (boolean)" msgstr "krb5_use_kdcinfo (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1800 sssd-krb5.5.xml:480 +#: sssd-ldap.5.xml:1918 sssd-krb5.5.xml:480 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -6638,7 +6865,7 @@ msgstr "" "<manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1811 sssd-krb5.5.xml:491 +#: sssd-ldap.5.xml:1929 sssd-krb5.5.xml:491 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -6650,12 +6877,12 @@ msgstr "" "localisation." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1825 +#: sssd-ldap.5.xml:1943 msgid "ldap_pwd_policy (string)" msgstr "ldap_pwd_policy (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1828 +#: sssd-ldap.5.xml:1946 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" @@ -6664,7 +6891,7 @@ msgstr "" "valeurs suivantes sont acceptées :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1833 +#: sssd-ldap.5.xml:1951 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." @@ -6673,7 +6900,7 @@ msgstr "" "peut pas désactiver la politique sur les mots de passe du côté serveur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1838 +#: sssd-ldap.5.xml:1956 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -6684,7 +6911,7 @@ msgstr "" "manvolnum></citerefentry> pour évaluer si le mot de passe a expiré." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1844 +#: sssd-ldap.5.xml:1962 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -6696,7 +6923,7 @@ msgstr "" "est changé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1853 +#: sssd-ldap.5.xml:1971 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." @@ -6705,17 +6932,17 @@ msgstr "" "côté serveur, elle prend le pas sur la politique indiquée avec cette option." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1861 +#: sssd-ldap.5.xml:1979 msgid "ldap_referrals (boolean)" msgstr "ldap_referrals (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1864 +#: sssd-ldap.5.xml:1982 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "Définit si le déréférencement automatique doit être activé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1868 +#: sssd-ldap.5.xml:1986 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." @@ -6724,7 +6951,7 @@ msgstr "" "compilé avec OpenLDAP version 2.4.13 ou supérieur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1873 +#: sssd-ldap.5.xml:1991 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -6738,29 +6965,29 @@ msgstr "" "permettre d'améliorer de façon notable les performances." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1887 +#: sssd-ldap.5.xml:2005 msgid "ldap_dns_service_name (string)" msgstr "ldap_dns_service_name (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1890 +#: sssd-ldap.5.xml:2008 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" "Définit le nom de service à utiliser quand la découverte de services est " "activée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1894 +#: sssd-ldap.5.xml:2012 msgid "Default: ldap" msgstr "Par défaut : ldap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1900 +#: sssd-ldap.5.xml:2018 msgid "ldap_chpass_dns_service_name (string)" msgstr "ldap_chpass_dns_service_name (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1903 +#: sssd-ldap.5.xml:2021 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." @@ -6769,19 +6996,19 @@ msgstr "" "un changement de mot de passe quand la découverte de services est activée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1908 +#: sssd-ldap.5.xml:2026 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" "Par défaut : non défini, c'est-à-dire que le service de découverte est " "désactivé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1914 +#: sssd-ldap.5.xml:2032 msgid "ldap_chpass_update_last_change (bool)" msgstr "ldap_chpass_update_last_change (bool)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1917 +#: sssd-ldap.5.xml:2035 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." @@ -6791,12 +7018,12 @@ msgstr "" "de passe." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1929 +#: sssd-ldap.5.xml:2047 msgid "ldap_access_filter (string)" msgstr "ldap_access_filter (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1932 +#: sssd-ldap.5.xml:2050 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -6812,12 +7039,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1952 +#: sssd-ldap.5.xml:2070 msgid "Example:" msgstr "Exemple :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1955 +#: sssd-ldap.5.xml:2073 #, no-wrap msgid "" "access_provider = ldap\n" @@ -6829,7 +7056,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1959 +#: sssd-ldap.5.xml:2077 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." @@ -6838,7 +7065,7 @@ msgstr "" "dont l'attribut employeeType est « admin »." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1964 +#: sssd-ldap.5.xml:2082 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -6847,17 +7074,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1972 sssd-ldap.5.xml:2029 +#: sssd-ldap.5.xml:2090 sssd-ldap.5.xml:2147 msgid "Default: Empty" msgstr "Par défaut : vide" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1978 +#: sssd-ldap.5.xml:2096 msgid "ldap_account_expire_policy (string)" msgstr "ldap_account_expire_policy (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1981 +#: sssd-ldap.5.xml:2099 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." @@ -6866,7 +7093,7 @@ msgstr "" "être activée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1985 +#: sssd-ldap.5.xml:2103 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -6878,12 +7105,12 @@ msgstr "" "correct." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1992 +#: sssd-ldap.5.xml:2110 msgid "The following values are allowed:" msgstr "Les valeurs suivantes sont autorisées :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1995 +#: sssd-ldap.5.xml:2113 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." @@ -6892,7 +7119,7 @@ msgstr "" "pour déterminer si le compte a expiré." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2000 +#: sssd-ldap.5.xml:2118 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -6905,7 +7132,7 @@ msgstr "" "d'expiration du compte est aussi vérifiée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2007 +#: sssd-ldap.5.xml:2125 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -6916,7 +7143,7 @@ msgstr "" "l'accès est autorisé ou non." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2013 +#: sssd-ldap.5.xml:2131 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -6929,7 +7156,7 @@ msgstr "" "est autorisé. Si les deux attributs sont manquants, l'accès est autorisé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2022 +#: sssd-ldap.5.xml:2140 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -6940,24 +7167,24 @@ msgstr "" "ldap_account_expire_policy de fonctionner." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2035 +#: sssd-ldap.5.xml:2153 msgid "ldap_access_order (string)" msgstr "ldap_access_order (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2038 +#: sssd-ldap.5.xml:2156 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" "Liste séparées par des virgules des options de contrôles d'accès. Les " "valeurs autorisées sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2042 +#: sssd-ldap.5.xml:2160 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "<emphasis>filter</emphasis> : utiliser ldap_access_filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2045 +#: sssd-ldap.5.xml:2163 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6967,14 +7194,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2055 +#: sssd-ldap.5.xml:2173 msgid "" "<emphasis> Please note that this option is superseded by the <quote>ppolicy</" "quote> option and might be removed in a future release. </emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2062 +#: sssd-ldap.5.xml:2180 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6987,12 +7214,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2079 +#: sssd-ldap.5.xml:2197 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "<emphasis>expire</emphasis>: utiliser ldap_account_expire_policy" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2083 +#: sssd-ldap.5.xml:2201 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " @@ -7002,7 +7229,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2093 +#: sssd-ldap.5.xml:2211 msgid "" "The difference between these options is the action taken if user password is " "expired: pwd_expire_policy_reject - user is denied to log in, " @@ -7012,20 +7239,20 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2101 +#: sssd-ldap.5.xml:2219 msgid "" "Note If user password is expired no explicit message is prompted by SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2105 +#: sssd-ldap.5.xml:2223 msgid "" "Please note that 'access_provider = ldap' must be set for this feature to " "work. Also 'ldap_pwd_policy' must be set to an appropriate password policy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2110 +#: sssd-ldap.5.xml:2228 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" @@ -7034,13 +7261,13 @@ msgstr "" "authorizedService pour déterminer l'accès" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2115 +#: sssd-ldap.5.xml:2233 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" "<emphasis>host</emphasis> : utilise l'attribut host pour déterminer l'accès" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2119 +#: sssd-ldap.5.xml:2237 #, fuzzy #| msgid "" #| "<emphasis>host</emphasis>: use the host attribute to determine access" @@ -7051,19 +7278,19 @@ msgstr "" "<emphasis>host</emphasis> : utilise l'attribut host pour déterminer l'accès" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2123 +#: sssd-ldap.5.xml:2241 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control option" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2128 +#: sssd-ldap.5.xml:2246 msgid "Default: filter" msgstr "Par défaut : filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2131 +#: sssd-ldap.5.xml:2249 msgid "" "Please note that it is a configuration error if a value is used more than " "once." @@ -7072,12 +7299,12 @@ msgstr "" "de configuration." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2138 +#: sssd-ldap.5.xml:2256 msgid "ldap_pwdlockout_dn (string)" msgstr "ldap_pwdlockout_dn (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2141 +#: sssd-ldap.5.xml:2259 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " @@ -7086,22 +7313,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2149 +#: sssd-ldap.5.xml:2267 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "Exemple : cn=ppolicy,ou=policies,dc=example,dc=com" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2152 +#: sssd-ldap.5.xml:2270 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2158 +#: sssd-ldap.5.xml:2276 msgid "ldap_deref (string)" msgstr "ldap_deref (chaînes)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2161 +#: sssd-ldap.5.xml:2279 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" @@ -7110,12 +7337,12 @@ msgstr "" "recherche. Les options suivantes sont autorisées :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2166 +#: sssd-ldap.5.xml:2284 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "<emphasis>never</emphasis> : les alias ne sont jamais déréférencés." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2170 +#: sssd-ldap.5.xml:2288 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." @@ -7125,7 +7352,7 @@ msgstr "" "recherche." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2175 +#: sssd-ldap.5.xml:2293 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." @@ -7134,7 +7361,7 @@ msgstr "" "la localisation de l'objet de base de la recherche." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2180 +#: sssd-ldap.5.xml:2298 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." @@ -7143,7 +7370,7 @@ msgstr "" "recherche et et la localisation de l'objet de base de la recherche." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2185 +#: sssd-ldap.5.xml:2303 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" @@ -7152,12 +7379,12 @@ msgstr "" "bibliothèques clientes LDAP)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2193 +#: sssd-ldap.5.xml:2311 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "ldap_rfc2307_fallback_to_local_users (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2196 +#: sssd-ldap.5.xml:2314 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." @@ -7166,7 +7393,7 @@ msgstr "" "LDAP pour les serveurs qui utilisent le schéma RFC2307." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2200 +#: sssd-ldap.5.xml:2318 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -7184,7 +7411,7 @@ msgstr "" "initgoups()." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2211 +#: sssd-ldap.5.xml:2329 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -7195,26 +7422,26 @@ msgstr "" "ajoutent les utilisateurs locaux aux groupes LDAP." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2223 sssd-ifp.5.xml:136 +#: sssd-ldap.5.xml:2341 sssd-ifp.5.xml:136 #, fuzzy #| msgid "ldap_opt_timeout (integer)" msgid "wildcard_limit (integer)" msgstr "ldap_opt_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2226 +#: sssd-ldap.5.xml:2344 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2230 +#: sssd-ldap.5.xml:2348 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2234 +#: sssd-ldap.5.xml:2352 msgid "Default: 1000 (often the size of one page)" msgstr "" @@ -7234,12 +7461,12 @@ msgstr "" "détails. <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2244 +#: sssd-ldap.5.xml:2362 msgid "SUDO OPTIONS" msgstr "OPTIONS DE SUDO" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2246 +#: sssd-ldap.5.xml:2364 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -7247,52 +7474,52 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2257 +#: sssd-ldap.5.xml:2375 msgid "ldap_sudorule_object_class (string)" msgstr "ldap_sudorule_object_class (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2260 +#: sssd-ldap.5.xml:2378 msgid "The object class of a sudo rule entry in LDAP." msgstr "La classe d'objet d'une entrée de règle de sudo dans LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2263 +#: sssd-ldap.5.xml:2381 msgid "Default: sudoRole" msgstr "Par défaut : sudoRole" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2269 +#: sssd-ldap.5.xml:2387 msgid "ldap_sudorule_name (string)" msgstr "ldap_sudorule_name (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2272 +#: sssd-ldap.5.xml:2390 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "L'attribut LDAP qui correspond au nom de la règle de sudo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2282 +#: sssd-ldap.5.xml:2400 msgid "ldap_sudorule_command (string)" msgstr "ldap_sudorule_command (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2285 +#: sssd-ldap.5.xml:2403 msgid "The LDAP attribute that corresponds to the command name." msgstr "L'attribut LDAP qui correspond au nom de la commande." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2289 +#: sssd-ldap.5.xml:2407 msgid "Default: sudoCommand" msgstr "Par défaut : sudoCommand" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2295 +#: sssd-ldap.5.xml:2413 msgid "ldap_sudorule_host (string)" msgstr "ldap_sudorule_host (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2298 +#: sssd-ldap.5.xml:2416 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" @@ -7301,17 +7528,17 @@ msgstr "" "réseau IP de l'hôte ou netgroup de l'hôte)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2303 +#: sssd-ldap.5.xml:2421 msgid "Default: sudoHost" msgstr "Par défaut : sudoHost" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2309 +#: sssd-ldap.5.xml:2427 msgid "ldap_sudorule_user (string)" msgstr "ldap_sudorule_user (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2312 +#: sssd-ldap.5.xml:2430 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" @@ -7320,32 +7547,32 @@ msgstr "" "groupe ou netgroup de l'utilisateur)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2316 +#: sssd-ldap.5.xml:2434 msgid "Default: sudoUser" msgstr "Par défaut : sudoUser" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2322 +#: sssd-ldap.5.xml:2440 msgid "ldap_sudorule_option (string)" msgstr "ldap_sudorule_option (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2325 +#: sssd-ldap.5.xml:2443 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "L'attribut LDAP qui correspond aux options sudo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2329 +#: sssd-ldap.5.xml:2447 msgid "Default: sudoOption" msgstr "Par défaut : sudoOption" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2335 +#: sssd-ldap.5.xml:2453 msgid "ldap_sudorule_runasuser (string)" msgstr "ldap_sudorule_runasuser (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2338 +#: sssd-ldap.5.xml:2456 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." @@ -7354,17 +7581,17 @@ msgstr "" "nom d'utilisateur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2342 +#: sssd-ldap.5.xml:2460 msgid "Default: sudoRunAsUser" msgstr "Par défaut : sudoRunAsUser" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2348 +#: sssd-ldap.5.xml:2466 msgid "ldap_sudorule_runasgroup (string)" msgstr "ldap_sudorule_runasgroup (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2351 +#: sssd-ldap.5.xml:2469 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." @@ -7373,17 +7600,17 @@ msgstr "" "les commandes seront être exécutées." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2355 +#: sssd-ldap.5.xml:2473 msgid "Default: sudoRunAsGroup" msgstr "Par défaut : sudoRunAsGroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2361 +#: sssd-ldap.5.xml:2479 msgid "ldap_sudorule_notbefore (string)" msgstr "ldap_sudorule_notbefore (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2364 +#: sssd-ldap.5.xml:2482 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." @@ -7392,17 +7619,17 @@ msgstr "" "règle sudo est valide." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2368 +#: sssd-ldap.5.xml:2486 msgid "Default: sudoNotBefore" msgstr "Par défaut : sudoNotBefore" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2374 +#: sssd-ldap.5.xml:2492 msgid "ldap_sudorule_notafter (string)" msgstr "ldap_sudorule_notafter (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2377 +#: sssd-ldap.5.xml:2495 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." @@ -7411,32 +7638,32 @@ msgstr "" "règle sudo ne sera plus valide." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2382 +#: sssd-ldap.5.xml:2500 msgid "Default: sudoNotAfter" msgstr "Par défaut : sudoNotAfter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2388 +#: sssd-ldap.5.xml:2506 msgid "ldap_sudorule_order (string)" msgstr "ldap_sudorule_order (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2391 +#: sssd-ldap.5.xml:2509 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "L'attribut LDAP qui correspond à l'index de tri de la règle." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2395 +#: sssd-ldap.5.xml:2513 msgid "Default: sudoOrder" msgstr "Par défaut : sudoOrder" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2401 +#: sssd-ldap.5.xml:2519 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "ldap_sudo_full_refresh_interval (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2404 +#: sssd-ldap.5.xml:2522 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." @@ -7446,7 +7673,7 @@ msgstr "" "règles qui sont stockées sur le serveur)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2409 +#: sssd-ldap.5.xml:2527 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" @@ -7455,17 +7682,17 @@ msgstr "" "emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2414 +#: sssd-ldap.5.xml:2532 msgid "Default: 21600 (6 hours)" msgstr "Par défaut : 21600 (6 heures)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2420 +#: sssd-ldap.5.xml:2538 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "ldap_sudo_smart_refresh_interval (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2423 +#: sssd-ldap.5.xml:2541 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest USN " @@ -7477,7 +7704,7 @@ msgstr "" "cache)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2429 +#: sssd-ldap.5.xml:2547 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." @@ -7486,12 +7713,12 @@ msgstr "" "modifyTimestamp est utilisé à la place." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2439 +#: sssd-ldap.5.xml:2557 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "ldap_sudo_use_host_filter (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2442 +#: sssd-ldap.5.xml:2560 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." @@ -7501,12 +7728,12 @@ msgstr "" "noms de systèmes)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2453 +#: sssd-ldap.5.xml:2571 msgid "ldap_sudo_hostnames (string)" msgstr "ldap_sudo_hostnames (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2456 +#: sssd-ldap.5.xml:2574 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." @@ -7515,7 +7742,7 @@ msgstr "" "doivent être utilisés pour filtrer les règles." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2461 +#: sssd-ldap.5.xml:2579 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." @@ -7524,8 +7751,8 @@ msgstr "" "nom de système et le nom de domaine pleinement qualifié." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2466 sssd-ldap.5.xml:2489 sssd-ldap.5.xml:2507 -#: sssd-ldap.5.xml:2525 +#: sssd-ldap.5.xml:2584 sssd-ldap.5.xml:2607 sssd-ldap.5.xml:2625 +#: sssd-ldap.5.xml:2643 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." @@ -7534,17 +7761,17 @@ msgstr "" "emphasis>, alors cette option n'a aucun effet." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2471 sssd-ldap.5.xml:2494 +#: sssd-ldap.5.xml:2589 sssd-ldap.5.xml:2612 msgid "Default: not specified" msgstr "Par défaut : non spécifié" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2477 +#: sssd-ldap.5.xml:2595 msgid "ldap_sudo_ip (string)" msgstr "ldap_sudo_ip (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2480 +#: sssd-ldap.5.xml:2598 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." @@ -7553,7 +7780,7 @@ msgstr "" "IPv6 qui doivent être utilisés pour filtrer les règles." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2485 +#: sssd-ldap.5.xml:2603 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." @@ -7562,12 +7789,12 @@ msgstr "" "automatiquement." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2500 +#: sssd-ldap.5.xml:2618 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "ldap_sudo_include_netgroups (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2503 +#: sssd-ldap.5.xml:2621 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." @@ -7576,12 +7803,12 @@ msgstr "" "netgroup dans l'attribut sudoHost." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2518 +#: sssd-ldap.5.xml:2636 msgid "ldap_sudo_include_regexp (boolean)" msgstr "ldap_sudo_include_regexp (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2521 +#: sssd-ldap.5.xml:2639 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." @@ -7590,7 +7817,7 @@ msgstr "" "un joker dans l'attribut sudoHost." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2537 +#: sssd-ldap.5.xml:2655 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -7603,88 +7830,88 @@ msgstr "" "manvolnum></citerefentry>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2547 +#: sssd-ldap.5.xml:2665 msgid "AUTOFS OPTIONS" msgstr "OPTIONS AUTOFS" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2549 +#: sssd-ldap.5.xml:2667 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2555 +#: sssd-ldap.5.xml:2673 msgid "ldap_autofs_map_master_name (string)" msgstr "ldap_autofs_map_master_name (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2558 +#: sssd-ldap.5.xml:2676 msgid "The name of the automount master map in LDAP." msgstr "Le nom de la table de montage automatique maîtresse dans LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2561 +#: sssd-ldap.5.xml:2679 msgid "Default: auto.master" msgstr "Par défaut : auto.master" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2568 +#: sssd-ldap.5.xml:2686 msgid "ldap_autofs_map_object_class (string)" msgstr "ldap_autofs_map_object_class (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2571 +#: sssd-ldap.5.xml:2689 msgid "The object class of an automount map entry in LDAP." msgstr "" "La classe d'objet d'une entrée de table de montage automatique dans LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2574 +#: sssd-ldap.5.xml:2692 msgid "Default: nisMap (rfc2307, autofs_provider=ad), otherwise automountMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2582 +#: sssd-ldap.5.xml:2700 msgid "ldap_autofs_map_name (string)" msgstr "ldap_autofs_map_name (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2585 +#: sssd-ldap.5.xml:2703 msgid "The name of an automount map entry in LDAP." msgstr "Le nom d'une entrée de table de montage automatique dans LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2588 +#: sssd-ldap.5.xml:2706 msgid "" "Default: nisMapName (rfc2307, autofs_provider=ad), otherwise automountMapName" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2596 +#: sssd-ldap.5.xml:2714 msgid "ldap_autofs_entry_object_class (string)" msgstr "ldap_autofs_entry_object_class (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2599 +#: sssd-ldap.5.xml:2717 msgid "" "The object class of an automount entry in LDAP. The entry usually " "corresponds to a mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2604 +#: sssd-ldap.5.xml:2722 msgid "Default: nisObject (rfc2307, autofs_provider=ad), otherwise automount" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2612 +#: sssd-ldap.5.xml:2730 msgid "ldap_autofs_entry_key (string)" msgstr "ldap_autofs_entry_key (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2615 sssd-ldap.5.xml:2630 +#: sssd-ldap.5.xml:2733 sssd-ldap.5.xml:2748 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." @@ -7693,24 +7920,24 @@ msgstr "" "généralement à un point de montage." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2619 +#: sssd-ldap.5.xml:2737 msgid "Default: cn (rfc2307, autofs_provider=ad), otherwise automountKey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2627 +#: sssd-ldap.5.xml:2745 msgid "ldap_autofs_entry_value (string)" msgstr "ldap_autofs_entry_value (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2634 +#: sssd-ldap.5.xml:2752 msgid "" "Default: nisMapEntry (rfc2307, autofs_provider=ad), otherwise " "automountInformation" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2553 +#: sssd-ldap.5.xml:2671 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " @@ -7723,32 +7950,32 @@ msgstr "" "\"variablelist\" id=\"4\"/> <placeholder type=\"variablelist\" id=\"5\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2645 +#: sssd-ldap.5.xml:2763 msgid "ADVANCED OPTIONS" msgstr "OPTIONS AVANCÉES" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2652 +#: sssd-ldap.5.xml:2770 msgid "ldap_netgroup_search_base (string)" msgstr "ldap_netgroup_search_base (chaînes)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2657 +#: sssd-ldap.5.xml:2775 msgid "ldap_user_search_base (string)" msgstr "ldap_user_search_base (chaînes)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2662 +#: sssd-ldap.5.xml:2780 msgid "ldap_group_search_base (string)" msgstr "ldap_group_search_base (chaînes)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> -#: sssd-ldap.5.xml:2667 +#: sssd-ldap.5.xml:2785 msgid "<note>" msgstr "<note>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> -#: sssd-ldap.5.xml:2669 +#: sssd-ldap.5.xml:2787 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " @@ -7757,22 +7984,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist> -#: sssd-ldap.5.xml:2676 +#: sssd-ldap.5.xml:2794 msgid "</note>" msgstr "</note>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2678 +#: sssd-ldap.5.xml:2796 msgid "ldap_sudo_search_base (string)" msgstr "ldap_sudo_search_base (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2683 +#: sssd-ldap.5.xml:2801 msgid "ldap_autofs_search_base (string)" msgstr "ldap_autofs_search_base (string)" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2647 +#: sssd-ldap.5.xml:2765 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -7781,14 +8008,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2698 sssd-simple.5.xml:131 sssd-ipa.5.xml:717 -#: sssd-ad.5.xml:1018 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 +#: sssd-ldap.5.xml:2816 sssd-simple.5.xml:131 sssd-ipa.5.xml:736 +#: sssd-ad.5.xml:1038 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 #: sssd-files.5.xml:71 sssd-session-recording.5.xml:144 msgid "EXAMPLE" msgstr "EXEMPLE" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2700 +#: sssd-ldap.5.xml:2818 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -7799,7 +8026,7 @@ msgstr "" "replaceable>." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2706 +#: sssd-ldap.5.xml:2824 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -7819,27 +8046,27 @@ msgstr "" "cache_credentials = true\n" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2705 sssd-ldap.5.xml:2723 sssd-simple.5.xml:139 -#: sssd-ipa.5.xml:725 sssd-ad.5.xml:1026 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 +#: sssd-ldap.5.xml:2823 sssd-ldap.5.xml:2841 sssd-simple.5.xml:139 +#: sssd-ipa.5.xml:744 sssd-ad.5.xml:1046 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 #: sssd-files.5.xml:78 sssd-session-recording.5.xml:150 #: include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "<placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2717 +#: sssd-ldap.5.xml:2835 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2719 +#: sssd-ldap.5.xml:2837 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2724 +#: sssd-ldap.5.xml:2842 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -7865,13 +8092,13 @@ msgstr "" "cache_credentials = true\n" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2739 sssd_krb5_locator_plugin.8.xml:61 sssd-simple.5.xml:148 -#: sssd-ad.5.xml:1041 sssd.8.xml:195 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2857 sssd_krb5_locator_plugin.8.xml:61 sssd-simple.5.xml:148 +#: sssd-ad.5.xml:1061 sssd.8.xml:230 sss_seed.8.xml:163 msgid "NOTES" msgstr "NOTES" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2741 +#: sssd-ldap.5.xml:2859 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -8366,7 +8593,7 @@ msgstr "" "pas pris en compte." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:70 sssd-ipa.5.xml:76 sssd-ad.5.xml:100 +#: sssd-simple.5.xml:70 sssd-ipa.5.xml:82 sssd-ad.5.xml:113 msgid "" "Refer to the section <quote>DOMAIN SECTIONS</quote> of the <citerefentry> " "<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" @@ -9229,7 +9456,7 @@ msgstr "" #: sss-certmap.5.xml:577 msgid "" "This template will add the OID which is stored in the registeredID component " -"of the SAN as as dotted-decimal string." +"of the SAN as a dotted-decimal string." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> @@ -9331,6 +9558,14 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:67 msgid "" +"If <quote>auth_provider=ipa</quote> or <quote>access_provider=ipa</quote> is " +"configured in sssd.conf then the id_provider must also be set to <quote>ipa</" +"quote>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:73 +msgid "" "The IPA provider will use the PAC responder if the Kerberos tickets of users " "from trusted realms contain a PAC. To make configuration easier the PAC " "responder is started automatically if the IPA ID provider is configured." @@ -9341,12 +9576,12 @@ msgstr "" "automatiquement si le fournisseur d'ID de IPA est configuré." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:83 +#: sssd-ipa.5.xml:89 msgid "ipa_domain (string)" msgstr "ipa_domain (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:86 +#: sssd-ipa.5.xml:92 msgid "" "Specifies the name of the IPA domain. This is optional. If not provided, " "the configuration domain name is used." @@ -9355,12 +9590,12 @@ msgstr "" "domaine de la configuration est utilisé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:94 +#: sssd-ipa.5.xml:100 msgid "ipa_server, ipa_backup_server (string)" msgstr "ipa_server, ipa_backup_server (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:97 +#: sssd-ipa.5.xml:103 msgid "" "The comma-separated list of IP addresses or hostnames of the IPA servers to " "which SSSD should connect in the order of preference. For more information " @@ -9376,12 +9611,12 @@ msgstr "" "services, se reporter à la section de <quote>DÉCOUVERTE DE SERVICE</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:110 +#: sssd-ipa.5.xml:116 msgid "ipa_hostname (string)" msgstr "ipa_hostname (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:113 +#: sssd-ipa.5.xml:119 #, fuzzy #| msgid "" #| "Optional. May be set on machines where the hostname(5) does not reflect " @@ -9396,12 +9631,12 @@ msgstr "" "identifier l'hôte." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:122 sssd-ad.5.xml:843 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:863 msgid "dyndns_update (boolean)" msgstr "dyndns_update (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:125 +#: sssd-ipa.5.xml:131 msgid "" "Optional. This option tells SSSD to automatically update the DNS server " "built into FreeIPA with the IP address of this client. The update is secured " @@ -9411,7 +9646,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:134 sssd-ad.5.xml:857 +#: sssd-ipa.5.xml:140 sssd-ad.5.xml:877 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -9421,7 +9656,7 @@ msgstr "" "être défini correctement dans /etc/krb5.conf" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:139 +#: sssd-ipa.5.xml:145 msgid "" "NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_update</" "emphasis> option, users should migrate to using <emphasis>dyndns_update</" @@ -9433,12 +9668,12 @@ msgstr "" "configuration." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:151 sssd-ad.5.xml:868 +#: sssd-ipa.5.xml:157 sssd-ad.5.xml:888 msgid "dyndns_ttl (integer)" msgstr "dyndns_ttl (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:154 sssd-ad.5.xml:871 +#: sssd-ipa.5.xml:160 sssd-ad.5.xml:891 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -9449,7 +9684,7 @@ msgstr "" "TTL côté serveur s'il est défini par un administrateur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:159 +#: sssd-ipa.5.xml:165 msgid "" "NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_ttl</" "emphasis> option, users should migrate to using <emphasis>dyndns_ttl</" @@ -9460,17 +9695,17 @@ msgstr "" "utiliser <emphasis>dyndns_ttl</emphasis> dans leur fichier de configuration." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:165 +#: sssd-ipa.5.xml:171 msgid "Default: 1200 (seconds)" msgstr "Par défaut : 1200 (secondes)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:171 sssd-ad.5.xml:882 +#: sssd-ipa.5.xml:177 sssd-ad.5.xml:902 msgid "dyndns_iface (string)" msgstr "dyndns_iface (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:174 sssd-ad.5.xml:885 +#: sssd-ipa.5.xml:180 sssd-ad.5.xml:905 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " @@ -9479,7 +9714,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:181 +#: sssd-ipa.5.xml:187 msgid "" "NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_iface</" "emphasis> option, users should migrate to using <emphasis>dyndns_iface</" @@ -9491,24 +9726,24 @@ msgstr "" "configuration." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:187 +#: sssd-ipa.5.xml:193 msgid "" "Default: Use the IP addresses of the interface which is used for IPA LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:191 sssd-ad.5.xml:896 +#: sssd-ipa.5.xml:197 sssd-ad.5.xml:916 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:197 sssd-ad.5.xml:947 +#: sssd-ipa.5.xml:203 sssd-ad.5.xml:967 msgid "dyndns_auth (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:200 sssd-ad.5.xml:950 +#: sssd-ipa.5.xml:206 sssd-ad.5.xml:970 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " @@ -9516,22 +9751,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:206 sssd-ad.5.xml:956 +#: sssd-ipa.5.xml:212 sssd-ad.5.xml:976 msgid "Default: GSS-TSIG" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:212 +#: sssd-ipa.5.xml:218 msgid "ipa_enable_dns_sites (boolean)" msgstr "ipa_enable_dns_sites (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:215 sssd-ad.5.xml:197 +#: sssd-ipa.5.xml:221 sssd-ad.5.xml:210 msgid "Enables DNS sites - location based service discovery." msgstr "Active les sites DNS - découverte de service basée sur l'emplacement" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:219 +#: sssd-ipa.5.xml:225 msgid "" "If true and service discovery (see Service Discovery paragraph at the bottom " "of the man page) is enabled, then the SSSD will first attempt location " @@ -9551,12 +9786,12 @@ msgstr "" "seront utilisés comme serveurs de repli" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:238 sssd-ad.5.xml:902 +#: sssd-ipa.5.xml:244 sssd-ad.5.xml:922 msgid "dyndns_refresh_interval (integer)" msgstr "dyndns_refresh_interval (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:241 +#: sssd-ipa.5.xml:247 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -9568,12 +9803,12 @@ msgstr "" "configurée à true." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:254 sssd-ad.5.xml:920 +#: sssd-ipa.5.xml:260 sssd-ad.5.xml:940 msgid "dyndns_update_ptr (bool)" msgstr "dyndns_update_ptr (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:257 sssd-ad.5.xml:923 +#: sssd-ipa.5.xml:263 sssd-ad.5.xml:943 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -9583,7 +9818,7 @@ msgstr "" "l'option dyndns_update est configurée à true." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:262 +#: sssd-ipa.5.xml:268 msgid "" "This option should be False in most IPA deployments as the IPA server " "generates the PTR records automatically when forward records are changed." @@ -9593,17 +9828,17 @@ msgstr "" "quand les enregistrements directs sont modifiés." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:268 +#: sssd-ipa.5.xml:274 msgid "Default: False (disabled)" msgstr "Par défaut : False (désactivé)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:274 sssd-ad.5.xml:934 +#: sssd-ipa.5.xml:280 sssd-ad.5.xml:954 msgid "dyndns_force_tcp (bool)" msgstr "dyndns_force_tcp (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:277 sssd-ad.5.xml:937 +#: sssd-ipa.5.xml:283 sssd-ad.5.xml:957 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." @@ -9612,50 +9847,50 @@ msgstr "" "communication avec le serveur DNS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:281 sssd-ad.5.xml:941 +#: sssd-ipa.5.xml:287 sssd-ad.5.xml:961 msgid "Default: False (let nsupdate choose the protocol)" msgstr "Par défaut : False (laisser nsupdate choisir le protocole)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:287 sssd-ad.5.xml:962 +#: sssd-ipa.5.xml:293 sssd-ad.5.xml:982 msgid "dyndns_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:290 sssd-ad.5.xml:965 +#: sssd-ipa.5.xml:296 sssd-ad.5.xml:985 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:295 sssd-ad.5.xml:970 +#: sssd-ipa.5.xml:301 sssd-ad.5.xml:990 msgid "" "Setting this option makes sense for environments where the DNS server is " "different from the identity server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:300 sssd-ad.5.xml:975 +#: sssd-ipa.5.xml:306 sssd-ad.5.xml:995 msgid "" "Please note that this option will be only used in fallback attempt when " "previous attempt using autodetected settings failed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:305 sssd-ad.5.xml:980 +#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1000 msgid "Default: None (let nsupdate choose the server)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:311 +#: sssd-ipa.5.xml:317 #, fuzzy #| msgid "ipa_views_search_base (string)" msgid "ipa_deskprofile_search_base (string)" msgstr "ipa_views_search_base (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:314 +#: sssd-ipa.5.xml:320 #, fuzzy #| msgid "" #| "Optional. Use the given string as search base for HBAC related objects." @@ -9667,112 +9902,95 @@ msgstr "" "HBAC associés." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:318 sssd-ipa.5.xml:331 +#: sssd-ipa.5.xml:324 sssd-ipa.5.xml:337 msgid "Default: Use base DN" msgstr "Par défaut : utilise le DN de base" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:324 +#: sssd-ipa.5.xml:330 msgid "ipa_hbac_search_base (string)" msgstr "ipa_hbac_search_base (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:327 +#: sssd-ipa.5.xml:333 msgid "Optional. Use the given string as search base for HBAC related objects." msgstr "" "Facultatif. Utilise la chaîne donnée comme base de recherche pour les objets " "HBAC associés." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:337 +#: sssd-ipa.5.xml:343 msgid "ipa_host_search_base (string)" msgstr "ipa_host_search_base (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:340 -msgid "Optional. Use the given string as search base for host objects." -msgstr "" -"Facultatif. Utiliser la chaîne donnée comme base de recherche pour héberger " -"des objets." - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:344 sssd-ipa.5.xml:363 sssd-ipa.5.xml:382 sssd-ipa.5.xml:401 -#: sssd-ipa.5.xml:420 -msgid "" -"See <quote>ldap_search_base</quote> for information about configuring " -"multiple search bases." +#: sssd-ipa.5.xml:346 +msgid "Deprecated. Use ldap_host_search_base instead." msgstr "" -"Cf. <quote>ldap_search_base</quote> pour plus d'informations sur la " -"configuration des bases de recherche multiples." - -#. type: Content of: <listitem><para> -#: sssd-ipa.5.xml:349 sssd-ipa.5.xml:368 include/ldap_search_bases.xml:27 -msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" -msgstr "Par défaut : la valeur de <emphasis>ldap_search_base</emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:356 +#: sssd-ipa.5.xml:352 msgid "ipa_selinux_search_base (string)" msgstr "ipa_selinux_search_base (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:359 +#: sssd-ipa.5.xml:355 msgid "Optional. Use the given string as search base for SELinux user maps." msgstr "" "Facultatif. Utiliser la chaîne donnée comme base de recherche pour les " "mappages utilisateur SELinux." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:375 +#: sssd-ipa.5.xml:371 msgid "ipa_subdomains_search_base (string)" msgstr "ipa_subdomains_search_base (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:378 +#: sssd-ipa.5.xml:374 msgid "Optional. Use the given string as search base for trusted domains." msgstr "" "Facultatif. Utiliser la chaîne donnée comme base de recherche pour les " "domaines approuvés." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:387 +#: sssd-ipa.5.xml:383 msgid "Default: the value of <emphasis>cn=trusts,%basedn</emphasis>" msgstr "Par défaut : la valeur de <emphasis>cn=trusts,%basedn</emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:394 +#: sssd-ipa.5.xml:390 msgid "ipa_master_domain_search_base (string)" msgstr "ipa_master_domain_search_base (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:397 +#: sssd-ipa.5.xml:393 msgid "Optional. Use the given string as search base for master domain object." msgstr "" "Facultatif. Utiliser la chaîne donnée comme base de recherche objet de " "domaine maître." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:406 +#: sssd-ipa.5.xml:402 msgid "Default: the value of <emphasis>cn=ad,cn=etc,%basedn</emphasis>" msgstr "Par défaut : la valeur de <emphasis>cn=ad,cn=etc,%basedn</emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:413 +#: sssd-ipa.5.xml:409 msgid "ipa_views_search_base (string)" msgstr "ipa_views_search_base (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:416 +#: sssd-ipa.5.xml:412 msgid "Optional. Use the given string as search base for views containers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:425 +#: sssd-ipa.5.xml:421 msgid "Default: the value of <emphasis>cn=views,cn=accounts,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:435 +#: sssd-ipa.5.xml:431 msgid "" "The name of the Kerberos realm. This is optional and defaults to the value " "of <quote>ipa_domain</quote>." @@ -9781,7 +9999,7 @@ msgstr "" "valeur de <quote>ipa_domain</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:439 +#: sssd-ipa.5.xml:435 msgid "" "The name of the Kerberos realm has a special meaning in IPA - it is " "converted into the base DN to use for performing LDAP operations." @@ -9790,39 +10008,39 @@ msgstr "" "convertit en DN de base pour effectuer les opérations LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:447 sssd-ad.5.xml:989 +#: sssd-ipa.5.xml:443 sssd-ad.5.xml:1009 msgid "krb5_confd_path (string)" msgstr "krb5_confd_path (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:450 sssd-ad.5.xml:992 +#: sssd-ipa.5.xml:446 sssd-ad.5.xml:1012 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:454 sssd-ad.5.xml:996 +#: sssd-ipa.5.xml:450 sssd-ad.5.xml:1016 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:458 sssd-ad.5.xml:1000 +#: sssd-ipa.5.xml:454 sssd-ad.5.xml:1020 msgid "" "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:465 +#: sssd-ipa.5.xml:461 #, fuzzy #| msgid "ipa_hbac_refresh (integer)" msgid "ipa_deskprofile_refresh (integer)" msgstr "ipa_hbac_refresh (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:468 +#: sssd-ipa.5.xml:464 #, fuzzy #| msgid "" #| "The amount of time between lookups of the HBAC rules against the IPA " @@ -9838,19 +10056,19 @@ msgstr "" "beaucoup de requêtes de contrôle d'accès sur une courte période." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:475 sssd-ipa.5.xml:505 sssd-ipa.5.xml:521 sssd-ad.5.xml:408 +#: sssd-ipa.5.xml:471 sssd-ipa.5.xml:501 sssd-ipa.5.xml:517 sssd-ad.5.xml:428 msgid "Default: 5 (seconds)" msgstr "Par défaut : 5 (secondes)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:481 +#: sssd-ipa.5.xml:477 #, fuzzy #| msgid "ldap_sudo_full_refresh_interval (integer)" msgid "ipa_deskprofile_request_interval (integer)" msgstr "ldap_sudo_full_refresh_interval (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:484 +#: sssd-ipa.5.xml:480 #, fuzzy #| msgid "" #| "The amount of time between lookups of the HBAC rules against the IPA " @@ -9865,19 +10083,19 @@ msgstr "" "beaucoup de requêtes de contrôle d'accès sur une courte période." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:489 +#: sssd-ipa.5.xml:485 #, fuzzy #| msgid "Default: 900 (15 minutes)" msgid "Default: 60 (minutes)" msgstr "Par défaut : 900 (15 minutes)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:495 +#: sssd-ipa.5.xml:491 msgid "ipa_hbac_refresh (integer)" msgstr "ipa_hbac_refresh (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:498 +#: sssd-ipa.5.xml:494 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server. " "This will reduce the latency and load on the IPA server if there are many " @@ -9888,12 +10106,12 @@ msgstr "" "beaucoup de requêtes de contrôle d'accès sur une courte période." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:511 +#: sssd-ipa.5.xml:507 msgid "ipa_hbac_selinux (integer)" msgstr "ipa_hbac_selinux (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:514 +#: sssd-ipa.5.xml:510 msgid "" "The amount of time between lookups of the SELinux maps against the IPA " "server. This will reduce the latency and load on the IPA server if there are " @@ -9904,192 +10122,214 @@ msgstr "" "requêtes de connexions utilisateurs sur une courte période." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:527 +#: sssd-ipa.5.xml:523 msgid "ipa_server_mode (boolean)" msgstr "ipa_server_mode (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:530 +#: sssd-ipa.5.xml:526 msgid "" "This option will be set by the IPA installer (ipa-server-install) " "automatically and denotes if SSSD is running on an IPA server or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:535 +#: sssd-ipa.5.xml:531 msgid "" "On an IPA server SSSD will lookup users and groups from trusted domains " "directly while on a client it will ask an IPA server." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:536 +msgid "" +"NOTE: There are currently some assumptions that must be met when SSSD is " +"running on an IPA server." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ipa.5.xml:541 +msgid "" +"The <quote>ipa_server</quote> option must be configured to point to the IPA " +"server itself. This is already the default set by the IPA installer, so no " +"manual change is required." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ipa.5.xml:550 +msgid "" +"The <quote>full_name_format</quote> option must not be tweaked to only print " +"short names for users from trusted domains." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:546 +#: sssd-ipa.5.xml:565 msgid "ipa_automount_location (string)" msgstr "ipa_automount_location (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:549 +#: sssd-ipa.5.xml:568 msgid "The automounter location this IPA client will be using" msgstr "L'emplacement à automonter qu'utilisera ce client IPA" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:552 +#: sssd-ipa.5.xml:571 msgid "Default: The location named \"default\"" msgstr "Par défaut : Le lieu nommé « default »" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:560 +#: sssd-ipa.5.xml:579 msgid "VIEWS AND OVERRIDES" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:569 +#: sssd-ipa.5.xml:588 msgid "ipa_view_class (string)" msgstr "ipa_view_class (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:572 +#: sssd-ipa.5.xml:591 msgid "Objectclass of the view container." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:575 +#: sssd-ipa.5.xml:594 msgid "Default: nsContainer" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:581 +#: sssd-ipa.5.xml:600 msgid "ipa_view_name (string)" msgstr "ipa_view_name (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:584 +#: sssd-ipa.5.xml:603 msgid "Name of the attribute holding the name of the view." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:594 +#: sssd-ipa.5.xml:613 msgid "ipa_override_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:597 +#: sssd-ipa.5.xml:616 msgid "Objectclass of the override objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:600 +#: sssd-ipa.5.xml:619 msgid "Default: ipaOverrideAnchor" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:606 +#: sssd-ipa.5.xml:625 msgid "ipa_anchor_uuid (string)" msgstr "ipa_anchor_uuid (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:609 +#: sssd-ipa.5.xml:628 msgid "" "Name of the attribute containing the reference to the original object in a " "remote domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:613 +#: sssd-ipa.5.xml:632 msgid "Default: ipaAnchorUUID" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:619 +#: sssd-ipa.5.xml:638 msgid "ipa_user_override_object_class (string)" msgstr "ipa_user_override_object_class (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:622 +#: sssd-ipa.5.xml:641 msgid "" "Name of the objectclass for user overrides. It is used to determine if the " "found override object is related to a user or a group." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:627 +#: sssd-ipa.5.xml:646 msgid "User overrides can contain attributes given by" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:630 +#: sssd-ipa.5.xml:649 msgid "ldap_user_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:633 +#: sssd-ipa.5.xml:652 msgid "ldap_user_uid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:636 +#: sssd-ipa.5.xml:655 msgid "ldap_user_gid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:639 +#: sssd-ipa.5.xml:658 msgid "ldap_user_gecos" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:642 +#: sssd-ipa.5.xml:661 msgid "ldap_user_home_directory" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:645 +#: sssd-ipa.5.xml:664 msgid "ldap_user_shell" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:648 +#: sssd-ipa.5.xml:667 msgid "ldap_user_ssh_public_key" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:653 +#: sssd-ipa.5.xml:672 msgid "Default: ipaUserOverride" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:659 +#: sssd-ipa.5.xml:678 msgid "ipa_group_override_object_class (string)" msgstr "ipa_group_override_object_class (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:662 +#: sssd-ipa.5.xml:681 msgid "" "Name of the objectclass for group overrides. It is used to determine if the " "found override object is related to a user or a group." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:667 +#: sssd-ipa.5.xml:686 msgid "Group overrides can contain attributes given by" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:670 +#: sssd-ipa.5.xml:689 msgid "ldap_group_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:673 +#: sssd-ipa.5.xml:692 msgid "ldap_group_gid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:678 +#: sssd-ipa.5.xml:697 msgid "Default: ipaGroupOverride" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:562 +#: sssd-ipa.5.xml:581 msgid "" "SSSD can handle views and overrides which are offered by FreeIPA 4.1 and " "later version. Since all paths and objectclasses are fixed on the server " @@ -10099,12 +10339,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ipa.5.xml:690 +#: sssd-ipa.5.xml:709 msgid "SUBDOMAINS PROVIDER" msgstr "FOURNISSEURS DE SOUS-DOMAINES" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:692 +#: sssd-ipa.5.xml:711 msgid "" "The IPA subdomains provider behaves slightly differently if it is configured " "explicitly or implicitly." @@ -10113,7 +10353,7 @@ msgstr "" "configuré explicitement ou implicitement." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:696 +#: sssd-ipa.5.xml:715 msgid "" "If the option 'subdomains_provider = ipa' is found in the domain section of " "sssd.conf, the IPA subdomains provider is configured explicitly, and all " @@ -10125,7 +10365,7 @@ msgstr "" "serveur IPA si nécessaire." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:702 +#: sssd-ipa.5.xml:721 msgid "" "If the option 'subdomains_provider' is not set in the domain section of sssd." "conf but there is the option 'id_provider = ipa', the IPA subdomains " @@ -10145,7 +10385,7 @@ msgstr "" "fournisseur de sous-domaines est à nouveau activé." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:719 +#: sssd-ipa.5.xml:738 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -10156,7 +10396,7 @@ msgstr "" "exemples montrent seulement les options spécifiques au fournisseur IPA." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:726 +#: sssd-ipa.5.xml:745 #, no-wrap msgid "" "[domain/example.com]\n" @@ -10198,7 +10438,7 @@ msgid "" "This provider requires that the machine be joined to the AD domain and a " "keytab is available. Back end communication occurs over a GSSAPI-encrypted " "channel, SSL/TLS options should not be used with the AD provider and will be " -"superceded by Kerberos usage." +"superseded by Kerberos usage." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> @@ -10249,8 +10489,16 @@ msgid "" "side." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ad.5.xml:79 +msgid "" +"If <quote>auth_provider=ad</quote> or <quote>access_provider=ad</quote> is " +"configured in sssd.conf then the id_provider must also be set to <quote>ad</" +"quote>." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:85 +#: sssd-ad.5.xml:91 #, no-wrap msgid "" "ldap_id_mapping = False\n" @@ -10260,20 +10508,25 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:79 +#: sssd-ad.5.xml:85 msgid "" "By default, the AD provider will map UID and GID values from the objectSID " "parameter in Active Directory. For details on this, see the <quote>ID " "MAPPING</quote> section below. If you want to disable ID mapping and instead " "rely on POSIX attributes defined in Active Directory, you should set " -"<placeholder type=\"programlisting\" id=\"0\"/> In order to retrieve users " -"and groups using POSIX attributes from trusted domains, the AD administrator " -"must make sure that the POSIX attributes are replicated to the Global " -"Catalog." +"<placeholder type=\"programlisting\" id=\"0\"/> If POSIX attributes should " +"be used, it is recommended for performance reasons that the attributes are " +"also replicated to the Global Catalog. If POSIX attributes are replicated, " +"SSSD will attempt to locate the domain of a requested numerical ID with the " +"help of the Global Catalog and only search that domain. In contrast, if " +"POSIX attributes are not replicated to the Global Catalog, SSSD must search " +"all the domains in the forest sequentially. Please note that the " +"<quote>cache_first</quote> option might be also helpful in speeding up " +"domainless searches." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:92 +#: sssd-ad.5.xml:105 msgid "" "Users, groups and other entities served by SSSD are always treated as case-" "insensitive in the AD provider for compatibility with Active Directory's " @@ -10281,12 +10534,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:107 +#: sssd-ad.5.xml:120 msgid "ad_domain (string)" msgstr "ad_domain (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:110 +#: sssd-ad.5.xml:123 msgid "" "Specifies the name of the Active Directory domain. This is optional. If not " "provided, the configuration domain name is used." @@ -10295,7 +10548,7 @@ msgstr "" "n'est pas fourni, le nom de domaine de la configuration est utilisé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:115 +#: sssd-ad.5.xml:128 msgid "" "For proper operation, this option should be specified as the lower-case " "version of the long version of the Active Directory domain." @@ -10304,7 +10557,7 @@ msgstr "" "domaine Active Directory, spécifié en minuscules." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:120 +#: sssd-ad.5.xml:133 msgid "" "The short domain name (also known as the NetBIOS or the flat name) is " "autodetected by the SSSD." @@ -10313,12 +10566,12 @@ msgstr "" "autodétecté par SSSD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:127 +#: sssd-ad.5.xml:140 msgid "ad_enabled_domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:130 +#: sssd-ad.5.xml:143 msgid "" "A comma-separated list of enabled Active Directory domains. If provided, " "SSSD will ignore any domains not listed in this option. If left unset, all " @@ -10326,7 +10579,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:140 +#: sssd-ad.5.xml:153 #, no-wrap msgid "" "ad_enabled_domains = sales.example.com, eng.example.com\n" @@ -10334,7 +10587,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:136 +#: sssd-ad.5.xml:149 msgid "" "For proper operation, this option must be specified in all lower-case and as " "the fully qualified domain name of the Active Directory domain. For example: " @@ -10342,19 +10595,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:144 +#: sssd-ad.5.xml:157 msgid "" "The short domain name (also known as the NetBIOS or the flat name) will be " "autodetected by SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:154 +#: sssd-ad.5.xml:167 msgid "ad_server, ad_backup_server (string)" msgstr "ad_server, ad_backup_server (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:157 +#: sssd-ad.5.xml:170 msgid "" "The comma-separated list of hostnames of the AD servers to which SSSD should " "connect in order of preference. For more information on failover and server " @@ -10362,26 +10615,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:164 +#: sssd-ad.5.xml:177 msgid "" "This is optional if autodiscovery is enabled. For more information on " "service discovery, refer to the <quote>SERVICE DISCOVERY</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:169 +#: sssd-ad.5.xml:182 msgid "" "Note: Trusted domains will always auto-discover servers even if the primary " "server is explicitly defined in the ad_server option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:177 +#: sssd-ad.5.xml:190 msgid "ad_hostname (string)" msgstr "ad_hostname (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:180 +#: sssd-ad.5.xml:193 msgid "" "Optional. May be set on machines where the hostname(5) does not reflect the " "fully qualified name used in the Active Directory domain to identify this " @@ -10392,7 +10645,7 @@ msgstr "" "identifier ce système." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:186 +#: sssd-ad.5.xml:199 msgid "" "This field is used to determine the host principal in use in the keytab. It " "must match the hostname for which the keytab was issued." @@ -10402,12 +10655,12 @@ msgstr "" "publié un fichier keytab." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:194 +#: sssd-ad.5.xml:207 msgid "ad_enable_dns_sites (boolean)" msgstr "ad_enable_dns_sites (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:201 +#: sssd-ad.5.xml:214 msgid "" "If true and service discovery (see Service Discovery paragraph at the bottom " "of the man page) is enabled, the SSSD will first attempt to discover the " @@ -10425,12 +10678,12 @@ msgstr "" "utilisée pendant la découverte de site." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:217 +#: sssd-ad.5.xml:230 msgid "ad_access_filter (string)" msgstr "ad_access_filter (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:220 +#: sssd-ad.5.xml:233 msgid "" "This option specifies LDAP access control filter that the user must match in " "order to be allowed access. Please note that the <quote>access_provider</" @@ -10439,7 +10692,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:228 +#: sssd-ad.5.xml:241 msgid "" "The option also supports specifying different filters per domain or forest. " "This extended filter would consist of: <quote>KEYWORD:NAME:FILTER</quote>. " @@ -10448,7 +10701,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:236 +#: sssd-ad.5.xml:249 msgid "" "If the keyword equals to <quote>DOM</quote> or is missing, then <quote>NAME</" "quote> specifies the domain or subdomain the filter applies to. If the " @@ -10457,14 +10710,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:244 +#: sssd-ad.5.xml:257 msgid "" "Multiple filters can be separated with the <quote>?</quote> character, " "similarly to how search bases work." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:249 +#: sssd-ad.5.xml:262 msgid "" "Nested group membership must be searched for using a special OID " "<quote>:1.2.840.113556.1.4.1941:</quote> in addition to the full DOM:domain." @@ -10477,7 +10730,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:262 +#: sssd-ad.5.xml:275 msgid "" "The most specific match is always used. For example, if the option specified " "filter for a domain the user is a member of and a global filter, the per-" @@ -10486,7 +10739,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ad.5.xml:273 +#: sssd-ad.5.xml:286 #, no-wrap msgid "" "# apply filter on domain called dom1 only:\n" @@ -10504,24 +10757,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:292 +#: sssd-ad.5.xml:305 msgid "ad_site (string)" msgstr "ad_site (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:295 +#: sssd-ad.5.xml:308 msgid "" "Specify AD site to which client should try to connect. If this option is " "not provided, the AD site will be auto-discovered." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:306 +#: sssd-ad.5.xml:319 msgid "ad_enable_gc (boolean)" msgstr "ad_enable_gc (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:309 +#: sssd-ad.5.xml:322 msgid "" "By default, the SSSD connects to the Global Catalog first to retrieve users " "from trusted domains and uses the LDAP port to retrieve group memberships or " @@ -10530,7 +10783,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:317 +#: sssd-ad.5.xml:330 msgid "" "Please note that disabling Global Catalog support does not disable " "retrieving users from trusted domains. The SSSD would connect to the LDAP " @@ -10539,12 +10792,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:331 +#: sssd-ad.5.xml:344 msgid "ad_gpo_access_control (string)" msgstr "ad_gpo_access_control (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:334 +#: sssd-ad.5.xml:347 msgid "" "This option specifies the operation mode for GPO-based access control " "functionality: whether it operates in disabled mode, enforcing mode, or " @@ -10554,14 +10807,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:343 +#: sssd-ad.5.xml:356 msgid "" "GPO-based access control functionality uses GPO policy settings to determine " "whether or not a particular user is allowed to logon to a particular host." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:349 +#: sssd-ad.5.xml:362 +msgid "" +"NOTE: The current version of SSSD does not support host (computer) entries " +"in the GPO 'Security Filtering' list. Only user and group entries are " +"supported. Host entries in the list have no effect." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:369 msgid "" "NOTE: If the operation mode is set to enforcing, it is possible that users " "that were previously allowed logon access will now be denied logon access " @@ -10574,23 +10835,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:362 +#: sssd-ad.5.xml:382 msgid "There are three supported values for this option:" msgstr "Il existe trois valeurs prises en charge pour cette option :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:366 +#: sssd-ad.5.xml:386 msgid "" "disabled: GPO-based access control rules are neither evaluated nor enforced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:372 +#: sssd-ad.5.xml:392 msgid "enforcing: GPO-based access control rules are evaluated and enforced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:378 +#: sssd-ad.5.xml:398 msgid "" "permissive: GPO-based access control rules are evaluated, but not enforced. " "Instead, a syslog message will be emitted indicating that the user would " @@ -10598,22 +10859,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:389 +#: sssd-ad.5.xml:409 msgid "Default: permissive" msgstr "Par défaut : permissive" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:392 +#: sssd-ad.5.xml:412 msgid "Default: enforcing" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:398 +#: sssd-ad.5.xml:418 msgid "ad_gpo_cache_timeout (integer)" msgstr "ad_gpo_cache_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:401 +#: sssd-ad.5.xml:421 msgid "" "The amount of time between lookups of GPO policy files against the AD " "server. This will reduce the latency and load on the AD server if there are " @@ -10621,12 +10882,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:414 +#: sssd-ad.5.xml:434 msgid "ad_gpo_map_interactive (string)" msgstr "ad_gpo_map_interactive (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:417 +#: sssd-ad.5.xml:437 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the InteractiveLogonRight and " @@ -10634,14 +10895,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:423 +#: sssd-ad.5.xml:443 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on locally\" and \"Deny log on locally\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:437 +#: sssd-ad.5.xml:457 #, no-wrap msgid "" "ad_gpo_map_interactive = +my_pam_service, -login\n" @@ -10649,7 +10910,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:428 +#: sssd-ad.5.xml:448 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10661,78 +10922,78 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:441 sssd-ad.5.xml:537 sssd-ad.5.xml:583 sssd-ad.5.xml:628 -#: sssd-ad.5.xml:694 +#: sssd-ad.5.xml:461 sssd-ad.5.xml:557 sssd-ad.5.xml:603 sssd-ad.5.xml:648 +#: sssd-ad.5.xml:714 msgid "Default: the default set of PAM service names includes:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:445 +#: sssd-ad.5.xml:465 msgid "login" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:450 +#: sssd-ad.5.xml:470 msgid "su" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:455 +#: sssd-ad.5.xml:475 msgid "su-l" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:460 +#: sssd-ad.5.xml:480 msgid "gdm-fingerprint" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:465 +#: sssd-ad.5.xml:485 msgid "gdm-password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:470 +#: sssd-ad.5.xml:490 msgid "gdm-smartcard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:475 +#: sssd-ad.5.xml:495 msgid "kdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:480 +#: sssd-ad.5.xml:500 msgid "lightdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:485 +#: sssd-ad.5.xml:505 msgid "lxdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:490 +#: sssd-ad.5.xml:510 msgid "sddm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:495 +#: sssd-ad.5.xml:515 msgid "unity" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:500 +#: sssd-ad.5.xml:520 msgid "xdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:509 +#: sssd-ad.5.xml:529 msgid "ad_gpo_map_remote_interactive (string)" msgstr "ad_gpo_map_remote_interactive (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:512 +#: sssd-ad.5.xml:532 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the RemoteInteractiveLogonRight and " @@ -10740,7 +11001,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:518 +#: sssd-ad.5.xml:538 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on through Remote Desktop Services\" and \"Deny log on through Remote " @@ -10748,7 +11009,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:533 +#: sssd-ad.5.xml:553 #, no-wrap msgid "" "ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n" @@ -10756,7 +11017,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:524 +#: sssd-ad.5.xml:544 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10768,22 +11029,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:541 +#: sssd-ad.5.xml:561 msgid "sshd" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:546 +#: sssd-ad.5.xml:566 msgid "cockpit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:555 +#: sssd-ad.5.xml:575 msgid "ad_gpo_map_network (string)" msgstr "ad_gpo_map_network (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:558 +#: sssd-ad.5.xml:578 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the NetworkLogonRight and " @@ -10791,7 +11052,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:564 +#: sssd-ad.5.xml:584 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Access " "this computer from the network\" and \"Deny access to this computer from the " @@ -10799,7 +11060,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:579 +#: sssd-ad.5.xml:599 #, no-wrap msgid "" "ad_gpo_map_network = +my_pam_service, -ftp\n" @@ -10807,7 +11068,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:570 +#: sssd-ad.5.xml:590 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10819,22 +11080,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:587 +#: sssd-ad.5.xml:607 msgid "ftp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:592 +#: sssd-ad.5.xml:612 msgid "samba" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:601 +#: sssd-ad.5.xml:621 msgid "ad_gpo_map_batch (string)" msgstr "ad_gpo_map_batch (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:604 +#: sssd-ad.5.xml:624 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " @@ -10842,14 +11103,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:610 +#: sssd-ad.5.xml:630 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a batch job\" and \"Deny log on as a batch job\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:624 +#: sssd-ad.5.xml:644 #, no-wrap msgid "" "ad_gpo_map_batch = +my_pam_service, -crond\n" @@ -10857,7 +11118,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:615 +#: sssd-ad.5.xml:635 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10869,17 +11130,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:632 +#: sssd-ad.5.xml:652 msgid "crond" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:641 +#: sssd-ad.5.xml:661 msgid "ad_gpo_map_service (string)" msgstr "ad_gpo_map_service (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:644 +#: sssd-ad.5.xml:664 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the ServiceLogonRight and " @@ -10887,14 +11148,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:650 +#: sssd-ad.5.xml:670 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a service\" and \"Deny log on as a service\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:663 +#: sssd-ad.5.xml:683 #, no-wrap msgid "" "ad_gpo_map_service = +my_pam_service\n" @@ -10902,7 +11163,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:655 sssd-ad.5.xml:730 +#: sssd-ad.5.xml:675 sssd-ad.5.xml:750 msgid "" "It is possible to add a PAM service name to the default set by using <quote>" "+service_name</quote>. Since the default set is empty, it is not possible " @@ -10913,19 +11174,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:673 +#: sssd-ad.5.xml:693 msgid "ad_gpo_map_permit (string)" msgstr "ad_gpo_map_permit (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:676 +#: sssd-ad.5.xml:696 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always granted, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:690 +#: sssd-ad.5.xml:710 #, no-wrap msgid "" "ad_gpo_map_permit = +my_pam_service, -sudo\n" @@ -10933,7 +11194,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:681 +#: sssd-ad.5.xml:701 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10945,39 +11206,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:698 +#: sssd-ad.5.xml:718 msgid "polkit-1" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:703 +#: sssd-ad.5.xml:723 msgid "sudo" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:708 +#: sssd-ad.5.xml:728 msgid "sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:713 +#: sssd-ad.5.xml:733 msgid "systemd-user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:722 +#: sssd-ad.5.xml:742 msgid "ad_gpo_map_deny (string)" msgstr "ad_gpo_map_deny (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:725 +#: sssd-ad.5.xml:745 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always denied, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:738 +#: sssd-ad.5.xml:758 #, no-wrap msgid "" "ad_gpo_map_deny = +my_pam_service\n" @@ -10985,12 +11246,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:748 +#: sssd-ad.5.xml:768 msgid "ad_gpo_default_right (string)" msgstr "ad_gpo_default_right (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:751 +#: sssd-ad.5.xml:771 msgid "" "This option defines how access control is evaluated for PAM service names " "that are not explicitly listed in one of the ad_gpo_map_* options. This " @@ -11003,57 +11264,57 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:764 +#: sssd-ad.5.xml:784 msgid "Supported values for this option include:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:768 +#: sssd-ad.5.xml:788 msgid "interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:773 +#: sssd-ad.5.xml:793 msgid "remote_interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:778 +#: sssd-ad.5.xml:798 msgid "network" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:783 +#: sssd-ad.5.xml:803 msgid "batch" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:788 +#: sssd-ad.5.xml:808 msgid "service" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:793 +#: sssd-ad.5.xml:813 msgid "permit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:798 +#: sssd-ad.5.xml:818 msgid "deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:804 +#: sssd-ad.5.xml:824 msgid "Default: deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:810 +#: sssd-ad.5.xml:830 msgid "ad_maximum_machine_account_password_age (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:813 +#: sssd-ad.5.xml:833 msgid "" "SSSD will check once a day if the machine account password is older than the " "given age in days and try to renew it. A value of 0 will disable the renewal " @@ -11061,17 +11322,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:819 +#: sssd-ad.5.xml:839 msgid "Default: 30 days" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:825 +#: sssd-ad.5.xml:845 msgid "ad_machine_account_password_renewal_opts (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:828 +#: sssd-ad.5.xml:848 msgid "" "This option should only be used to test the machine account renewal task. " "The option expects 2 integers separated by a colon (':'). The first integer " @@ -11081,12 +11342,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:837 +#: sssd-ad.5.xml:857 msgid "Default: 86400:750 (24h and 15m)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:846 +#: sssd-ad.5.xml:866 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -11104,19 +11365,19 @@ msgstr "" "<quote>dyndns_iface</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:876 +#: sssd-ad.5.xml:896 msgid "Default: 3600 (seconds)" msgstr "Par défaut : 3600 (secondes)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:892 +#: sssd-ad.5.xml:912 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:905 +#: sssd-ad.5.xml:925 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -11126,12 +11387,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:928 sss_rpcidmapd.5.xml:76 +#: sssd-ad.5.xml:948 sss_rpcidmapd.5.xml:76 msgid "Default: True" msgstr "Par défaut : True" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1020 +#: sssd-ad.5.xml:1040 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -11142,7 +11403,7 @@ msgstr "" "exemples montrent seulement les options spécifiques au fournisseur AD." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1027 +#: sssd-ad.5.xml:1047 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -11166,7 +11427,7 @@ msgstr "" "ad_domain = example.com\n" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1047 +#: sssd-ad.5.xml:1067 #, no-wrap msgid "" "access_provider = ldap\n" @@ -11178,7 +11439,7 @@ msgstr "" "ldap_account_expire_policy = ad\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1043 +#: sssd-ad.5.xml:1063 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -11189,7 +11450,7 @@ msgstr "" "<placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1053 +#: sssd-ad.5.xml:1073 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -11199,7 +11460,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1061 +#: sssd-ad.5.xml:1081 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " @@ -11599,33 +11860,90 @@ msgstr "" "<filename>/var/log/sssd</filename> et des fichiers différents sont créés " "pour chaque service et domaine SSSD." +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:94 +msgid "" +"This option is deprecated. It is replaced by <option>--logger=files</option>." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:97 +#: sssd.8.xml:101 +#, fuzzy +#| msgid "<option>--debug-timestamps=</option><replaceable>mode</replaceable>" +msgid "<option>--logger=</option><replaceable>value</replaceable>" +msgstr "<option>--debug-timestamps=</option><replaceable>mode</replaceable>" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:105 +msgid "" +"Location where SSSD will send log messages. This option overrides the value " +"of the deprecated option <option>--debug-to-files</option>. The deprecated " +"option will still work if the <option>--logger</option> is not used." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:112 +#, fuzzy +#| msgid "<emphasis>1</emphasis>: Add a timestamp to the debug messages" +msgid "" +"<emphasis>stderr</emphasis>: Redirect debug messages to standard error " +"output." +msgstr "" +"<emphasis>1</emphasis> : Ajouter un horodatage aux messages de débogage" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:116 +#, fuzzy +#| msgid "" +#| "Send the debug output to files instead of stderr. By default, the log " +#| "files are stored in <filename>/var/log/sssd</filename> and there are " +#| "separate log files for every SSSD service and domain." +msgid "" +"<emphasis>files</emphasis>: Redirect debug messages to the log files. By " +"default, the log files are stored in <filename>/var/log/sssd</filename> and " +"there are separate log files for every SSSD service and domain." +msgstr "" +"Envoie la sortie de débogage vers des fichiers plutôt que vers la sortie " +"d'erreur standard. Par défaut, les fichiers de sortie sont stockés dans " +"<filename>/var/log/sssd</filename> et des fichiers différents sont créés " +"pour chaque service et domaine SSSD." + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:122 +#, fuzzy +#| msgid "<emphasis>1</emphasis>: Add a timestamp to the debug messages" +msgid "" +"<emphasis>journald</emphasis>: Redirect debug messages to systemd-journald" +msgstr "" +"<emphasis>1</emphasis> : Ajouter un horodatage aux messages de débogage" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sssd.8.xml:132 msgid "<option>-D</option>,<option>--daemon</option>" msgstr "<option>-D</option>,<option>--daemon</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:101 +#: sssd.8.xml:136 msgid "Become a daemon after starting up." msgstr "Devenir un démon après le démarrage." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:107 sss_seed.8.xml:136 +#: sssd.8.xml:142 sss_seed.8.xml:136 msgid "<option>-i</option>,<option>--interactive</option>" msgstr "<option>-i</option>,<option>--interactive</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:111 +#: sssd.8.xml:146 msgid "Run in the foreground, don't become a daemon." msgstr "Tourner en avant-plan et ne pas devenir un démon." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:117 +#: sssd.8.xml:152 msgid "<option>-c</option>,<option>--config</option>" msgstr "<option>-c</option>,<option>--config</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:121 +#: sssd.8.xml:156 msgid "" "Specify a non-default config file. The default is <filename>/etc/sssd/sssd." "conf</filename>. For reference on the config file syntax and options, " @@ -11639,27 +11957,27 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:135 +#: sssd.8.xml:170 msgid "<option>--version</option>" msgstr "<option>--version</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:139 +#: sssd.8.xml:174 msgid "Print version number and exit." msgstr "Afficher le numéro de version et quitter." #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.8.xml:147 +#: sssd.8.xml:182 msgid "Signals" msgstr "Signaux" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:150 +#: sssd.8.xml:185 msgid "SIGTERM/SIGINT" msgstr "SIGTERM/SIGINT" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:153 +#: sssd.8.xml:188 msgid "" "Informs the SSSD to gracefully terminate all of its child processes and then " "shut down the monitor." @@ -11668,12 +11986,12 @@ msgstr "" "le moniteur." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:159 +#: sssd.8.xml:194 msgid "SIGHUP" msgstr "SIGHUP" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:162 +#: sssd.8.xml:197 msgid "" "Tells the SSSD to stop writing to its current debug file descriptors and to " "close and reopen them. This is meant to facilitate log rolling with programs " @@ -11684,12 +12002,12 @@ msgstr "" "de sortie avec des programmes tels que logrotate." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:170 +#: sssd.8.xml:205 msgid "SIGUSR1" msgstr "SIGUSR1" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:173 +#: sssd.8.xml:208 msgid "" "Tells the SSSD to simulate offline operation for the duration of the " "<quote>offline_timeout</quote> parameter. This is useful for testing. The " @@ -11698,12 +12016,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:182 +#: sssd.8.xml:217 msgid "SIGUSR2" msgstr "SIGUSR2" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:185 +#: sssd.8.xml:220 msgid "" "Tells the SSSD to go online immediately. This is useful for testing. The " "signal can be sent to either the sssd process or any sssd_be process " @@ -11711,7 +12029,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.8.xml:197 +#: sssd.8.xml:232 msgid "" "If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", client " "applications will not use the fast in memory cache." @@ -14419,7 +14737,7 @@ msgid "" "project was born to deal with this problem in cloud like environments, but " "we found the idea compelling even at a single system level. As a security " "service, SSSD is ideal to host this capability while offering the same API " -"via a Unix Socket. This will make it possible to use local calls and have " +"via a UNIX Socket. This will make it possible to use local calls and have " "them transparently routed to a local or a remote key management store like " "IPA Vault for storage, escrow and recovery." msgstr "" @@ -17183,6 +17501,13 @@ msgstr "" msgid "ldap_group_external_member = ipaExternalMember" msgstr "" +#~ msgid "" +#~ "Determines if a domain can be enumerated. This parameter can have one of " +#~ "the following values:" +#~ msgstr "" +#~ "Détermine si un domaine peut être énuméré. Ce paramètre peut avoir une " +#~ "des valeurs suivantes :" + #~ msgid "" #~ "<command>sss_debuglevel</command> changes debug level of SSSD monitor and " #~ "providers to <replaceable>NEW_DEBUG_LEVEL</replaceable> while SSSD is " diff --git a/src/man/po/ja.po b/src/man/po/ja.po index 6987d7c9e19..caca56625f9 100644 --- a/src/man/po/ja.po +++ b/src/man/po/ja.po @@ -10,7 +10,7 @@ msgid "" msgstr "" "Project-Id-Version: sssd-docs 1.15.3\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2017-10-20 16:15+0200\n" +"POT-Creation-Date: 2018-03-09 12:30+0100\n" "PO-Revision-Date: 2014-12-14 11:59-0500\n" "Last-Translator: Copied by Zanata <copied-by-zanata@zanata.org>\n" "Language-Team: Japanese (http://www.transifex.com/projects/p/sssd/language/" @@ -320,9 +320,9 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:133 sssd.conf.5.xml:543 sssd.conf.5.xml:837 -#: sssd.conf.5.xml:1467 sssd-ldap.5.xml:1722 sssd-ldap.5.xml:1819 -#: sssd-ldap.5.xml:1881 sssd-ldap.5.xml:2447 sssd-ldap.5.xml:2512 -#: sssd-ldap.5.xml:2530 sssd-ad.5.xml:211 sssd-ad.5.xml:325 sssd-ad.5.xml:862 +#: sssd.conf.5.xml:1474 sssd-ldap.5.xml:1840 sssd-ldap.5.xml:1937 +#: sssd-ldap.5.xml:1999 sssd-ldap.5.xml:2565 sssd-ldap.5.xml:2630 +#: sssd-ldap.5.xml:2648 sssd-ad.5.xml:224 sssd-ad.5.xml:338 sssd-ad.5.xml:882 #: sssd-krb5.5.xml:499 sssd-secrets.5.xml:351 sssd-secrets.5.xml:364 msgid "Default: true" msgstr "初期値: true" @@ -341,16 +341,16 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:146 sssd.conf.5.xml:540 sssd.conf.5.xml:721 -#: sssd.conf.5.xml:1400 sssd.conf.5.xml:2865 sssd-ldap.5.xml:708 -#: sssd-ldap.5.xml:1596 sssd-ldap.5.xml:1615 sssd-ldap.5.xml:1791 -#: sssd-ldap.5.xml:2217 sssd-ipa.5.xml:145 sssd-ipa.5.xml:232 -#: sssd-ipa.5.xml:540 sssd-krb5.5.xml:266 sssd-krb5.5.xml:300 +#: sssd.conf.5.xml:1407 sssd.conf.5.xml:2925 sssd-ldap.5.xml:708 +#: sssd-ldap.5.xml:1714 sssd-ldap.5.xml:1733 sssd-ldap.5.xml:1909 +#: sssd-ldap.5.xml:2335 sssd-ipa.5.xml:151 sssd-ipa.5.xml:238 +#: sssd-ipa.5.xml:559 sssd-krb5.5.xml:266 sssd-krb5.5.xml:300 #: sssd-krb5.5.xml:471 msgid "Default: false" msgstr "初期値: false" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2255 +#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2373 #: sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 sssd-systemtap.5.xml:210 #: sssd-systemtap.5.xml:248 sssd-systemtap.5.xml:304 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" @@ -375,8 +375,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:169 sssd.conf.5.xml:1352 sssd.conf.5.xml:2881 -#: sssd-ldap.5.xml:1467 include/ldap_id_mapping.xml:264 +#: sssd.conf.5.xml:169 sssd.conf.5.xml:1359 sssd.conf.5.xml:2941 +#: sssd-ldap.5.xml:1585 include/ldap_id_mapping.xml:264 msgid "Default: 10" msgstr "初期値: 10" @@ -391,7 +391,7 @@ msgid "The [sssd] section" msgstr "[sssd] セクション" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:191 sssd.conf.5.xml:2970 +#: sssd.conf.5.xml:191 sssd.conf.5.xml:3030 msgid "Section parameters" msgstr "セクションのパラメーター" @@ -419,7 +419,7 @@ msgstr "services" msgid "" "Comma separated list of services that are started when sssd itself starts. " "<phrase condition=\"have_systemd\"> The services' list is optional on " -"platforms where systemd is supported, as they will either be socket or dbus " +"platforms where systemd is supported, as they will either be socket or D-Bus " "activated when needed. </phrase>" msgstr "" @@ -475,7 +475,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:259 sssd.conf.5.xml:2508 +#: sssd.conf.5.xml:259 sssd.conf.5.xml:2539 msgid "re_expression (string)" msgstr "re_expression (文字列)" @@ -495,12 +495,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:276 sssd.conf.5.xml:2559 +#: sssd.conf.5.xml:276 sssd.conf.5.xml:2590 msgid "full_name_format (string)" msgstr "full_name_format (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:279 sssd.conf.5.xml:2562 +#: sssd.conf.5.xml:279 sssd.conf.5.xml:2593 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -511,39 +511,39 @@ msgstr "" "manvolnum> </citerefentry> 互換形式。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:290 sssd.conf.5.xml:2573 +#: sssd.conf.5.xml:290 sssd.conf.5.xml:2604 msgid "%1$s" msgstr "%1$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:291 sssd.conf.5.xml:2574 +#: sssd.conf.5.xml:291 sssd.conf.5.xml:2605 msgid "user name" msgstr "ユーザー名" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:294 sssd.conf.5.xml:2577 +#: sssd.conf.5.xml:294 sssd.conf.5.xml:2608 msgid "%2$s" msgstr "%2$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:297 sssd.conf.5.xml:2580 +#: sssd.conf.5.xml:297 sssd.conf.5.xml:2611 msgid "domain name as specified in the SSSD config file." msgstr "SSSD 設定ファイルにおいて指定されるドメイン名。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:303 sssd.conf.5.xml:2586 +#: sssd.conf.5.xml:303 sssd.conf.5.xml:2617 msgid "%3$s" msgstr "%3$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:306 sssd.conf.5.xml:2589 +#: sssd.conf.5.xml:306 sssd.conf.5.xml:2620 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:287 sssd.conf.5.xml:2570 +#: sssd.conf.5.xml:287 sssd.conf.5.xml:2601 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -686,12 +686,13 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:418 sssd.conf.5.xml:1156 sssd-ldap.5.xml:679 -#: sssd-ldap.5.xml:1555 sssd-ldap.5.xml:1567 sssd-ldap.5.xml:1649 -#: sssd-ad.5.xml:667 sssd-ad.5.xml:742 sssd-krb5.5.xml:410 sssd-krb5.5.xml:556 -#: sssd-secrets.5.xml:339 sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 -#: sssd-secrets.5.xml:404 sssd-secrets.5.xml:415 -#: include/ldap_id_mapping.xml:205 include/ldap_id_mapping.xml:216 +#: sssd.conf.5.xml:418 sssd.conf.5.xml:1163 sssd-ldap.5.xml:679 +#: sssd-ldap.5.xml:1319 sssd-ldap.5.xml:1673 sssd-ldap.5.xml:1685 +#: sssd-ldap.5.xml:1767 sssd-ad.5.xml:687 sssd-ad.5.xml:762 sssd.8.xml:126 +#: sssd-krb5.5.xml:410 sssd-krb5.5.xml:556 sssd-secrets.5.xml:339 +#: sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 sssd-secrets.5.xml:404 +#: sssd-secrets.5.xml:415 include/ldap_id_mapping.xml:205 +#: include/ldap_id_mapping.xml:216 msgid "Default: not set" msgstr "初期値: 設定されません" @@ -878,8 +879,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:587 sssd.conf.5.xml:1364 sssd.conf.5.xml:2931 -#: sssd-ad.5.xml:148 sssd-ad.5.xml:286 sssd-ad.5.xml:300 +#: sssd.conf.5.xml:587 sssd.conf.5.xml:1371 sssd.conf.5.xml:2991 +#: sssd-ad.5.xml:161 sssd-ad.5.xml:299 sssd-ad.5.xml:313 msgid "Default: Not set" msgstr "" @@ -963,7 +964,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:655 sssd.conf.5.xml:687 sssd.conf.5.xml:968 -#: sssd.conf.5.xml:1222 sssd-ldap.5.xml:1294 +#: sssd.conf.5.xml:1229 sssd-ldap.5.xml:1412 msgid "Default: 60" msgstr "初期値: 60" @@ -1018,12 +1019,12 @@ msgid "" "resource exhaustion on the system. The minimum acceptable value for this " "option is 60 seconds. Setting this option to 0 (zero) means that no timeout " "will be set up to the responder. This option only has effect when SSSD is " -"built with systemd support and when services are either socket or dbus " +"built with systemd support and when services are either socket or D-Bus " "activated." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:709 sssd.conf.5.xml:980 sssd.conf.5.xml:1559 +#: sssd.conf.5.xml:709 sssd.conf.5.xml:981 sssd.conf.5.xml:1566 #: sssd-ldap.5.xml:722 msgid "Default: 300" msgstr "初期値: 300" @@ -1117,7 +1118,7 @@ msgstr "" "(0 はこの機能を無効にします)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:775 sssd.conf.5.xml:1421 +#: sssd.conf.5.xml:775 sssd.conf.5.xml:1428 msgid "Default: 50" msgstr "初期値: 50" @@ -1138,7 +1139,7 @@ msgstr "" "せ)をキャッシュする秒数を指定します。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:789 sssd.conf.5.xml:1445 +#: sssd.conf.5.xml:789 sssd.conf.5.xml:1452 msgid "Default: 15" msgstr "初期値: 15" @@ -1155,7 +1156,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:802 sssd.conf.5.xml:1210 sssd.conf.5.xml:2815 sssd.8.xml:79 +#: sssd.conf.5.xml:802 sssd.conf.5.xml:1217 sssd.conf.5.xml:2846 sssd.8.xml:79 msgid "Default: 0" msgstr "初期値: 0" @@ -1233,7 +1234,7 @@ msgstr "" " " #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:856 sssd.conf.5.xml:1289 sssd.conf.5.xml:1308 +#: sssd.conf.5.xml:856 sssd.conf.5.xml:1296 sssd.conf.5.xml:1315 #: sssd-krb5.5.xml:539 include/override_homedir.xml:59 msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "例: <placeholder type=\"programlisting\" id=\"0\"/>" @@ -1379,12 +1380,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:961 sssd.conf.5.xml:1215 +#: sssd.conf.5.xml:961 sssd.conf.5.xml:1222 msgid "get_domains_timeout (int)" msgstr "get_domains_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:964 sssd.conf.5.xml:1218 +#: sssd.conf.5.xml:964 sssd.conf.5.xml:1225 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." @@ -1399,23 +1400,30 @@ msgstr "memcache_timeout (整数)" #: sssd.conf.5.xml:976 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " -"valid." +"valid. Setting this option to zero will disable the in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:983 +#: sssd.conf.5.xml:984 +msgid "" +"WARNING: Disabling the in-memory cache will have significant negative impact " +"on SSSD's performance and should only be used for testing." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:990 msgid "" "NOTE: If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", " "client applications will not use the fast in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:991 sssd-ifp.5.xml:74 +#: sssd.conf.5.xml:998 sssd-ifp.5.xml:74 msgid "user_attributes (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:994 +#: sssd.conf.5.xml:1001 msgid "" "Some of the additional NSS responder requests can return more attributes " "than just the POSIX ones defined by the NSS interface. The list of " @@ -1426,48 +1434,48 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1007 +#: sssd.conf.5.xml:1014 msgid "" "To make configuration more easy the NSS responder will check the InfoPipe " "option if it is not set for the NSS responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1012 +#: sssd.conf.5.xml:1019 msgid "Default: not set, fallback to InfoPipe option" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1017 +#: sssd.conf.5.xml:1024 msgid "pwfield (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1020 +#: sssd.conf.5.xml:1027 msgid "" "The value that NSS operations that return users or groups will return for " "the <quote>password</quote> field." msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:1025 include/override_homedir.xml:56 +#: sssd.conf.5.xml:1032 include/override_homedir.xml:56 msgid "This option can also be set per-domain." msgstr "このオプションはドメインごとに設定できます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1028 +#: sssd.conf.5.xml:1035 msgid "" "Default: <quote>*</quote> (remote domains) or <quote>x</quote> (the files " "domain)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1036 +#: sssd.conf.5.xml:1043 msgid "PAM configuration options" msgstr "PAM 設定オプション" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1038 +#: sssd.conf.5.xml:1045 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." @@ -1476,12 +1484,12 @@ msgstr "" "ために使用できます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1043 +#: sssd.conf.5.xml:1050 msgid "offline_credentials_expiration (integer)" msgstr "offline_credentials_expiration (整数)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1046 +#: sssd.conf.5.xml:1053 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." @@ -1490,17 +1498,17 @@ msgstr "" "ラインログインの最終成功からの日数)です。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1051 sssd.conf.5.xml:1064 +#: sssd.conf.5.xml:1058 sssd.conf.5.xml:1071 msgid "Default: 0 (No limit)" msgstr "初期値: 0 (無制限)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1057 +#: sssd.conf.5.xml:1064 msgid "offline_failed_login_attempts (integer)" msgstr "offline_failed_login_attempts (整数)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1060 +#: sssd.conf.5.xml:1067 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." @@ -1508,12 +1516,12 @@ msgstr "" "認証プロバイダーがオフラインの場合、ログイン試行の失敗が許容される回数です。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1070 +#: sssd.conf.5.xml:1077 msgid "offline_failed_login_delay (integer)" msgstr "offline_failed_login_delay (整数)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1073 +#: sssd.conf.5.xml:1080 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." @@ -1522,7 +1530,7 @@ msgstr "" "渡される分単位の時間です。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1078 +#: sssd.conf.5.xml:1085 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -1533,17 +1541,17 @@ msgstr "" "効にできます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1084 sssd.conf.5.xml:1182 +#: sssd.conf.5.xml:1091 sssd.conf.5.xml:1189 msgid "Default: 5" msgstr "初期値: 5" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1090 +#: sssd.conf.5.xml:1097 msgid "pam_verbosity (integer)" msgstr "pam_verbosity (整数)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1093 +#: sssd.conf.5.xml:1100 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." @@ -1552,42 +1560,42 @@ msgstr "" "きいほどメッセージが表示されます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1098 +#: sssd.conf.5.xml:1105 msgid "Currently sssd supports the following values:" msgstr "現在 sssd は以下の値をサポートします:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1101 +#: sssd.conf.5.xml:1108 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "<emphasis>0</emphasis>: 何もメッセージを表示しない" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1104 +#: sssd.conf.5.xml:1111 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "<emphasis>1</emphasis>: 重要なメッセージのみを表示する" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1108 +#: sssd.conf.5.xml:1115 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "<emphasis>2</emphasis>: 情報レベルのメッセージを表示する" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1111 +#: sssd.conf.5.xml:1118 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "<emphasis>3</emphasis>: すべてのメッセージとデバッグ情報を表示する" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1115 sssd.8.xml:63 +#: sssd.conf.5.xml:1122 sssd.8.xml:63 msgid "Default: 1" msgstr "初期値: 1" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1121 +#: sssd.conf.5.xml:1128 msgid "pam_response_filter (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1124 +#: sssd.conf.5.xml:1131 msgid "" "A comma separated list of strings which allows to remove (filter) data sent " "by the PAM responder to pam_sss PAM module. There are different kind of " @@ -1596,61 +1604,61 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1132 +#: sssd.conf.5.xml:1139 msgid "" "While messages already can be controlled with the help of the pam_verbosity " "option this option allows to filter out other kind of responses as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1139 +#: sssd.conf.5.xml:1146 msgid "ENV" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1140 +#: sssd.conf.5.xml:1147 msgid "Do not send any environment variables to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1143 +#: sssd.conf.5.xml:1150 msgid "ENV:var_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1144 +#: sssd.conf.5.xml:1151 msgid "Do not send environment variable var_name to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1148 +#: sssd.conf.5.xml:1155 msgid "ENV:var_name:service" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1149 +#: sssd.conf.5.xml:1156 msgid "Do not send environment variable var_name to service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1137 +#: sssd.conf.5.xml:1144 msgid "" "Currently the following filters are supported: <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1159 +#: sssd.conf.5.xml:1166 msgid "Example: ENV:KRB5CCNAME:sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1165 +#: sssd.conf.5.xml:1172 msgid "pam_id_timeout (integer)" msgstr "pam_id_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1168 +#: sssd.conf.5.xml:1175 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1660,7 +1668,7 @@ msgstr "" "されるよう、SSSD は直ちにキャッシュされた識別情報を更新しようとします。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1174 +#: sssd.conf.5.xml:1181 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -1673,17 +1681,17 @@ msgstr "" "アプリケーションごとに)制御します。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1188 +#: sssd.conf.5.xml:1195 msgid "pam_pwd_expiration_warning (integer)" msgstr "pam_pwd_expiration_warning (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1191 sssd.conf.5.xml:2010 +#: sssd.conf.5.xml:1198 sssd.conf.5.xml:2028 msgid "Display a warning N days before the password expires." msgstr "パスワードの期限が切れる前に N 日間警告を表示します。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1194 +#: sssd.conf.5.xml:1201 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1693,26 +1701,26 @@ msgstr "" "ことに注意してください。この情報がなければ、sssd は警告を表示します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1200 sssd.conf.5.xml:2013 +#: sssd.conf.5.xml:1207 sssd.conf.5.xml:2031 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1205 +#: sssd.conf.5.xml:1212 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:1234 msgid "pam_trusted_users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1230 +#: sssd.conf.5.xml:1237 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to run PAM conversations against trusted domains. Users not " @@ -1722,74 +1730,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1240 +#: sssd.conf.5.xml:1247 msgid "Default: All users are considered trusted by default" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1244 +#: sssd.conf.5.xml:1251 msgid "" "Please note that UID 0 is always allowed to access the PAM responder even in " "case it is not in the pam_trusted_users list." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1251 +#: sssd.conf.5.xml:1258 msgid "pam_public_domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1254 +#: sssd.conf.5.xml:1261 msgid "" "Specifies the comma-separated list of domain names that are accessible even " "to untrusted users." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1258 +#: sssd.conf.5.xml:1265 msgid "Two special values for pam_public_domains option are defined:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1262 +#: sssd.conf.5.xml:1269 msgid "" "all (Untrusted users are allowed to access all domains in PAM responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1266 +#: sssd.conf.5.xml:1273 msgid "" "none (Untrusted users are not allowed to access any domains PAM in " "responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1270 sssd.conf.5.xml:1295 sssd.conf.5.xml:1314 -#: sssd.conf.5.xml:1807 sssd.conf.5.xml:2751 sssd-ldap.5.xml:1850 +#: sssd.conf.5.xml:1277 sssd.conf.5.xml:1302 sssd.conf.5.xml:1321 +#: sssd.conf.5.xml:1825 sssd.conf.5.xml:2782 sssd-ldap.5.xml:1968 msgid "Default: none" msgstr "初期値: none" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1275 +#: sssd.conf.5.xml:1282 msgid "pam_account_expired_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1278 +#: sssd.conf.5.xml:1285 msgid "" "Allows a custom expiration message to be set, replacing the default " "'Permission denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1283 +#: sssd.conf.5.xml:1290 msgid "" "Note: Please be aware that message is only printed for the SSH service " "unless pam_verbosity is set to 3 (show all messages and debug information)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1291 +#: sssd.conf.5.xml:1298 #, no-wrap msgid "" "pam_account_expired_message = Account expired, please contact help desk.\n" @@ -1797,19 +1805,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1300 +#: sssd.conf.5.xml:1307 msgid "pam_account_locked_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1303 +#: sssd.conf.5.xml:1310 msgid "" "Allows a custom lockout message to be set, replacing the default 'Permission " "denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1310 +#: sssd.conf.5.xml:1317 #, no-wrap msgid "" "pam_account_locked_message = Account locked, please contact help desk.\n" @@ -1817,12 +1825,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1319 +#: sssd.conf.5.xml:1326 msgid "pam_cert_auth (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1322 +#: sssd.conf.5.xml:1329 msgid "" "Enable certificate based Smartcard authentication. Since this requires " "additional communication with the Smartcard which will delay the " @@ -1830,58 +1838,58 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1328 sssd-ldap.5.xml:1078 sssd-ldap.5.xml:1105 -#: sssd-ldap.5.xml:1396 sssd-ldap.5.xml:1417 sssd-ldap.5.xml:1923 -#: include/ldap_id_mapping.xml:244 +#: sssd.conf.5.xml:1335 sssd.conf.5.xml:2875 sssd-ldap.5.xml:1087 +#: sssd-ldap.5.xml:1114 sssd-ldap.5.xml:1514 sssd-ldap.5.xml:1535 +#: sssd-ldap.5.xml:2041 include/ldap_id_mapping.xml:244 msgid "Default: False" msgstr "初期値: 偽" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1333 +#: sssd.conf.5.xml:1340 msgid "pam_cert_db_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1336 +#: sssd.conf.5.xml:1343 msgid "" "The path to the certificate database which contain the PKCS#11 modules to " "access the Smartcard." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1340 +#: sssd.conf.5.xml:1347 msgid "Default: /etc/pki/nssdb (NSS version)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1345 +#: sssd.conf.5.xml:1352 msgid "p11_child_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1348 +#: sssd.conf.5.xml:1355 msgid "How many seconds will pam_sss wait for p11_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1357 +#: sssd.conf.5.xml:1364 msgid "pam_app_services (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1360 +#: sssd.conf.5.xml:1367 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1373 +#: sssd.conf.5.xml:1380 msgid "SUDO configuration options" msgstr "SUDO 設定オプション" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1375 +#: sssd.conf.5.xml:1382 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -1892,12 +1900,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1392 +#: sssd.conf.5.xml:1399 msgid "sudo_timed (bool)" msgstr "sudo_timed (論理値)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1395 +#: sssd.conf.5.xml:1402 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." @@ -1906,14 +1914,14 @@ msgstr "" "を評価するかしないかです。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1407 +#: sssd.conf.5.xml:1414 #, fuzzy #| msgid "ldap_deref_threshold (integer)" msgid "sudo_threshold (integer)" msgstr "ldap_deref_threshold (整数)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1410 +#: sssd.conf.5.xml:1417 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -1923,22 +1931,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1429 +#: sssd.conf.5.xml:1436 msgid "AUTOFS configuration options" msgstr "Autofs 設定オプション" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1431 +#: sssd.conf.5.xml:1438 msgid "These options can be used to configure the autofs service." msgstr "これらのオプションが autofs サービスを設定するために使用されます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1435 +#: sssd.conf.5.xml:1442 msgid "autofs_negative_timeout (integer)" msgstr "autofs_negative_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1438 +#: sssd.conf.5.xml:1445 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -1949,68 +1957,68 @@ msgstr "" "ヒットする秒数を指定します。" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1454 +#: sssd.conf.5.xml:1461 msgid "SSH configuration options" msgstr "SSH 設定オプション" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1456 +#: sssd.conf.5.xml:1463 msgid "These options can be used to configure the SSH service." msgstr "これらのオプションは SSH サービスを設定するために使用されます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1460 +#: sssd.conf.5.xml:1467 msgid "ssh_hash_known_hosts (bool)" msgstr "ssh_hash_known_hosts (論理値)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1463 +#: sssd.conf.5.xml:1470 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1472 +#: sssd.conf.5.xml:1479 msgid "ssh_known_hosts_timeout (integer)" msgstr "ssh_known_hosts_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1475 +#: sssd.conf.5.xml:1482 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1479 +#: sssd.conf.5.xml:1486 msgid "Default: 180" msgstr "初期値: 180" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1484 +#: sssd.conf.5.xml:1491 msgid "ca_db (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1487 +#: sssd.conf.5.xml:1494 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1492 +#: sssd.conf.5.xml:1499 msgid "Default: /etc/pki/nssdb" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1500 +#: sssd.conf.5.xml:1507 msgid "PAC responder configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1502 +#: sssd.conf.5.xml:1509 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -2021,7 +2029,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1511 +#: sssd.conf.5.xml:1518 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -2032,24 +2040,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1519 +#: sssd.conf.5.xml:1526 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1525 +#: sssd.conf.5.xml:1532 msgid "These options can be used to configure the PAC responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1529 sssd-ifp.5.xml:50 +#: sssd.conf.5.xml:1536 sssd-ifp.5.xml:50 msgid "allowed_uids (string)" msgstr "allowed_uids (文字列)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1532 +#: sssd.conf.5.xml:1539 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -2057,12 +2065,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1538 +#: sssd.conf.5.xml:1545 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1542 +#: sssd.conf.5.xml:1549 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -2071,26 +2079,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1551 +#: sssd.conf.5.xml:1558 msgid "pac_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1554 +#: sssd.conf.5.xml:1561 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1567 +#: sssd.conf.5.xml:1574 #, fuzzy #| msgid "General service configuration options" msgid "Session recording configuration options" msgstr "サービス設定の全体オプション" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1569 +#: sssd.conf.5.xml:1576 #, fuzzy #| msgid "" #| "This manual page describes the configuration of the IPA provider for " @@ -2113,36 +2121,36 @@ msgstr "" "ジの <quote>ファイル形式</quote> を参照してください。" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1582 +#: sssd.conf.5.xml:1589 #, fuzzy #| msgid "These options can be used to configure any service." msgid "These options can be used to configure session recording." msgstr "これらのオプションはすべてのサービスを設定するために使用できます。" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1586 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:1593 sssd-session-recording.5.xml:64 #, fuzzy #| msgid "sudo_provider (string)" msgid "scope (string)" msgstr "sudo_provider (文字列)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1593 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:1600 sssd-session-recording.5.xml:71 msgid "\"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1596 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:1603 sssd-session-recording.5.xml:74 msgid "No users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1601 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:1608 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1604 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:1611 sssd-session-recording.5.xml:82 #, fuzzy #| msgid "" #| "Append this user to groups specified by the <replaceable>GROUPS</" @@ -2157,17 +2165,17 @@ msgstr "" "プ名のカンマ区切り一覧です。" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1613 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:1620 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1616 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:1623 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1589 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:1596 sssd-session-recording.5.xml:67 #, fuzzy #| msgid "" #| "The following expansions are supported: <placeholder type=\"variablelist" @@ -2180,21 +2188,21 @@ msgstr "" "id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1623 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:1630 sssd-session-recording.5.xml:101 #, fuzzy #| msgid "Default: none" msgid "Default: \"none\"" msgstr "初期値: none" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1628 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:1635 sssd-session-recording.5.xml:106 #, fuzzy #| msgid "skel_dir (string)" msgid "users (string)" msgstr "skel_dir (文字列)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1631 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:1638 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording enabled. " "Matches user names as returned by NSS. I.e. after the possible space " @@ -2202,21 +2210,21 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1637 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:1644 sssd-session-recording.5.xml:115 #, fuzzy #| msgid "Default: empty, i.e. ldap_uri is used." msgid "Default: Empty. Matches no users." msgstr "初期値: 空、つまり ldap_uri が使用されます。" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1642 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:1649 sssd-session-recording.5.xml:120 #, fuzzy #| msgid "ldap_group_name (string)" msgid "groups (string)" msgstr "ldap_group_name (文字列)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1645 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:1652 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " @@ -2224,7 +2232,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1651 sssd-session-recording.5.xml:129 +#: sssd.conf.5.xml:1658 sssd-session-recording.5.xml:129 msgid "" "NOTE: using this option (having it set to anything) has a considerable " "performance cost, because each uncached request for a user requires " @@ -2232,22 +2240,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1658 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:1665 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1668 +#: sssd.conf.5.xml:1675 msgid "DOMAIN SECTIONS" msgstr "ドメインセクション" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1675 +#: sssd.conf.5.xml:1682 msgid "domain_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1678 +#: sssd.conf.5.xml:1685 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " @@ -2256,14 +2264,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1686 +#: sssd.conf.5.xml:1693 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1690 +#: sssd.conf.5.xml:1697 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " @@ -2272,31 +2280,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1698 +#: sssd.conf.5.xml:1705 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1702 +#: sssd.conf.5.xml:1709 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1706 +#: sssd.conf.5.xml:1713 msgid "Default: posix" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1712 +#: sssd.conf.5.xml:1719 msgid "min_id,max_id (integer)" msgstr "min_id,max_id (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1715 +#: sssd.conf.5.xml:1722 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." @@ -2305,7 +2313,7 @@ msgstr "" "トリーを含む場合、それは無視されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1720 +#: sssd.conf.5.xml:1727 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -2317,48 +2325,55 @@ msgstr "" "バーに対して、範囲内にあるものは予期されたものとして報告されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1727 +#: sssd.conf.5.xml:1734 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1731 +#: sssd.conf.5.xml:1738 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "初期値: min_id は 1, max_id は 0 (無制限)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1737 +#: sssd.conf.5.xml:1744 msgid "enumerate (bool)" msgstr "enumerate (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1740 +#: sssd.conf.5.xml:1747 msgid "" -"Determines if a domain can be enumerated. This parameter can have one of the " -"following values:" +"Determines if a domain can be enumerated, that is, whether the domain can " +"list all the users and group it contains. Note that it is not required to " +"enable enumeration in order for secondary groups to be displayed. This " +"parameter can have one of the following values:" msgstr "" -"ドメインが列挙できるかを決定します。このパラメーターは以下の値のどれかである" -"必要があります:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1744 +#: sssd.conf.5.xml:1755 msgid "TRUE = Users and groups are enumerated" msgstr "TRUE = ユーザーとグループが列挙されます" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1747 +#: sssd.conf.5.xml:1758 msgid "FALSE = No enumerations for this domain" msgstr "FALSE = このドメインに対して列挙しません" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1750 sssd.conf.5.xml:1965 sssd.conf.5.xml:2132 +#: sssd.conf.5.xml:1761 sssd.conf.5.xml:1983 sssd.conf.5.xml:2150 msgid "Default: FALSE" msgstr "初期値: FALSE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1753 +#: sssd.conf.5.xml:1764 +msgid "" +"Enumerating a domain requires SSSD to download and store ALL user and group " +"entries from the remote server." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1769 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -2366,11 +2381,13 @@ msgid "" "information will go directly to LDAP, though it may be slow, due to the " "heavy enumeration processing. Saving a large number of entries to cache " "after the enumeration completes might also be CPU intensive as the " -"memberships have to be recomputed." +"memberships have to be recomputed. This can lead to the <quote>sssd_be</" +"quote> process becoming unresponsive or even restarted by the internal " +"watchdog." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1766 +#: sssd.conf.5.xml:1784 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." @@ -2379,7 +2396,7 @@ msgstr "" "れが完了するまで結果を返しません。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1771 +#: sssd.conf.5.xml:1789 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -2392,39 +2409,39 @@ msgstr "" "てください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1779 +#: sssd.conf.5.xml:1797 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1787 +#: sssd.conf.5.xml:1805 msgid "subdomain_enumerate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1794 +#: sssd.conf.5.xml:1812 msgid "all" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1795 +#: sssd.conf.5.xml:1813 msgid "All discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1798 +#: sssd.conf.5.xml:1816 msgid "none" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1799 +#: sssd.conf.5.xml:1817 msgid "No discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1790 +#: sssd.conf.5.xml:1808 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -2433,12 +2450,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1813 +#: sssd.conf.5.xml:1831 msgid "entry_cache_timeout (integer)" msgstr "entry_cache_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1816 +#: sssd.conf.5.xml:1834 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" @@ -2447,7 +2464,7 @@ msgstr "" "数です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1820 +#: sssd.conf.5.xml:1838 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -2458,17 +2475,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1833 +#: sssd.conf.5.xml:1851 msgid "Default: 5400" msgstr "初期値: 5400" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1839 +#: sssd.conf.5.xml:1857 msgid "entry_cache_user_timeout (integer)" msgstr "entry_cache_user_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1842 +#: sssd.conf.5.xml:1860 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" @@ -2477,19 +2494,19 @@ msgstr "" "考える秒数です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1846 sssd.conf.5.xml:1859 sssd.conf.5.xml:1872 -#: sssd.conf.5.xml:1885 sssd.conf.5.xml:1898 sssd.conf.5.xml:1912 -#: sssd.conf.5.xml:1926 +#: sssd.conf.5.xml:1864 sssd.conf.5.xml:1877 sssd.conf.5.xml:1890 +#: sssd.conf.5.xml:1903 sssd.conf.5.xml:1916 sssd.conf.5.xml:1930 +#: sssd.conf.5.xml:1944 msgid "Default: entry_cache_timeout" msgstr "初期値: entry_cache_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1852 +#: sssd.conf.5.xml:1870 msgid "entry_cache_group_timeout (integer)" msgstr "entry_cache_group_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1855 +#: sssd.conf.5.xml:1873 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" @@ -2498,12 +2515,12 @@ msgstr "" "考える秒数です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1865 +#: sssd.conf.5.xml:1883 msgid "entry_cache_netgroup_timeout (integer)" msgstr "entry_cache_netgroup_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1868 +#: sssd.conf.5.xml:1886 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" @@ -2512,12 +2529,12 @@ msgstr "" "有効であると考える秒数です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1878 +#: sssd.conf.5.xml:1896 msgid "entry_cache_service_timeout (integer)" msgstr "entry_cache_service_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1881 +#: sssd.conf.5.xml:1899 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" @@ -2526,94 +2543,94 @@ msgstr "" "考える秒数です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1891 +#: sssd.conf.5.xml:1909 msgid "entry_cache_sudo_timeout (integer)" msgstr "entry_cache_sudo_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1894 +#: sssd.conf.5.xml:1912 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1904 +#: sssd.conf.5.xml:1922 msgid "entry_cache_autofs_timeout (integer)" msgstr "entry_cache_autofs_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1907 +#: sssd.conf.5.xml:1925 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1918 +#: sssd.conf.5.xml:1936 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1921 +#: sssd.conf.5.xml:1939 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1932 +#: sssd.conf.5.xml:1950 msgid "refresh_expired_interval (integer)" msgstr "refresh_expired_interval (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1935 +#: sssd.conf.5.xml:1953 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1940 +#: sssd.conf.5.xml:1958 msgid "" "The background refresh will process users, groups and netgroups in the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1944 +#: sssd.conf.5.xml:1962 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1948 sssd-ldap.5.xml:746 sssd-ipa.5.xml:248 +#: sssd.conf.5.xml:1966 sssd-ldap.5.xml:746 sssd-ipa.5.xml:254 msgid "Default: 0 (disabled)" msgstr "初期値: 0 (無効)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1954 +#: sssd.conf.5.xml:1972 msgid "cache_credentials (bool)" msgstr "cache_credentials (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1957 +#: sssd.conf.5.xml:1975 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" "ユーザーのクレディンシャルがローカル LDB キャッシュにキャッシュされるかどうか" "を決めます" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1961 +#: sssd.conf.5.xml:1979 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" "ユーザーのクレディンシャルが、平文ではなく SHA512 ハッシュで保存されます" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1971 +#: sssd.conf.5.xml:1989 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1974 +#: sssd.conf.5.xml:1992 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " @@ -2621,24 +2638,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1981 +#: sssd.conf.5.xml:1999 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1986 +#: sssd.conf.5.xml:2004 msgid "Default: 8" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1992 +#: sssd.conf.5.xml:2010 msgid "account_cache_expiration (integer)" msgstr "account_cache_expiration (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1995 +#: sssd.conf.5.xml:2013 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -2650,17 +2667,17 @@ msgstr "" "offline_credentials_expiration と同等以上でなければいけません。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2002 +#: sssd.conf.5.xml:2020 msgid "Default: 0 (unlimited)" msgstr "初期値: 0 (無制限)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2007 +#: sssd.conf.5.xml:2025 msgid "pwd_expiration_warning (integer)" msgstr "pwd_expiration_warning (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2018 +#: sssd.conf.5.xml:2036 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -2669,17 +2686,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2025 +#: sssd.conf.5.xml:2043 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "初期値: 7 (Kerberos), 0 (LDAP)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2031 +#: sssd.conf.5.xml:2049 msgid "id_provider (string)" msgstr "id_provider (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2034 +#: sssd.conf.5.xml:2052 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" @@ -2687,17 +2704,17 @@ msgstr "" "ダーは次のとおりです:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2038 +#: sssd.conf.5.xml:2056 msgid "<quote>proxy</quote>: Support a legacy NSS provider" msgstr "<quote>proxy</quote>: レガシーな NSS プロバイダーのサポート" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2041 sssd.conf.5.xml:2178 +#: sssd.conf.5.xml:2059 sssd.conf.5.xml:2196 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "<quote>local</quote>: ローカルユーザー向け SSSD 内部プロバイダー" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2045 +#: sssd.conf.5.xml:2063 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -2708,8 +2725,8 @@ msgstr "" "manvolnum> </citerefentry> を参照してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2053 sssd.conf.5.xml:2158 sssd.conf.5.xml:2213 -#: sssd.conf.5.xml:2276 +#: sssd.conf.5.xml:2071 sssd.conf.5.xml:2176 sssd.conf.5.xml:2231 +#: sssd.conf.5.xml:2294 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -2722,8 +2739,8 @@ msgstr "" "い。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2062 sssd.conf.5.xml:2167 sssd.conf.5.xml:2222 -#: sssd.conf.5.xml:2285 +#: sssd.conf.5.xml:2080 sssd.conf.5.xml:2185 sssd.conf.5.xml:2240 +#: sssd.conf.5.xml:2303 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2734,12 +2751,12 @@ msgstr "" "<manvolnum>5</manvolnum> </citerefentry> を参照してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2073 +#: sssd.conf.5.xml:2091 msgid "use_fully_qualified_names (bool)" msgstr "use_fully_qualified_names (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2076 +#: sssd.conf.5.xml:2094 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." @@ -2748,7 +2765,7 @@ msgstr "" "名形式により整形されたように) を使用します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2081 +#: sssd.conf.5.xml:2099 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -2761,7 +2778,7 @@ msgstr "" "んが、<command>getent passwd test@LOCAL</command> は見つけられます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2089 +#: sssd.conf.5.xml:2107 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -2769,22 +2786,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2096 +#: sssd.conf.5.xml:2114 msgid "Default: FALSE (TRUE if default_domain_suffix is used)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2102 +#: sssd.conf.5.xml:2120 msgid "ignore_group_members (bool)" msgstr "ignore_group_members (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2105 +#: sssd.conf.5.xml:2123 msgid "Do not return group members for group lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2108 +#: sssd.conf.5.xml:2126 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -2796,7 +2813,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2126 +#: sssd.conf.5.xml:2144 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " @@ -2804,12 +2821,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2137 +#: sssd.conf.5.xml:2155 msgid "auth_provider (string)" msgstr "auth_provider (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2140 +#: sssd.conf.5.xml:2158 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" @@ -2818,7 +2835,7 @@ msgstr "" "ダーは次のとおりです:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2144 sssd.conf.5.xml:2206 +#: sssd.conf.5.xml:2162 sssd.conf.5.xml:2224 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2829,7 +2846,7 @@ msgstr "" "manvolnum> </citerefentry> を参照してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2151 +#: sssd.conf.5.xml:2169 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2840,19 +2857,19 @@ msgstr "" "manvolnum> </citerefentry> を参照してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2175 +#: sssd.conf.5.xml:2193 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" "<quote>proxy</quote> はいくつかの他の PAM ターゲットに認証を中継します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2182 +#: sssd.conf.5.xml:2200 msgid "<quote>none</quote> disables authentication explicitly." msgstr "<quote>none</quote> は明示的に認証を無効化します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2185 +#: sssd.conf.5.xml:2203 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." @@ -2861,12 +2878,12 @@ msgstr "" "ならば、それが使用されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2191 +#: sssd.conf.5.xml:2209 msgid "access_provider (string)" msgstr "access_provider (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2194 +#: sssd.conf.5.xml:2212 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -2877,7 +2894,7 @@ msgstr "" "えます)。内部の特別プロバイダーは次のとおりです:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2200 +#: sssd.conf.5.xml:2218 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." @@ -2886,12 +2903,12 @@ msgstr "" "ロバイダーのみアクセスが許可されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2203 +#: sssd.conf.5.xml:2221 msgid "<quote>deny</quote> always deny access." msgstr "<quote>deny</quote> は常にアクセスを拒否します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2230 +#: sssd.conf.5.xml:2248 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -2904,7 +2921,7 @@ msgstr "" "citerefentry> を参照してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2237 +#: sssd.conf.5.xml:2255 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum></" @@ -2912,22 +2929,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2244 +#: sssd.conf.5.xml:2262 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2247 +#: sssd.conf.5.xml:2265 msgid "Default: <quote>permit</quote>" msgstr "初期値: <quote>permit</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2252 +#: sssd.conf.5.xml:2270 msgid "chpass_provider (string)" msgstr "chpass_provider (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2255 +#: sssd.conf.5.xml:2273 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" @@ -2936,7 +2953,7 @@ msgstr "" "パスワード変更プロバイダーは次のとおりです:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2260 +#: sssd.conf.5.xml:2278 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -2944,7 +2961,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2268 +#: sssd.conf.5.xml:2286 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2955,7 +2972,7 @@ msgstr "" "<manvolnum>5</manvolnum> </citerefentry> を参照してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2293 +#: sssd.conf.5.xml:2311 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" @@ -2963,12 +2980,12 @@ msgstr "" "します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2297 +#: sssd.conf.5.xml:2315 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "<quote>none</quote> は明示的にパスワードの変更を無効化します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2300 +#: sssd.conf.5.xml:2318 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." @@ -2977,19 +2994,19 @@ msgstr "" "うことができるならば、それが使用されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2307 +#: sssd.conf.5.xml:2325 msgid "sudo_provider (string)" msgstr "sudo_provider (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2310 +#: sssd.conf.5.xml:2328 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" "ドメインに使用される SUDO プロバイダーです。サポートされる SUDO プロバイダー" "は次のとおりです:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2314 +#: sssd.conf.5.xml:2332 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3000,33 +3017,33 @@ msgstr "" "<manvolnum>5</manvolnum> </citerefentry> を参照します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2322 +#: sssd.conf.5.xml:2340 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2326 +#: sssd.conf.5.xml:2344 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2330 +#: sssd.conf.5.xml:2348 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "<quote>none</quote> は SUDO を明示的に無効化します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2333 sssd.conf.5.xml:2411 sssd.conf.5.xml:2476 -#: sssd.conf.5.xml:2501 +#: sssd.conf.5.xml:2351 sssd.conf.5.xml:2437 sssd.conf.5.xml:2507 +#: sssd.conf.5.xml:2532 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" "初期値: <quote>id_provider</quote> の値が設定されていると使用されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2337 +#: sssd.conf.5.xml:2355 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -3036,13 +3053,22 @@ msgid "" "<manvolnum>5</manvolnum> </citerefentry>." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2370 +msgid "" +"<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " +"background unless the sudo provider is explicitly disabled. Set " +"<emphasis>sudo_provider = None</emphasis> to disable all sudo-related " +"activity in SSSD if you do not want to use sudo with SSSD at all." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2354 +#: sssd.conf.5.xml:2380 msgid "selinux_provider (string)" msgstr "selinux_provider (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2357 +#: sssd.conf.5.xml:2383 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -3050,7 +3076,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2363 +#: sssd.conf.5.xml:2389 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3058,31 +3084,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2371 +#: sssd.conf.5.xml:2397 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2374 +#: sssd.conf.5.xml:2400 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2380 +#: sssd.conf.5.xml:2406 msgid "subdomains_provider (string)" msgstr "subdomains_provider (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2383 +#: sssd.conf.5.xml:2409 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2389 +#: sssd.conf.5.xml:2415 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3090,7 +3116,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2398 +#: sssd.conf.5.xml:2424 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -3099,19 +3125,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2407 +#: sssd.conf.5.xml:2433 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "<quote>none</quote> はサブドメインの取り出しを明示的に無効化します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2417 +#: sssd.conf.5.xml:2443 #, fuzzy #| msgid "selinux_provider (string)" msgid "session_provider (string)" msgstr "selinux_provider (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2420 +#: sssd.conf.5.xml:2446 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " @@ -3119,18 +3145,18 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2427 +#: sssd.conf.5.xml:2453 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2431 +#: sssd.conf.5.xml:2457 msgid "" "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2435 +#: sssd.conf.5.xml:2461 #, fuzzy #| msgid "" #| "Default: <quote>id_provider</quote> is used if it is set and can handle " @@ -3142,13 +3168,20 @@ msgstr "" "初期値: <quote>id_provider</quote> が設定され、認証要求を取り扱うことができる" "ならば、それが使用されます。" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2465 +msgid "" +"<emphasis>NOTE:</emphasis> In order to have this feature working as expected " +"SSSD must be running as \"root\" and not as the unprivileged user." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2442 +#: sssd.conf.5.xml:2473 msgid "autofs_provider (string)" msgstr "autofs_provider (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2445 +#: sssd.conf.5.xml:2476 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" @@ -3156,7 +3189,7 @@ msgstr "" "プロバイダーは次のとおりです:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2449 +#: sssd.conf.5.xml:2480 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3167,7 +3200,7 @@ msgstr "" "<manvolnum>5</manvolnum> </citerefentry> を参照してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2456 +#: sssd.conf.5.xml:2487 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3178,7 +3211,7 @@ msgstr "" "<manvolnum>5</manvolnum> </citerefentry> を参照してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2464 +#: sssd.conf.5.xml:2495 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3186,17 +3219,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2473 +#: sssd.conf.5.xml:2504 msgid "<quote>none</quote> disables autofs explicitly." msgstr "<quote>none</quote> は明示的に autofs を無効にします。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2483 +#: sssd.conf.5.xml:2514 msgid "hostid_provider (string)" msgstr "hostid_provider (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2486 +#: sssd.conf.5.xml:2517 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" @@ -3205,7 +3238,7 @@ msgstr "" "hostid プロバイダーは次のとおりです:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2490 +#: sssd.conf.5.xml:2521 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3216,12 +3249,12 @@ msgstr "" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> を参照してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2498 +#: sssd.conf.5.xml:2529 msgid "<quote>none</quote> disables hostid explicitly." msgstr "<quote>none</quote> は明示的に hostid を無効にします。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2511 +#: sssd.conf.5.xml:2542 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -3231,7 +3264,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2520 +#: sssd.conf.5.xml:2551 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -3240,29 +3273,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2525 +#: sssd.conf.5.xml:2556 msgid "username" msgstr "username" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2528 +#: sssd.conf.5.xml:2559 msgid "username@domain.name" msgstr "username@domain.name" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2531 +#: sssd.conf.5.xml:2562 msgid "domain\\username" msgstr "domain\\username" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2534 +#: sssd.conf.5.xml:2565 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2539 +#: sssd.conf.5.xml:2570 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -3273,7 +3306,7 @@ msgstr "" "everything after that\" に解釈されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2545 +#: sssd.conf.5.xml:2576 msgid "" "PLEASE NOTE: the support for non-unique named subpatterns is not available " "on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre " @@ -3281,7 +3314,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2552 +#: sssd.conf.5.xml:2583 msgid "" "PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?" "P<name>) to label subpatterns." @@ -3290,17 +3323,17 @@ msgstr "" "Python 構文 (?P<name>) のみをサポートします。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2599 +#: sssd.conf.5.xml:2630 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "初期値: <quote>%1$s@%2$s</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2605 +#: sssd.conf.5.xml:2636 msgid "lookup_family_order (string)" msgstr "lookup_family_order (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2608 +#: sssd.conf.5.xml:2639 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." @@ -3309,46 +3342,46 @@ msgstr "" "します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2612 +#: sssd.conf.5.xml:2643 msgid "Supported values:" msgstr "サポートする値:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2615 +#: sssd.conf.5.xml:2646 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" "ipv4_first: IPv4 アドレスの検索を試行します。失敗すると IPv6 を試行します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2618 +#: sssd.conf.5.xml:2649 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" "ipv4_only: ホスト名を IPv4 アドレスに名前解決することのみを試行します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2621 +#: sssd.conf.5.xml:2652 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" "ipv6_first: IPv6 アドレスの検索を試行します。失敗すると IPv4 を試行します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2624 +#: sssd.conf.5.xml:2655 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" "ipv6_only: ホスト名を IPv6 アドレスに名前解決することのみを試行します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2627 +#: sssd.conf.5.xml:2658 msgid "Default: ipv4_first" msgstr "初期値: ipv4_first" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2633 +#: sssd.conf.5.xml:2664 msgid "dns_resolver_timeout (integer)" msgstr "dns_resolver_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2636 +#: sssd.conf.5.xml:2667 #, fuzzy #| msgid "" #| "Defines the amount of time (in seconds) to wait for a reply from the DNS " @@ -3365,25 +3398,25 @@ msgstr "" "ドにて操作を継続します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2643 +#: sssd.conf.5.xml:2674 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2648 sssd-ldap.5.xml:1278 sssd-ldap.5.xml:1320 -#: sssd-ldap.5.xml:1338 sssd-krb5.5.xml:248 +#: sssd.conf.5.xml:2679 sssd-ldap.5.xml:1396 sssd-ldap.5.xml:1438 +#: sssd-ldap.5.xml:1456 sssd-krb5.5.xml:248 msgid "Default: 6" msgstr "初期値: 6" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2654 +#: sssd.conf.5.xml:2685 msgid "dns_discovery_domain (string)" msgstr "dns_discovery_domain (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2657 +#: sssd.conf.5.xml:2688 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." @@ -3392,52 +3425,52 @@ msgstr "" "イン部分を指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2661 +#: sssd.conf.5.xml:2692 msgid "Default: Use the domain part of machine's hostname" msgstr "初期値: マシンのホスト名のドメイン部分を使用します" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2667 +#: sssd.conf.5.xml:2698 msgid "override_gid (integer)" msgstr "override_gid (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2670 +#: sssd.conf.5.xml:2701 msgid "Override the primary GID value with the one specified." msgstr "プライマリー GID の値を指定されたもので上書きします。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2676 +#: sssd.conf.5.xml:2707 msgid "case_sensitive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2684 +#: sssd.conf.5.xml:2715 msgid "True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2687 +#: sssd.conf.5.xml:2718 msgid "Case sensitive. This value is invalid for AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2693 +#: sssd.conf.5.xml:2724 msgid "False" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2695 +#: sssd.conf.5.xml:2726 msgid "Case insensitive." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2699 +#: sssd.conf.5.xml:2730 msgid "Preserving" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2702 +#: sssd.conf.5.xml:2733 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " @@ -3445,7 +3478,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2679 +#: sssd.conf.5.xml:2710 msgid "" "Treat user and group names as case sensitive. At the moment, this option is " "not supported in the local provider. Possible option values are: " @@ -3453,17 +3486,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2714 +#: sssd.conf.5.xml:2745 msgid "Default: True (False for AD provider)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2720 +#: sssd.conf.5.xml:2751 msgid "subdomain_inherit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2723 +#: sssd.conf.5.xml:2754 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " @@ -3471,34 +3504,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2729 +#: sssd.conf.5.xml:2760 msgid "ignore_group_members" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2732 +#: sssd.conf.5.xml:2763 msgid "ldap_purge_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2735 sssd-ldap.5.xml:1111 +#: sssd.conf.5.xml:2766 sssd-ldap.5.xml:1120 msgid "ldap_use_tokengroups" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2738 +#: sssd.conf.5.xml:2769 msgid "ldap_user_principal" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2741 +#: sssd.conf.5.xml:2772 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:2747 +#: sssd.conf.5.xml:2778 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" @@ -3506,32 +3539,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2745 sssd-secrets.5.xml:448 +#: sssd.conf.5.xml:2776 sssd-secrets.5.xml:448 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2754 +#: sssd.conf.5.xml:2785 msgid "Note: This option only works with the IPA and AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2761 +#: sssd.conf.5.xml:2792 msgid "subdomain_homedir (string)" msgstr "subdomain_homedir (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2772 +#: sssd.conf.5.xml:2803 msgid "%F" msgstr "%F" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2773 +#: sssd.conf.5.xml:2804 msgid "flat (NetBIOS) name of a subdomain." msgstr "サブドメインのフラット (NetBIOS) 名。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2764 +#: sssd.conf.5.xml:2795 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -3541,35 +3574,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2778 +#: sssd.conf.5.xml:2809 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" "値は <emphasis>override_homedir</emphasis> オプションにより上書きできます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2782 +#: sssd.conf.5.xml:2813 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "初期値: <filename>/home/%d/%u</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2787 +#: sssd.conf.5.xml:2818 msgid "realmd_tags (string)" msgstr "realmd_tags (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2790 +#: sssd.conf.5.xml:2821 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2796 +#: sssd.conf.5.xml:2827 msgid "cached_auth_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2799 +#: sssd.conf.5.xml:2830 msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " @@ -3577,20 +3610,58 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2805 +#: sssd.conf.5.xml:2836 msgid "Special value 0 implies that this feature is disabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2809 +#: sssd.conf.5.xml:2840 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " "<quote>initgroups.</quote>" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2851 +#, fuzzy +#| msgid "autofs_provider (string)" +msgid "auto_private_groups (string)" +msgstr "autofs_provider (文字列)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2854 +msgid "" +"If this option is enabled, SSSD will automatically create user private " +"groups based on user's UID number. The GID number is ignored in this case." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2859 +msgid "" +"For POSIX subdomains, setting the option in the main domain is inherited in " +"the subdomain." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2863 +msgid "" +"For ID-mapping subdomains, auto_private_groups is already enabled for the " +"subdomains and setting it to false will not have any effect for the " +"subdomain." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2868 +msgid "" +"NOTE: Because the GID number and the user private group are inferred from " +"the UID number, it is not supported to have multiple entries with the same " +"UID or GID number with this option. In other words, enabling this option " +"enforces uniqueness across the ID space." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1670 +#: sssd.conf.5.xml:1677 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -3601,17 +3672,17 @@ msgstr "" "\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2827 +#: sssd.conf.5.xml:2887 msgid "proxy_pam_target (string)" msgstr "proxy_pam_target (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2830 +#: sssd.conf.5.xml:2890 msgid "The proxy target PAM proxies to." msgstr "中継するプロキシターゲット PAM です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2833 +#: sssd.conf.5.xml:2893 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." @@ -3620,12 +3691,12 @@ msgstr "" "をここに追加する必要があります。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2841 +#: sssd.conf.5.xml:2901 msgid "proxy_lib_name (string)" msgstr "proxy_lib_name (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2844 +#: sssd.conf.5.xml:2904 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -3636,12 +3707,12 @@ msgstr "" "_nss_files_getpwent です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2854 +#: sssd.conf.5.xml:2914 msgid "proxy_fast_alias (boolean)" msgstr "proxy_fast_alias (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2857 +#: sssd.conf.5.xml:2917 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -3650,12 +3721,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2871 +#: sssd.conf.5.xml:2931 msgid "proxy_max_children (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2874 +#: sssd.conf.5.xml:2934 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " @@ -3663,7 +3734,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:2823 +#: sssd.conf.5.xml:2883 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" @@ -3672,12 +3743,12 @@ msgstr "" "\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2890 +#: sssd.conf.5.xml:2950 msgid "Application domains" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2892 +#: sssd.conf.5.xml:2952 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> <refentrytitle>sssd-ifp</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) is appealing to " @@ -3694,7 +3765,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2912 +#: sssd.conf.5.xml:2972 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " @@ -3702,17 +3773,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:2918 +#: sssd.conf.5.xml:2978 msgid "Application domain parameters" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2920 +#: sssd.conf.5.xml:2980 msgid "inherit_from (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2923 +#: sssd.conf.5.xml:2983 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " @@ -3721,7 +3792,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2937 +#: sssd.conf.5.xml:2997 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " @@ -3731,7 +3802,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:2945 +#: sssd.conf.5.xml:3005 #, no-wrap msgid "" "[sssd]\n" @@ -3751,12 +3822,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2963 +#: sssd.conf.5.xml:3023 msgid "The local domain section" msgstr "ローカルドメインのセクション" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2965 +#: sssd.conf.5.xml:3025 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -3767,27 +3838,27 @@ msgstr "" "メインに対する設定を含みます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2972 +#: sssd.conf.5.xml:3032 msgid "default_shell (string)" msgstr "default_shell (文字列)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2975 +#: sssd.conf.5.xml:3035 msgid "The default shell for users created with SSSD userspace tools." msgstr "SSSD ユーザー空間ツールを用いて作成されたユーザーの初期シェルです。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2979 +#: sssd.conf.5.xml:3039 msgid "Default: <filename>/bin/bash</filename>" msgstr "初期値: <filename>/bin/bash</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2984 +#: sssd.conf.5.xml:3044 msgid "base_directory (string)" msgstr "base_directory (文字列)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2987 +#: sssd.conf.5.xml:3047 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." @@ -3796,17 +3867,17 @@ msgstr "" "ホームディレクトリーとして使用します。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2992 +#: sssd.conf.5.xml:3052 msgid "Default: <filename>/home</filename>" msgstr "初期値: <filename>/home</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2997 +#: sssd.conf.5.xml:3057 msgid "create_homedir (bool)" msgstr "create_homedir (論理値)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3000 +#: sssd.conf.5.xml:3060 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." @@ -3815,17 +3886,17 @@ msgstr "" "す。コマンドラインにおいて上書きできます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3004 sssd.conf.5.xml:3016 +#: sssd.conf.5.xml:3064 sssd.conf.5.xml:3076 msgid "Default: TRUE" msgstr "初期値: TRUE" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3009 +#: sssd.conf.5.xml:3069 msgid "remove_homedir (bool)" msgstr "remove_homedir (論理値)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3012 +#: sssd.conf.5.xml:3072 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." @@ -3834,12 +3905,12 @@ msgstr "" "す。コマンドラインにおいて上書きできます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3021 +#: sssd.conf.5.xml:3081 msgid "homedir_umask (integer)" msgstr "homedir_umask (整数)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3024 +#: sssd.conf.5.xml:3084 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -3850,17 +3921,17 @@ msgstr "" "manvolnum> </citerefentry> により使用されます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3032 +#: sssd.conf.5.xml:3092 msgid "Default: 077" msgstr "初期値: 077" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3037 +#: sssd.conf.5.xml:3097 msgid "skel_dir (string)" msgstr "skel_dir (文字列)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3040 +#: sssd.conf.5.xml:3100 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -3873,17 +3944,17 @@ msgstr "" "を含む、スケルトンディレクトリーです。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3050 +#: sssd.conf.5.xml:3110 msgid "Default: <filename>/etc/skel</filename>" msgstr "初期値: <filename>/etc/skel</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3055 +#: sssd.conf.5.xml:3115 msgid "mail_dir (string)" msgstr "mail_dir (文字列)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3058 +#: sssd.conf.5.xml:3118 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -3894,17 +3965,17 @@ msgstr "" "が使用されます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3065 +#: sssd.conf.5.xml:3125 msgid "Default: <filename>/var/mail</filename>" msgstr "初期値: <filename>/var/mail</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3070 +#: sssd.conf.5.xml:3130 msgid "userdel_cmd (string)" msgstr "userdel_cmd (文字列)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3073 +#: sssd.conf.5.xml:3133 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -3915,17 +3986,17 @@ msgstr "" "せん。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3079 +#: sssd.conf.5.xml:3139 msgid "Default: None, no command is run" msgstr "初期値: なし、コマンドを実行しません" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3089 +#: sssd.conf.5.xml:3149 msgid "TRUSTED DOMAIN SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3091 +#: sssd.conf.5.xml:3151 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called <quote>[domain/" @@ -3936,64 +4007,64 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3098 +#: sssd.conf.5.xml:3158 msgid "ldap_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3099 +#: sssd.conf.5.xml:3159 msgid "ldap_user_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3100 +#: sssd.conf.5.xml:3160 msgid "ldap_group_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3101 +#: sssd.conf.5.xml:3161 msgid "ldap_netgroup_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3102 +#: sssd.conf.5.xml:3162 msgid "ldap_service_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3103 +#: sssd.conf.5.xml:3163 msgid "ad_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3104 +#: sssd.conf.5.xml:3164 msgid "ad_backup_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3105 +#: sssd.conf.5.xml:3165 msgid "ad_site," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3106 +#: sssd.conf.5.xml:3166 msgid "use_fully_qualified_names" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3108 +#: sssd.conf.5.xml:3168 msgid "" "For more details about these options see their individual description in the " "manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3114 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:3174 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3120 +#: sssd.conf.5.xml:3180 #, no-wrap msgid "" "[sssd]\n" @@ -4047,7 +4118,7 @@ msgstr "" "enumerate = False\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3116 +#: sssd.conf.5.xml:3176 #, fuzzy #| msgid "" #| "The following example shows a typical SSSD config. It does not describe " @@ -4065,7 +4136,7 @@ msgstr "" "<placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3153 +#: sssd.conf.5.xml:3213 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" @@ -4073,7 +4144,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3147 +#: sssd.conf.5.xml:3207 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -4133,7 +4204,7 @@ msgstr "" "オプションを参照してください。" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:75 sssd-ad.5.xml:99 +#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:81 sssd-ad.5.xml:112 #: sssd-krb5.5.xml:63 sssd-ifp.5.xml:44 sssd-files.5.xml:57 #: sssd-secrets.5.xml:120 sssd-session-recording.5.xml:58 sssd-kcm.8.xml:139 msgid "CONFIGURATION OPTIONS" @@ -4241,7 +4312,7 @@ msgstr "" "な LDAP 検索フィルターである必要があります。" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:662 sssd-ad.5.xml:270 +#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:662 sssd-ad.5.xml:283 #: sss_override.8.xml:137 sss_override.8.xml:234 msgid "Examples:" msgstr "例:" @@ -4448,7 +4519,7 @@ msgid "The LDAP attribute that corresponds to the user's primary group id." msgstr "ユーザーのプライマリーグループ ID に対応する LDAP の属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:297 sssd-ldap.5.xml:920 +#: sssd-ldap.5.xml:297 sssd-ldap.5.xml:929 msgid "Default: gidNumber" msgstr "初期値: gidNumber" @@ -4526,7 +4597,7 @@ msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:364 sssd-ldap.5.xml:946 +#: sssd-ldap.5.xml:364 sssd-ldap.5.xml:955 msgid "" "Default: not set in the general case, objectGUID for AD and ipaUniqueID for " "IPA" @@ -4547,7 +4618,7 @@ msgstr "" "ActiveDirectory サーバーに対してのみ必要です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:379 sssd-ldap.5.xml:961 +#: sssd-ldap.5.xml:379 sssd-ldap.5.xml:970 msgid "Default: objectSid for ActiveDirectory, not set for other servers." msgstr "" @@ -4557,14 +4628,14 @@ msgid "ldap_user_modify_timestamp (string)" msgstr "ldap_user_modify_timestamp (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:389 sssd-ldap.5.xml:971 sssd-ldap.5.xml:1194 +#: sssd-ldap.5.xml:389 sssd-ldap.5.xml:980 sssd-ldap.5.xml:1203 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." msgstr "親オブジェクトの最終変更のタイムスタンプを含む LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:393 sssd-ldap.5.xml:975 sssd-ldap.5.xml:1201 +#: sssd-ldap.5.xml:393 sssd-ldap.5.xml:984 sssd-ldap.5.xml:1210 msgid "Default: modifyTimestamp" msgstr "初期値: modifyTimestamp" @@ -4936,7 +5007,7 @@ msgid "The LDAP attribute that contains the user's SSH public keys." msgstr "ユーザーの SSH 公開鍵を含む LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:692 +#: sssd-ldap.5.xml:692 sssd-ldap.5.xml:1306 msgid "Default: sshPublicKey" msgstr "" @@ -5006,8 +5077,8 @@ msgid "The LDAP attribute that corresponds to the user's full name." msgstr "ユーザーの完全名に対応する LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:759 sssd-ldap.5.xml:1152 sssd-ldap.5.xml:1226 -#: sssd-ldap.5.xml:2276 sssd-ipa.5.xml:588 +#: sssd-ldap.5.xml:759 sssd-ldap.5.xml:1161 sssd-ldap.5.xml:1235 +#: sssd-ldap.5.xml:1344 sssd-ldap.5.xml:2394 sssd-ipa.5.xml:607 msgid "Default: cn" msgstr "初期値: cn" @@ -5022,7 +5093,7 @@ msgid "The LDAP attribute that lists the user's group memberships." msgstr "ユーザーのグループメンバーを一覧にする LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:772 +#: sssd-ldap.5.xml:772 sssd-ldap.5.xml:1274 msgid "Default: memberOf" msgstr "初期値: memberOf" @@ -5182,81 +5253,91 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:881 +msgid "" +"Note: If an email address of a user conflicts with an email address or fully " +"qualified name of another user, then SSSD will not be able to serve those " +"users properly. If for some reason several users need to share the same " +"email address then set this option to a nonexistent attribute name in order " +"to disable user lookup/login by email." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:890 msgid "Default: mail" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:887 +#: sssd-ldap.5.xml:896 msgid "ldap_group_object_class (string)" msgstr "ldap_group_object_class (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:890 +#: sssd-ldap.5.xml:899 msgid "The object class of a group entry in LDAP." msgstr "LDAP にあるグループエントリーのオブジェクトクラスです。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:893 +#: sssd-ldap.5.xml:902 msgid "Default: posixGroup" msgstr "初期値: posixGroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:899 +#: sssd-ldap.5.xml:908 msgid "ldap_group_name (string)" msgstr "ldap_group_name (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:902 +#: sssd-ldap.5.xml:911 msgid "The LDAP attribute that corresponds to the group name." msgstr "グループ名に対応する LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:906 +#: sssd-ldap.5.xml:915 msgid "Default: cn (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:913 +#: sssd-ldap.5.xml:922 msgid "ldap_group_gid_number (string)" msgstr "ldap_group_gid_number (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:916 +#: sssd-ldap.5.xml:925 msgid "The LDAP attribute that corresponds to the group's id." msgstr "グループの ID に対応する LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:926 +#: sssd-ldap.5.xml:935 msgid "ldap_group_member (string)" msgstr "ldap_group_member (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:929 +#: sssd-ldap.5.xml:938 msgid "The LDAP attribute that contains the names of the group's members." msgstr "グループのメンバーの名前を含む LDAP の属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:933 +#: sssd-ldap.5.xml:942 msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" msgstr "初期値: memberuid (rfc2307) / member (rfc2307bis)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:939 +#: sssd-ldap.5.xml:948 msgid "ldap_group_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:942 +#: sssd-ldap.5.xml:951 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:953 +#: sssd-ldap.5.xml:962 msgid "ldap_group_objectsid (string)" msgstr "ldap_group_objectsid (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:956 +#: sssd-ldap.5.xml:965 msgid "" "The LDAP attribute that contains the objectSID of an LDAP group object. This " "is usually only necessary for ActiveDirectory servers." @@ -5265,24 +5346,24 @@ msgstr "" "ActiveDirectory サーバーに対してのみ必要です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:968 +#: sssd-ldap.5.xml:977 msgid "ldap_group_modify_timestamp (string)" msgstr "ldap_group_modify_timestamp (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:981 +#: sssd-ldap.5.xml:990 msgid "ldap_group_type (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:984 +#: sssd-ldap.5.xml:993 msgid "" "The LDAP attribute that contains an integer value indicating the type of the " "group and maybe other flags." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:989 +#: sssd-ldap.5.xml:998 msgid "" "This attribute is currently only used by the AD provider to determine if a " "group is a domain local groups and has to be filtered out for trusted " @@ -5290,34 +5371,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:995 +#: sssd-ldap.5.xml:1004 msgid "Default: groupType in the AD provider, otherwise not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1002 +#: sssd-ldap.5.xml:1011 msgid "ldap_group_external_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1005 +#: sssd-ldap.5.xml:1014 msgid "" "The LDAP attribute that references group members that are defined in an " "external domain. At the moment, only IPA's external members are supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1011 +#: sssd-ldap.5.xml:1020 msgid "Default: ipaExternalMember in the IPA provider, otherwise unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1018 +#: sssd-ldap.5.xml:1027 msgid "ldap_group_nesting_level (integer)" msgstr "ldap_group_nesting_level (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1021 +#: sssd-ldap.5.xml:1030 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -5328,7 +5409,7 @@ msgstr "" "のオプションは RFC2307 スキーマにおいて効果がありません。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1028 +#: sssd-ldap.5.xml:1037 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -5338,7 +5419,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1037 +#: sssd-ldap.5.xml:1046 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " @@ -5348,17 +5429,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1046 +#: sssd-ldap.5.xml:1055 msgid "Default: 2" msgstr "初期値: 2" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1052 +#: sssd-ldap.5.xml:1061 msgid "ldap_groups_use_matching_rule_in_chain" msgstr "ldap_groups_use_matching_rule_in_chain" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1055 +#: sssd-ldap.5.xml:1064 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which may speed up group lookup operations on deployments with " @@ -5366,14 +5447,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1061 +#: sssd-ldap.5.xml:1070 msgid "" "In most common cases, it is best to leave this option disabled. It generally " "only provides a performance increase on very complex nestings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1066 sssd-ldap.5.xml:1093 +#: sssd-ldap.5.xml:1075 sssd-ldap.5.xml:1102 msgid "" "If this option is enabled, SSSD will use it if it detects that the server " "supports it during initial connection. So \"True\" here essentially means " @@ -5381,7 +5462,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1072 sssd-ldap.5.xml:1099 +#: sssd-ldap.5.xml:1081 sssd-ldap.5.xml:1108 msgid "" "Note: This feature is currently known to work only with Active Directory " "2008 R1 and later. See <ulink url=\"http://msdn.microsoft.com/en-us/library/" @@ -5390,12 +5471,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1084 +#: sssd-ldap.5.xml:1093 msgid "ldap_initgroups_use_matching_rule_in_chain" msgstr "ldap_initgroups_use_matching_rule_in_chain" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1087 +#: sssd-ldap.5.xml:1096 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which might speed up initgroups operations (most notably when " @@ -5403,81 +5484,81 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1114 +#: sssd-ldap.5.xml:1123 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1119 +#: sssd-ldap.5.xml:1128 msgid "Default: True for AD and IPA otherwise False." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1125 +#: sssd-ldap.5.xml:1134 msgid "ldap_netgroup_object_class (string)" msgstr "ldap_netgroup_object_class (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1128 +#: sssd-ldap.5.xml:1137 msgid "The object class of a netgroup entry in LDAP." msgstr "LDAP にあるネットワークグループエントリーのオブジェクトクラスです。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1131 +#: sssd-ldap.5.xml:1140 msgid "In IPA provider, ipa_netgroup_object_class should be used instead." msgstr "" "IPA プロバイダーにおいては ipa_netgroup_object_class が代わりに使用されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1135 +#: sssd-ldap.5.xml:1144 msgid "Default: nisNetgroup" msgstr "初期値: nisNetgroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1141 +#: sssd-ldap.5.xml:1150 msgid "ldap_netgroup_name (string)" msgstr "ldap_netgroup_name (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1144 +#: sssd-ldap.5.xml:1153 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "ネットワークグループ名に対応する LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1148 +#: sssd-ldap.5.xml:1157 msgid "In IPA provider, ipa_netgroup_name should be used instead." msgstr "IPA プロバイダーにおいては ipa_netgroup_name が代わりに使用されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1158 +#: sssd-ldap.5.xml:1167 msgid "ldap_netgroup_member (string)" msgstr "ldap_netgroup_member (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1161 +#: sssd-ldap.5.xml:1170 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "ネットワークグループのメンバーの名前を含む LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1165 +#: sssd-ldap.5.xml:1174 msgid "In IPA provider, ipa_netgroup_member should be used instead." msgstr "" "IPA プロバイダーにおいては ipa_netgroup_member が代わりに使用されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1169 +#: sssd-ldap.5.xml:1178 msgid "Default: memberNisNetgroup" msgstr "初期値: memberNisNetgroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1175 +#: sssd-ldap.5.xml:1184 msgid "ldap_netgroup_triple (string)" msgstr "ldap_netgroup_triple (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1178 +#: sssd-ldap.5.xml:1187 msgid "" "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" @@ -5485,90 +5566,226 @@ msgstr "" "す。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1182 sssd-ldap.5.xml:1198 +#: sssd-ldap.5.xml:1191 sssd-ldap.5.xml:1207 msgid "This option is not available in IPA provider." msgstr "このオプションは IPA プロバイダーにおいて利用可能ではありません。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1185 +#: sssd-ldap.5.xml:1194 msgid "Default: nisNetgroupTriple" msgstr "初期値: nisNetgroupTriple" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1191 +#: sssd-ldap.5.xml:1200 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "ldap_netgroup_modify_timestamp (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1207 -msgid "ldap_service_object_class (string)" -msgstr "ldap_service_object_class (文字列)" +#: sssd-ldap.5.xml:1216 +#, fuzzy +#| msgid "ldap_user_object_class (string)" +msgid "ldap_host_object_class (string)" +msgstr "ldap_user_object_class (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1210 -msgid "The object class of a service entry in LDAP." -msgstr "LDAP にあるサービスエントリーのオブジェクトクラスです。" +#: sssd-ldap.5.xml:1219 +#, fuzzy +#| msgid "The object class of a user entry in LDAP." +msgid "The object class of a host entry in LDAP." +msgstr "LDAP にあるユーザーエントリーのオブジェクトクラスです。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1213 +#: sssd-ldap.5.xml:1222 sssd-ldap.5.xml:1331 msgid "Default: ipService" msgstr "初期値: ipService" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1219 +#: sssd-ldap.5.xml:1228 +#, fuzzy +#| msgid "ad_hostname (string)" +msgid "ldap_host_name (string)" +msgstr "ad_hostname (string)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1231 sssd-ldap.5.xml:1257 +#, fuzzy +#| msgid "The LDAP attribute that corresponds to the group name." +msgid "The LDAP attribute that corresponds to the host's name." +msgstr "グループ名に対応する LDAP 属性です。" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1241 +#, fuzzy +#| msgid "ldap_sudo_hostnames (string)" +msgid "ldap_host_fqdn (string)" +msgstr "ldap_sudo_hostnames (文字列)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1244 +#, fuzzy +#| msgid "The LDAP attribute that corresponds to the user's full name." +msgid "" +"The LDAP attribute that corresponds to the host's fully-qualified domain " +"name." +msgstr "ユーザーの完全名に対応する LDAP 属性です。" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1248 +#, fuzzy +#| msgid "Default: cn" +msgid "Default: fqdn" +msgstr "初期値: cn" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1254 +#, fuzzy +#| msgid "ldap_dns_service_name (string)" +msgid "ldap_host_serverhostname (string)" +msgstr "ldap_dns_service_name (文字列)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1261 +#, fuzzy +#| msgid "Default: sudoHost" +msgid "Default: serverHostname" +msgstr "初期値: sudoHost" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1267 +#, fuzzy +#| msgid "ldap_user_member_of (string)" +msgid "ldap_host_member_of (string)" +msgstr "ldap_user_member_of (文字列)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1270 +#, fuzzy +#| msgid "The LDAP attribute that lists the user's group memberships." +msgid "The LDAP attribute that lists the host's group memberships." +msgstr "ユーザーのグループメンバーを一覧にする LDAP 属性です。" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1280 +#, fuzzy +#| msgid "ipa_host_search_base (string)" +msgid "ldap_host_search_base (string)" +msgstr "ipa_host_search_base (文字列)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1283 +msgid "Optional. Use the given string as search base for host objects." +msgstr "" +"オプションです。ホストオブジェクトの検索ベースとして与えられた文字列を使用し" +"ます。" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1287 sssd-ipa.5.xml:359 sssd-ipa.5.xml:378 +#: sssd-ipa.5.xml:397 sssd-ipa.5.xml:416 +msgid "" +"See <quote>ldap_search_base</quote> for information about configuring " +"multiple search bases." +msgstr "" +"複数の検索ベースを設定することの詳細は <quote>ldap_search_base</quote> を参照" +"してください。" + +#. type: Content of: <listitem><para> +#: sssd-ldap.5.xml:1292 sssd-ipa.5.xml:364 include/ldap_search_bases.xml:27 +msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" +msgstr "初期値: <emphasis>ldap_search_base</emphasis> の値" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1299 +#, fuzzy +#| msgid "ldap_user_ssh_public_key (string)" +msgid "ldap_host_ssh_public_key (string)" +msgstr "ldap_user_ssh_public_key (文字列)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1302 +#, fuzzy +#| msgid "The LDAP attribute that contains the user's SSH public keys." +msgid "The LDAP attribute that contains the host's SSH public keys." +msgstr "ユーザーの SSH 公開鍵を含む LDAP 属性です。" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1312 +#, fuzzy +#| msgid "ldap_sasl_authid (string)" +msgid "ldap_host_uuid (string)" +msgstr "ldap_sasl_authid (文字列)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1315 +#, fuzzy +#| msgid "The LDAP attribute that contains the port managed by this service." +msgid "The LDAP attribute that contains the UUID/GUID of an LDAP host object." +msgstr "このサービスにより管理されるポートを含む LDAP 属性です。" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1325 +msgid "ldap_service_object_class (string)" +msgstr "ldap_service_object_class (文字列)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1328 +msgid "The object class of a service entry in LDAP." +msgstr "LDAP にあるサービスエントリーのオブジェクトクラスです。" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1337 msgid "ldap_service_name (string)" msgstr "ldap_service_name (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1222 +#: sssd-ldap.5.xml:1340 msgid "" "The LDAP attribute that contains the name of service attributes and their " "aliases." msgstr "サービス属性の名前とそのエイリアスを含む LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1232 +#: sssd-ldap.5.xml:1350 msgid "ldap_service_port (string)" msgstr "ldap_service_port (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1235 +#: sssd-ldap.5.xml:1353 msgid "The LDAP attribute that contains the port managed by this service." msgstr "このサービスにより管理されるポートを含む LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1239 +#: sssd-ldap.5.xml:1357 msgid "Default: ipServicePort" msgstr "初期値: ipServicePort" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1245 +#: sssd-ldap.5.xml:1363 msgid "ldap_service_proto (string)" msgstr "ldap_service_proto (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1248 +#: sssd-ldap.5.xml:1366 msgid "" "The LDAP attribute that contains the protocols understood by this service." msgstr "このサービスにより認識されるプロトコルを含む LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1252 +#: sssd-ldap.5.xml:1370 msgid "Default: ipServiceProtocol" msgstr "初期値: ipServiceProtocol" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1258 +#: sssd-ldap.5.xml:1376 msgid "ldap_service_search_base (string)" msgstr "ldap_service_search_base (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1263 +#: sssd-ldap.5.xml:1381 msgid "ldap_search_timeout (integer)" msgstr "ldap_search_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1266 +#: sssd-ldap.5.xml:1384 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -5576,7 +5793,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1272 +#: sssd-ldap.5.xml:1390 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -5587,12 +5804,12 @@ msgstr "" "かもしれません。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1284 +#: sssd-ldap.5.xml:1402 msgid "ldap_enumeration_search_timeout (integer)" msgstr "ldap_enumeration_search_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1287 +#: sssd-ldap.5.xml:1405 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -5600,12 +5817,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1300 +#: sssd-ldap.5.xml:1418 msgid "ldap_network_timeout (integer)" msgstr "ldap_network_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1303 +#: sssd-ldap.5.xml:1421 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -5621,12 +5838,12 @@ msgstr "" "citerefentry> が未使用を返した後のタイムアウト(秒単位)を指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1326 +#: sssd-ldap.5.xml:1444 msgid "ldap_opt_timeout (integer)" msgstr "ldap_opt_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1329 +#: sssd-ldap.5.xml:1447 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -5635,12 +5852,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1344 +#: sssd-ldap.5.xml:1462 msgid "ldap_connection_expire_timeout (integer)" msgstr "ldap_connection_expire_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1347 +#: sssd-ldap.5.xml:1465 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -5649,17 +5866,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1355 sssd-ldap.5.xml:2433 +#: sssd-ldap.5.xml:1473 sssd-ldap.5.xml:2551 msgid "Default: 900 (15 minutes)" msgstr "初期値: 900 (15 分)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1361 +#: sssd-ldap.5.xml:1479 msgid "ldap_page_size (integer)" msgstr "ldap_page_size (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1364 +#: sssd-ldap.5.xml:1482 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." @@ -5668,17 +5885,17 @@ msgstr "" "バーは 1 要求あたりの最大数の制限を強制します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1369 +#: sssd-ldap.5.xml:1487 msgid "Default: 1000" msgstr "初期値: 1000" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1375 +#: sssd-ldap.5.xml:1493 msgid "ldap_disable_paging (boolean)" msgstr "ldap_disable_paging (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1378 +#: sssd-ldap.5.xml:1496 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -5689,7 +5906,7 @@ msgstr "" "ことを報告する場合に、このオプションが使用されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1384 +#: sssd-ldap.5.xml:1502 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." @@ -5699,7 +5916,7 @@ msgstr "" "す。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1390 +#: sssd-ldap.5.xml:1508 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -5710,17 +5927,17 @@ msgstr "" "があります。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1402 +#: sssd-ldap.5.xml:1520 msgid "ldap_disable_range_retrieval (boolean)" msgstr "ldap_disable_range_retrieval (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1405 +#: sssd-ldap.5.xml:1523 msgid "Disable Active Directory range retrieval." msgstr "Active Directory の範囲の取得を無効化します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1408 +#: sssd-ldap.5.xml:1526 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -5730,12 +5947,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1423 +#: sssd-ldap.5.xml:1541 msgid "ldap_sasl_minssf (integer)" msgstr "ldap_sasl_minssf (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1426 +#: sssd-ldap.5.xml:1544 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -5743,17 +5960,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1432 +#: sssd-ldap.5.xml:1550 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1439 +#: sssd-ldap.5.xml:1557 msgid "ldap_deref_threshold (integer)" msgstr "ldap_deref_threshold (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1442 +#: sssd-ldap.5.xml:1560 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -5761,13 +5978,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1448 +#: sssd-ldap.5.xml:1566 msgid "" "You can turn off dereference lookups completely by setting the value to 0." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1452 +#: sssd-ldap.5.xml:1570 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -5776,7 +5993,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1460 +#: sssd-ldap.5.xml:1578 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -5784,12 +6001,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1473 +#: sssd-ldap.5.xml:1591 msgid "ldap_tls_reqcert (string)" msgstr "ldap_tls_reqcert (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1476 +#: sssd-ldap.5.xml:1594 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" @@ -5798,7 +6015,7 @@ msgstr "" "クするものを指定します。以下の値のうち 1 つを指定できます:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1482 +#: sssd-ldap.5.xml:1600 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." @@ -5807,7 +6024,7 @@ msgstr "" "確認しません。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1486 +#: sssd-ldap.5.xml:1604 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5818,7 +6035,7 @@ msgstr "" "無視され、セッションが通常通り進められます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1493 +#: sssd-ldap.5.xml:1611 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5829,7 +6046,7 @@ msgstr "" "ンが直ちに終了します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1499 +#: sssd-ldap.5.xml:1617 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -5839,22 +6056,22 @@ msgstr "" "なければ、もしくは不正な証明書が提供されれば、セッションが直ちに終了します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1505 +#: sssd-ldap.5.xml:1623 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "<emphasis>hard</emphasis> = <quote>demand</quote> と同じです" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1509 +#: sssd-ldap.5.xml:1627 msgid "Default: hard" msgstr "初期値: hard" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1515 +#: sssd-ldap.5.xml:1633 msgid "ldap_tls_cacert (string)" msgstr "ldap_tls_cacert (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1518 +#: sssd-ldap.5.xml:1636 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." @@ -5864,7 +6081,7 @@ msgstr "" "書を含むファイルを指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1523 sssd-ldap.5.xml:1541 sssd-ldap.5.xml:1582 +#: sssd-ldap.5.xml:1641 sssd-ldap.5.xml:1659 sssd-ldap.5.xml:1700 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" @@ -5873,12 +6090,12 @@ msgstr "" "filename> にあります" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1530 +#: sssd-ldap.5.xml:1648 msgid "ldap_tls_cacertdir (string)" msgstr "ldap_tls_cacertdir (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1533 +#: sssd-ldap.5.xml:1651 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -5891,32 +6108,32 @@ msgstr "" "ます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1548 +#: sssd-ldap.5.xml:1666 msgid "ldap_tls_cert (string)" msgstr "ldap_tls_cert (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1551 +#: sssd-ldap.5.xml:1669 msgid "Specifies the file that contains the certificate for the client's key." msgstr "クライアントのキーに対する証明書を含むファイルを指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1561 +#: sssd-ldap.5.xml:1679 msgid "ldap_tls_key (string)" msgstr "ldap_tls_key (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1564 +#: sssd-ldap.5.xml:1682 msgid "Specifies the file that contains the client's key." msgstr "クライアントのキーを含むファイルを指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1573 +#: sssd-ldap.5.xml:1691 msgid "ldap_tls_cipher_suite (string)" msgstr "ldap_tls_cipher_suite (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1576 +#: sssd-ldap.5.xml:1694 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -5924,12 +6141,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1589 +#: sssd-ldap.5.xml:1707 msgid "ldap_id_use_start_tls (boolean)" msgstr "ldap_id_use_start_tls (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1592 +#: sssd-ldap.5.xml:1710 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." @@ -5938,12 +6155,12 @@ msgstr "" "用する必要がある id_provider 接続を指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1602 +#: sssd-ldap.5.xml:1720 msgid "ldap_id_mapping (boolean)" msgstr "ldap_id_mapping (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1605 +#: sssd-ldap.5.xml:1723 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -5951,18 +6168,18 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1611 +#: sssd-ldap.5.xml:1729 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" "この機能は現在 ActiveDirectory objectSID マッピングのみサポートします。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1621 +#: sssd-ldap.5.xml:1739 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1624 +#: sssd-ldap.5.xml:1742 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -5973,17 +6190,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1636 +#: sssd-ldap.5.xml:1754 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1642 +#: sssd-ldap.5.xml:1760 msgid "ldap_sasl_mech (string)" msgstr "ldap_sasl_mech (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1645 +#: sssd-ldap.5.xml:1763 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI is tested and " "supported." @@ -5992,12 +6209,12 @@ msgstr "" "れます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1655 +#: sssd-ldap.5.xml:1773 msgid "ldap_sasl_authid (string)" msgstr "ldap_sasl_authid (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1658 +#: sssd-ldap.5.xml:1776 msgid "" "Specify the SASL authorization id to use. When GSSAPI is used, this " "represents the Kerberos principal used for authentication to the directory. " @@ -6006,17 +6223,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1666 +#: sssd-ldap.5.xml:1784 msgid "Default: host/hostname@REALM" msgstr "初期値: host/hostname@REALM" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1672 +#: sssd-ldap.5.xml:1790 msgid "ldap_sasl_realm (string)" msgstr "ldap_sasl_realm (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1675 +#: sssd-ldap.5.xml:1793 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -6024,17 +6241,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1681 +#: sssd-ldap.5.xml:1799 msgid "Default: the value of krb5_realm." msgstr "初期値: krb5_realm の値" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1687 +#: sssd-ldap.5.xml:1805 msgid "ldap_sasl_canonicalize (boolean)" msgstr "ldap_sasl_canonicalize (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1690 +#: sssd-ldap.5.xml:1808 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." @@ -6043,33 +6260,33 @@ msgstr "" "するために逆引きを実行します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1695 +#: sssd-ldap.5.xml:1813 msgid "Default: false;" msgstr "初期値: false;" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1701 +#: sssd-ldap.5.xml:1819 msgid "ldap_krb5_keytab (string)" msgstr "ldap_krb5_keytab (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1704 +#: sssd-ldap.5.xml:1822 msgid "Specify the keytab to use when using SASL/GSSAPI." msgstr "SASL/GSSAPI を使用するときに使用するキーテーブルを指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1707 +#: sssd-ldap.5.xml:1825 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" "初期値: システムのキーテーブル、通常 <filename>/etc/krb5.keytab</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1713 +#: sssd-ldap.5.xml:1831 msgid "ldap_krb5_init_creds (boolean)" msgstr "ldap_krb5_init_creds (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1716 +#: sssd-ldap.5.xml:1834 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -6080,27 +6297,27 @@ msgstr "" "ます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1728 +#: sssd-ldap.5.xml:1846 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "ldap_krb5_ticket_lifetime (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1731 +#: sssd-ldap.5.xml:1849 msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." msgstr "GSSAPI が使用されている場合、TGT の有効期間を秒単位で指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1735 sssd-ad.5.xml:914 +#: sssd-ldap.5.xml:1853 sssd-ad.5.xml:934 msgid "Default: 86400 (24 hours)" msgstr "初期値: 86400 (24 時間)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1741 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1859 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "krb5_server, krb5_backup_server (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1744 +#: sssd-ldap.5.xml:1862 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -6112,7 +6329,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1756 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1874 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -6123,7 +6340,7 @@ msgstr "" "ば _tcp にフォールバックします。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1761 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1879 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -6134,27 +6351,27 @@ msgstr "" "quote> を使用するよう設定ファイルを移行することが推奨されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1770 sssd-ipa.5.xml:432 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1888 sssd-ipa.5.xml:428 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "krb5_realm (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1773 +#: sssd-ldap.5.xml:1891 msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." msgstr "(SASL/GSSAPI 認証向け) Kerberos レルムを指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1776 +#: sssd-ldap.5.xml:1894 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "初期値: システムの初期値、<filename>/etc/krb5.conf</filename> 参照。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1782 sssd-krb5.5.xml:462 +#: sssd-ldap.5.xml:1900 sssd-krb5.5.xml:462 msgid "krb5_canonicalize (boolean)" msgstr "krb5_canonicalize (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1785 +#: sssd-ldap.5.xml:1903 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" @@ -6163,12 +6380,12 @@ msgstr "" "します。この機能は MIT Kerberos >= 1.7 で利用可能です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1797 sssd-krb5.5.xml:477 +#: sssd-ldap.5.xml:1915 sssd-krb5.5.xml:477 msgid "krb5_use_kdcinfo (boolean)" msgstr "krb5_use_kdcinfo (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1800 sssd-krb5.5.xml:480 +#: sssd-ldap.5.xml:1918 sssd-krb5.5.xml:480 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -6178,7 +6395,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1811 sssd-krb5.5.xml:491 +#: sssd-ldap.5.xml:1929 sssd-krb5.5.xml:491 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -6189,12 +6406,12 @@ msgstr "" "manvolnum> </citerefentry> マニュアルページを参照ください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1825 +#: sssd-ldap.5.xml:1943 msgid "ldap_pwd_policy (string)" msgstr "ldap_pwd_policy (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1828 +#: sssd-ldap.5.xml:1946 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" @@ -6203,7 +6420,7 @@ msgstr "" "す。以下の値が許容されます:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1833 +#: sssd-ldap.5.xml:1951 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." @@ -6212,7 +6429,7 @@ msgstr "" "ンはサーバー側のパスワードポリシーを無効にできません。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1838 +#: sssd-ldap.5.xml:1956 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -6223,7 +6440,7 @@ msgstr "" "manvolnum></citerefentry> 形式の属性を使用します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1844 +#: sssd-ldap.5.xml:1962 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -6234,24 +6451,24 @@ msgstr "" "とき、これらの属性を更新するために chpass_provider=krb5 を使用します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1853 +#: sssd-ldap.5.xml:1971 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1861 +#: sssd-ldap.5.xml:1979 msgid "ldap_referrals (boolean)" msgstr "ldap_referrals (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1864 +#: sssd-ldap.5.xml:1982 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "自動参照追跡が有効化されるかを指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1868 +#: sssd-ldap.5.xml:1986 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." @@ -6260,7 +6477,7 @@ msgstr "" "sssd のみが参照追跡をサポートすることに注意してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1873 +#: sssd-ldap.5.xml:1991 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -6269,28 +6486,28 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1887 +#: sssd-ldap.5.xml:2005 msgid "ldap_dns_service_name (string)" msgstr "ldap_dns_service_name (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1890 +#: sssd-ldap.5.xml:2008 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" "サービス検索が有効にされているときに使用するサービスの名前を指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1894 +#: sssd-ldap.5.xml:2012 msgid "Default: ldap" msgstr "初期値: ldap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1900 +#: sssd-ldap.5.xml:2018 msgid "ldap_chpass_dns_service_name (string)" msgstr "ldap_chpass_dns_service_name (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1903 +#: sssd-ldap.5.xml:2021 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." @@ -6299,29 +6516,29 @@ msgstr "" "を検索するために使用するサービスの名前を指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1908 +#: sssd-ldap.5.xml:2026 msgid "Default: not set, i.e. service discovery is disabled" msgstr "初期値: 設定されていません、つまりサービス検索が無効にされています" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1914 +#: sssd-ldap.5.xml:2032 msgid "ldap_chpass_update_last_change (bool)" msgstr "ldap_chpass_update_last_change (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1917 +#: sssd-ldap.5.xml:2035 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1929 +#: sssd-ldap.5.xml:2047 msgid "ldap_access_filter (string)" msgstr "ldap_access_filter (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1932 +#: sssd-ldap.5.xml:2050 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -6337,12 +6554,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1952 +#: sssd-ldap.5.xml:2070 msgid "Example:" msgstr "例:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1955 +#: sssd-ldap.5.xml:2073 #, no-wrap msgid "" "access_provider = ldap\n" @@ -6351,14 +6568,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1959 +#: sssd-ldap.5.xml:2077 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1964 +#: sssd-ldap.5.xml:2082 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -6367,17 +6584,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1972 sssd-ldap.5.xml:2029 +#: sssd-ldap.5.xml:2090 sssd-ldap.5.xml:2147 msgid "Default: Empty" msgstr "初期値: 空白" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1978 +#: sssd-ldap.5.xml:2096 msgid "ldap_account_expire_policy (string)" msgstr "ldap_account_expire_policy (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1981 +#: sssd-ldap.5.xml:2099 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." @@ -6386,7 +6603,7 @@ msgstr "" "ます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1985 +#: sssd-ldap.5.xml:2103 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -6397,12 +6614,12 @@ msgstr "" "否します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1992 +#: sssd-ldap.5.xml:2110 msgid "The following values are allowed:" msgstr "以下の値が許可されます:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1995 +#: sssd-ldap.5.xml:2113 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." @@ -6411,7 +6628,7 @@ msgstr "" "ldap_user_shadow_expire の値を使用します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2000 +#: sssd-ldap.5.xml:2118 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -6420,7 +6637,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2007 +#: sssd-ldap.5.xml:2125 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -6431,7 +6648,7 @@ msgstr "" "ldap_ns_account_lock の値を使用します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2013 +#: sssd-ldap.5.xml:2131 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -6444,7 +6661,7 @@ msgstr "" "クセスが許可されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2022 +#: sssd-ldap.5.xml:2140 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -6452,23 +6669,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2035 +#: sssd-ldap.5.xml:2153 msgid "ldap_access_order (string)" msgstr "ldap_access_order (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2038 +#: sssd-ldap.5.xml:2156 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" "アクセス制御オプションのカンマ区切り一覧です。許可される値は次のとおりです:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2042 +#: sssd-ldap.5.xml:2160 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "<emphasis>filter</emphasis>: ldap_access_filter を使用します" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2045 +#: sssd-ldap.5.xml:2163 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6478,14 +6695,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2055 +#: sssd-ldap.5.xml:2173 msgid "" "<emphasis> Please note that this option is superseded by the <quote>ppolicy</" "quote> option and might be removed in a future release. </emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2062 +#: sssd-ldap.5.xml:2180 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6498,12 +6715,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2079 +#: sssd-ldap.5.xml:2197 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "<emphasis>expire</emphasis>: ldap_account_expire_policy を使用します" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2083 +#: sssd-ldap.5.xml:2201 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " @@ -6513,7 +6730,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2093 +#: sssd-ldap.5.xml:2211 msgid "" "The difference between these options is the action taken if user password is " "expired: pwd_expire_policy_reject - user is denied to log in, " @@ -6523,20 +6740,20 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2101 +#: sssd-ldap.5.xml:2219 msgid "" "Note If user password is expired no explicit message is prompted by SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2105 +#: sssd-ldap.5.xml:2223 msgid "" "Please note that 'access_provider = ldap' must be set for this feature to " "work. Also 'ldap_pwd_policy' must be set to an appropriate password policy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2110 +#: sssd-ldap.5.xml:2228 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" @@ -6545,13 +6762,13 @@ msgstr "" "authorizedService 属性を使用します" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2115 +#: sssd-ldap.5.xml:2233 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" "<emphasis>host</emphasis>: アクセス権を決めるために host 属性を使用します" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2119 +#: sssd-ldap.5.xml:2237 #, fuzzy #| msgid "" #| "<emphasis>host</emphasis>: use the host attribute to determine access" @@ -6562,31 +6779,31 @@ msgstr "" "<emphasis>host</emphasis>: アクセス権を決めるために host 属性を使用します" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2123 +#: sssd-ldap.5.xml:2241 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control option" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2128 +#: sssd-ldap.5.xml:2246 msgid "Default: filter" msgstr "初期値: filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2131 +#: sssd-ldap.5.xml:2249 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "値が複数使用されていると設定エラーになることに注意してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2138 +#: sssd-ldap.5.xml:2256 msgid "ldap_pwdlockout_dn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2141 +#: sssd-ldap.5.xml:2259 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " @@ -6595,22 +6812,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2149 +#: sssd-ldap.5.xml:2267 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2152 +#: sssd-ldap.5.xml:2270 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2158 +#: sssd-ldap.5.xml:2276 msgid "ldap_deref (string)" msgstr "ldap_deref (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2161 +#: sssd-ldap.5.xml:2279 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" @@ -6619,12 +6836,12 @@ msgstr "" "ションが許容されます:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2166 +#: sssd-ldap.5.xml:2284 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "<emphasis>never</emphasis>: エイリアスが参照解決されません。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2170 +#: sssd-ldap.5.xml:2288 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." @@ -6633,7 +6850,7 @@ msgstr "" "決されますが、検索のベースオブジェクトの位置を探すときはされません。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2175 +#: sssd-ldap.5.xml:2293 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." @@ -6642,7 +6859,7 @@ msgstr "" "すときのみ参照解決されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2180 +#: sssd-ldap.5.xml:2298 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." @@ -6651,7 +6868,7 @@ msgstr "" "きも位置を検索するときも参照解決されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2185 +#: sssd-ldap.5.xml:2303 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" @@ -6660,19 +6877,19 @@ msgstr "" "して取り扱われます)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2193 +#: sssd-ldap.5.xml:2311 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "ldap_rfc2307_fallback_to_local_users (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2196 +#: sssd-ldap.5.xml:2314 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2200 +#: sssd-ldap.5.xml:2318 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -6683,7 +6900,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2211 +#: sssd-ldap.5.xml:2329 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -6691,26 +6908,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2223 sssd-ifp.5.xml:136 +#: sssd-ldap.5.xml:2341 sssd-ifp.5.xml:136 #, fuzzy #| msgid "ldap_opt_timeout (integer)" msgid "wildcard_limit (integer)" msgstr "ldap_opt_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2226 +#: sssd-ldap.5.xml:2344 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2230 +#: sssd-ldap.5.xml:2348 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2234 +#: sssd-ldap.5.xml:2352 msgid "Default: 1000 (often the size of one page)" msgstr "" @@ -6730,12 +6947,12 @@ msgstr "" "\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2244 +#: sssd-ldap.5.xml:2362 msgid "SUDO OPTIONS" msgstr "SUDO オプション" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2246 +#: sssd-ldap.5.xml:2364 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -6743,52 +6960,52 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2257 +#: sssd-ldap.5.xml:2375 msgid "ldap_sudorule_object_class (string)" msgstr "ldap_sudorule_object_class (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2260 +#: sssd-ldap.5.xml:2378 msgid "The object class of a sudo rule entry in LDAP." msgstr "LDAP にある sudo ルールエントリーのオブジェクトクラスです。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2263 +#: sssd-ldap.5.xml:2381 msgid "Default: sudoRole" msgstr "初期値: sudoRole" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2269 +#: sssd-ldap.5.xml:2387 msgid "ldap_sudorule_name (string)" msgstr "ldap_sudorule_name (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2272 +#: sssd-ldap.5.xml:2390 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "sudo ルール名に対応する LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2282 +#: sssd-ldap.5.xml:2400 msgid "ldap_sudorule_command (string)" msgstr "ldap_sudorule_command (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2285 +#: sssd-ldap.5.xml:2403 msgid "The LDAP attribute that corresponds to the command name." msgstr "コマンド名に対応する LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2289 +#: sssd-ldap.5.xml:2407 msgid "Default: sudoCommand" msgstr "初期値: sudoCommand" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2295 +#: sssd-ldap.5.xml:2413 msgid "ldap_sudorule_host (string)" msgstr "ldap_sudorule_host (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2298 +#: sssd-ldap.5.xml:2416 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" @@ -6797,17 +7014,17 @@ msgstr "" "クグループ)に対応する LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2303 +#: sssd-ldap.5.xml:2421 msgid "Default: sudoHost" msgstr "初期値: sudoHost" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2309 +#: sssd-ldap.5.xml:2427 msgid "ldap_sudorule_user (string)" msgstr "ldap_sudorule_user (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2312 +#: sssd-ldap.5.xml:2430 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" @@ -6816,49 +7033,49 @@ msgstr "" "る LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2316 +#: sssd-ldap.5.xml:2434 msgid "Default: sudoUser" msgstr "初期値: sudoUser" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2322 +#: sssd-ldap.5.xml:2440 msgid "ldap_sudorule_option (string)" msgstr "ldap_sudorule_option (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2325 +#: sssd-ldap.5.xml:2443 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "sudo オプションに対応する LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2329 +#: sssd-ldap.5.xml:2447 msgid "Default: sudoOption" msgstr "初期値: sudoOption" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2335 +#: sssd-ldap.5.xml:2453 msgid "ldap_sudorule_runasuser (string)" msgstr "ldap_sudorule_runasuser (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2338 +#: sssd-ldap.5.xml:2456 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." msgstr "コマンドを実行するユーザー名に対応する LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2342 +#: sssd-ldap.5.xml:2460 msgid "Default: sudoRunAsUser" msgstr "初期値: sudoRunAsUser" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2348 +#: sssd-ldap.5.xml:2466 msgid "ldap_sudorule_runasgroup (string)" msgstr "ldap_sudorule_runasgroup (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2351 +#: sssd-ldap.5.xml:2469 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." @@ -6866,34 +7083,34 @@ msgstr "" "コマンドを実行するグループ名またはグループの GID に対応する LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2355 +#: sssd-ldap.5.xml:2473 msgid "Default: sudoRunAsGroup" msgstr "初期値: sudoRunAsGroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2361 +#: sssd-ldap.5.xml:2479 msgid "ldap_sudorule_notbefore (string)" msgstr "ldap_sudorule_notbefore (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2364 +#: sssd-ldap.5.xml:2482 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." msgstr "sudo ルールが有効になる開始日時に対応する LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2368 +#: sssd-ldap.5.xml:2486 msgid "Default: sudoNotBefore" msgstr "初期値: sudoNotBefore" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2374 +#: sssd-ldap.5.xml:2492 msgid "ldap_sudorule_notafter (string)" msgstr "ldap_sudorule_notafter (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2377 +#: sssd-ldap.5.xml:2495 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." @@ -6902,39 +7119,39 @@ msgstr "" "す。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2382 +#: sssd-ldap.5.xml:2500 msgid "Default: sudoNotAfter" msgstr "初期値: sudoNotAfter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2388 +#: sssd-ldap.5.xml:2506 msgid "ldap_sudorule_order (string)" msgstr "ldap_sudorule_order (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2391 +#: sssd-ldap.5.xml:2509 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "ルールの並び替えインデックスに対応する LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2395 +#: sssd-ldap.5.xml:2513 msgid "Default: sudoOrder" msgstr "初期値: sudoOrder" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2401 +#: sssd-ldap.5.xml:2519 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "ldap_sudo_full_refresh_interval (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2404 +#: sssd-ldap.5.xml:2522 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2409 +#: sssd-ldap.5.xml:2527 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" @@ -6943,17 +7160,17 @@ msgstr "" "ります" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2414 +#: sssd-ldap.5.xml:2532 msgid "Default: 21600 (6 hours)" msgstr "初期値: 21600 (6 時間)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2420 +#: sssd-ldap.5.xml:2538 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "ldap_sudo_smart_refresh_interval (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2423 +#: sssd-ldap.5.xml:2541 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest USN " @@ -6961,31 +7178,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2429 +#: sssd-ldap.5.xml:2547 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2439 +#: sssd-ldap.5.xml:2557 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "ldap_sudo_use_host_filter (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2442 +#: sssd-ldap.5.xml:2560 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2453 +#: sssd-ldap.5.xml:2571 msgid "ldap_sudo_hostnames (string)" msgstr "ldap_sudo_hostnames (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2456 +#: sssd-ldap.5.xml:2574 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." @@ -6994,15 +7211,15 @@ msgstr "" "区切り一覧です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2461 +#: sssd-ldap.5.xml:2579 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2466 sssd-ldap.5.xml:2489 sssd-ldap.5.xml:2507 -#: sssd-ldap.5.xml:2525 +#: sssd-ldap.5.xml:2584 sssd-ldap.5.xml:2607 sssd-ldap.5.xml:2625 +#: sssd-ldap.5.xml:2643 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." @@ -7011,17 +7228,17 @@ msgstr "" "ならば、このオプションは効果を持ちません。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2471 sssd-ldap.5.xml:2494 +#: sssd-ldap.5.xml:2589 sssd-ldap.5.xml:2612 msgid "Default: not specified" msgstr "初期値: 指定なし" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2477 +#: sssd-ldap.5.xml:2595 msgid "ldap_sudo_ip (string)" msgstr "ldap_sudo_ip (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2480 +#: sssd-ldap.5.xml:2598 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." @@ -7030,7 +7247,7 @@ msgstr "" "アドレスの空白区切り一覧です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2485 +#: sssd-ldap.5.xml:2603 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." @@ -7038,31 +7255,31 @@ msgstr "" "このオプションが空白ならば、SSSD は自動的にアドレスを検索しようとします。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2500 +#: sssd-ldap.5.xml:2618 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "ldap_sudo_include_netgroups (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2503 +#: sssd-ldap.5.xml:2621 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2518 +#: sssd-ldap.5.xml:2636 msgid "ldap_sudo_include_regexp (boolean)" msgstr "ldap_sudo_include_regexp (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2521 +#: sssd-ldap.5.xml:2639 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2537 +#: sssd-ldap.5.xml:2655 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -7074,87 +7291,87 @@ msgstr "" "refentrytitle><manvolnum>5</manvolnum> </citerefentry> を参照してください" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2547 +#: sssd-ldap.5.xml:2665 msgid "AUTOFS OPTIONS" msgstr "AUTOFS オプション" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2549 +#: sssd-ldap.5.xml:2667 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2555 +#: sssd-ldap.5.xml:2673 msgid "ldap_autofs_map_master_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2558 +#: sssd-ldap.5.xml:2676 msgid "The name of the automount master map in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2561 +#: sssd-ldap.5.xml:2679 msgid "Default: auto.master" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2568 +#: sssd-ldap.5.xml:2686 msgid "ldap_autofs_map_object_class (string)" msgstr "ldap_autofs_map_object_class (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2571 +#: sssd-ldap.5.xml:2689 msgid "The object class of an automount map entry in LDAP." msgstr "LDAP にある automount マップエントリーのオブジェクトクラスです。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2574 +#: sssd-ldap.5.xml:2692 msgid "Default: nisMap (rfc2307, autofs_provider=ad), otherwise automountMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2582 +#: sssd-ldap.5.xml:2700 msgid "ldap_autofs_map_name (string)" msgstr "ldap_autofs_map_name (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2585 +#: sssd-ldap.5.xml:2703 msgid "The name of an automount map entry in LDAP." msgstr "LDAP における automount のマップエントリーの名前です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2588 +#: sssd-ldap.5.xml:2706 msgid "" "Default: nisMapName (rfc2307, autofs_provider=ad), otherwise automountMapName" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2596 +#: sssd-ldap.5.xml:2714 msgid "ldap_autofs_entry_object_class (string)" msgstr "ldap_autofs_entry_object_class (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2599 +#: sssd-ldap.5.xml:2717 msgid "" "The object class of an automount entry in LDAP. The entry usually " "corresponds to a mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2604 +#: sssd-ldap.5.xml:2722 msgid "Default: nisObject (rfc2307, autofs_provider=ad), otherwise automount" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2612 +#: sssd-ldap.5.xml:2730 msgid "ldap_autofs_entry_key (string)" msgstr "ldap_autofs_entry_key (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2615 sssd-ldap.5.xml:2630 +#: sssd-ldap.5.xml:2733 sssd-ldap.5.xml:2748 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." @@ -7163,24 +7380,24 @@ msgstr "" "ントと対応します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2619 +#: sssd-ldap.5.xml:2737 msgid "Default: cn (rfc2307, autofs_provider=ad), otherwise automountKey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2627 +#: sssd-ldap.5.xml:2745 msgid "ldap_autofs_entry_value (string)" msgstr "ldap_autofs_entry_value (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2634 +#: sssd-ldap.5.xml:2752 msgid "" "Default: nisMapEntry (rfc2307, autofs_provider=ad), otherwise " "automountInformation" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2553 +#: sssd-ldap.5.xml:2671 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " @@ -7189,32 +7406,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2645 +#: sssd-ldap.5.xml:2763 msgid "ADVANCED OPTIONS" msgstr "高度なオプション" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2652 +#: sssd-ldap.5.xml:2770 msgid "ldap_netgroup_search_base (string)" msgstr "ldap_netgroup_search_base (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2657 +#: sssd-ldap.5.xml:2775 msgid "ldap_user_search_base (string)" msgstr "ldap_user_search_base (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2662 +#: sssd-ldap.5.xml:2780 msgid "ldap_group_search_base (string)" msgstr "ldap_group_search_base (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> -#: sssd-ldap.5.xml:2667 +#: sssd-ldap.5.xml:2785 msgid "<note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> -#: sssd-ldap.5.xml:2669 +#: sssd-ldap.5.xml:2787 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " @@ -7223,22 +7440,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist> -#: sssd-ldap.5.xml:2676 +#: sssd-ldap.5.xml:2794 msgid "</note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2678 +#: sssd-ldap.5.xml:2796 msgid "ldap_sudo_search_base (string)" msgstr "ldap_sudo_search_base (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2683 +#: sssd-ldap.5.xml:2801 msgid "ldap_autofs_search_base (string)" msgstr "ldap_autofs_search_base (文字列)" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2647 +#: sssd-ldap.5.xml:2765 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -7247,14 +7464,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2698 sssd-simple.5.xml:131 sssd-ipa.5.xml:717 -#: sssd-ad.5.xml:1018 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 +#: sssd-ldap.5.xml:2816 sssd-simple.5.xml:131 sssd-ipa.5.xml:736 +#: sssd-ad.5.xml:1038 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 #: sssd-files.5.xml:71 sssd-session-recording.5.xml:144 msgid "EXAMPLE" msgstr "例" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2700 +#: sssd-ldap.5.xml:2818 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -7265,7 +7482,7 @@ msgstr "" "す。" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2706 +#: sssd-ldap.5.xml:2824 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -7278,27 +7495,27 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2705 sssd-ldap.5.xml:2723 sssd-simple.5.xml:139 -#: sssd-ipa.5.xml:725 sssd-ad.5.xml:1026 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 +#: sssd-ldap.5.xml:2823 sssd-ldap.5.xml:2841 sssd-simple.5.xml:139 +#: sssd-ipa.5.xml:744 sssd-ad.5.xml:1046 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 #: sssd-files.5.xml:78 sssd-session-recording.5.xml:150 #: include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "<placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2717 +#: sssd-ldap.5.xml:2835 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2719 +#: sssd-ldap.5.xml:2837 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2724 +#: sssd-ldap.5.xml:2842 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -7314,13 +7531,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2739 sssd_krb5_locator_plugin.8.xml:61 sssd-simple.5.xml:148 -#: sssd-ad.5.xml:1041 sssd.8.xml:195 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2857 sssd_krb5_locator_plugin.8.xml:61 sssd-simple.5.xml:148 +#: sssd-ad.5.xml:1061 sssd.8.xml:230 sss_seed.8.xml:163 msgid "NOTES" msgstr "注記" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2741 +#: sssd-ldap.5.xml:2859 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -7784,7 +8001,7 @@ msgstr "" "ンの中のグループのみに適用されます。ローカルグループは評価されません。" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:70 sssd-ipa.5.xml:76 sssd-ad.5.xml:100 +#: sssd-simple.5.xml:70 sssd-ipa.5.xml:82 sssd-ad.5.xml:113 msgid "" "Refer to the section <quote>DOMAIN SECTIONS</quote> of the <citerefentry> " "<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" @@ -8643,7 +8860,7 @@ msgstr "" #: sss-certmap.5.xml:577 msgid "" "This template will add the OID which is stored in the registeredID component " -"of the SAN as as dotted-decimal string." +"of the SAN as a dotted-decimal string." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> @@ -8743,18 +8960,26 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:67 msgid "" +"If <quote>auth_provider=ipa</quote> or <quote>access_provider=ipa</quote> is " +"configured in sssd.conf then the id_provider must also be set to <quote>ipa</" +"quote>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:73 +msgid "" "The IPA provider will use the PAC responder if the Kerberos tickets of users " "from trusted realms contain a PAC. To make configuration easier the PAC " "responder is started automatically if the IPA ID provider is configured." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:83 +#: sssd-ipa.5.xml:89 msgid "ipa_domain (string)" msgstr "ipa_domain (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:86 +#: sssd-ipa.5.xml:92 msgid "" "Specifies the name of the IPA domain. This is optional. If not provided, " "the configuration domain name is used." @@ -8763,12 +8988,12 @@ msgstr "" "ドメイン名が使用されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:94 +#: sssd-ipa.5.xml:100 msgid "ipa_server, ipa_backup_server (string)" msgstr "ipa_server, ipa_backup_server (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:97 +#: sssd-ipa.5.xml:103 msgid "" "The comma-separated list of IP addresses or hostnames of the IPA servers to " "which SSSD should connect in the order of preference. For more information " @@ -8778,12 +9003,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:110 +#: sssd-ipa.5.xml:116 msgid "ipa_hostname (string)" msgstr "ipa_hostname (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:113 +#: sssd-ipa.5.xml:119 #, fuzzy #| msgid "" #| "Optional. May be set on machines where the hostname(5) does not reflect " @@ -8797,12 +9022,12 @@ msgstr "" "使用される完全修飾名を反映しないマシンにおいて設定されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:122 sssd-ad.5.xml:843 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:863 msgid "dyndns_update (boolean)" msgstr "dyndns_update (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:125 +#: sssd-ipa.5.xml:131 msgid "" "Optional. This option tells SSSD to automatically update the DNS server " "built into FreeIPA with the IP address of this client. The update is secured " @@ -8812,7 +9037,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:134 sssd-ad.5.xml:857 +#: sssd-ipa.5.xml:140 sssd-ad.5.xml:877 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -8822,7 +9047,7 @@ msgstr "" "要があります" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:139 +#: sssd-ipa.5.xml:145 msgid "" "NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_update</" "emphasis> option, users should migrate to using <emphasis>dyndns_update</" @@ -8830,12 +9055,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:151 sssd-ad.5.xml:868 +#: sssd-ipa.5.xml:157 sssd-ad.5.xml:888 msgid "dyndns_ttl (integer)" msgstr "dyndns_ttl (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:154 sssd-ad.5.xml:871 +#: sssd-ipa.5.xml:160 sssd-ad.5.xml:891 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -8843,7 +9068,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:159 +#: sssd-ipa.5.xml:165 msgid "" "NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_ttl</" "emphasis> option, users should migrate to using <emphasis>dyndns_ttl</" @@ -8851,17 +9076,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:165 +#: sssd-ipa.5.xml:171 msgid "Default: 1200 (seconds)" msgstr "初期値: 1200 (秒)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:171 sssd-ad.5.xml:882 +#: sssd-ipa.5.xml:177 sssd-ad.5.xml:902 msgid "dyndns_iface (string)" msgstr "dyndns_iface (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:174 sssd-ad.5.xml:885 +#: sssd-ipa.5.xml:180 sssd-ad.5.xml:905 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " @@ -8870,7 +9095,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:181 +#: sssd-ipa.5.xml:187 msgid "" "NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_iface</" "emphasis> option, users should migrate to using <emphasis>dyndns_iface</" @@ -8878,24 +9103,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:187 +#: sssd-ipa.5.xml:193 msgid "" "Default: Use the IP addresses of the interface which is used for IPA LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:191 sssd-ad.5.xml:896 +#: sssd-ipa.5.xml:197 sssd-ad.5.xml:916 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:197 sssd-ad.5.xml:947 +#: sssd-ipa.5.xml:203 sssd-ad.5.xml:967 msgid "dyndns_auth (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:200 sssd-ad.5.xml:950 +#: sssd-ipa.5.xml:206 sssd-ad.5.xml:970 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " @@ -8903,22 +9128,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:206 sssd-ad.5.xml:956 +#: sssd-ipa.5.xml:212 sssd-ad.5.xml:976 msgid "Default: GSS-TSIG" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:212 +#: sssd-ipa.5.xml:218 msgid "ipa_enable_dns_sites (boolean)" msgstr "ipa_enable_dns_sites (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:215 sssd-ad.5.xml:197 +#: sssd-ipa.5.xml:221 sssd-ad.5.xml:210 msgid "Enables DNS sites - location based service discovery." msgstr "DNS サイトの有効化 - 位置情報に基づいたサービス探索。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:219 +#: sssd-ipa.5.xml:225 msgid "" "If true and service discovery (see Service Discovery paragraph at the bottom " "of the man page) is enabled, then the SSSD will first attempt location " @@ -8930,12 +9155,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:238 sssd-ad.5.xml:902 +#: sssd-ipa.5.xml:244 sssd-ad.5.xml:922 msgid "dyndns_refresh_interval (integer)" msgstr "dyndns_refresh_interval (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:241 +#: sssd-ipa.5.xml:247 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -8943,36 +9168,36 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:254 sssd-ad.5.xml:920 +#: sssd-ipa.5.xml:260 sssd-ad.5.xml:940 msgid "dyndns_update_ptr (bool)" msgstr "dyndns_update_ptr (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:257 sssd-ad.5.xml:923 +#: sssd-ipa.5.xml:263 sssd-ad.5.xml:943 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:262 +#: sssd-ipa.5.xml:268 msgid "" "This option should be False in most IPA deployments as the IPA server " "generates the PTR records automatically when forward records are changed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:268 +#: sssd-ipa.5.xml:274 msgid "Default: False (disabled)" msgstr "初期値: False (無効)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:274 sssd-ad.5.xml:934 +#: sssd-ipa.5.xml:280 sssd-ad.5.xml:954 msgid "dyndns_force_tcp (bool)" msgstr "dyndns_force_tcp (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:277 sssd-ad.5.xml:937 +#: sssd-ipa.5.xml:283 sssd-ad.5.xml:957 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." @@ -8981,50 +9206,50 @@ msgstr "" "どうか。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:281 sssd-ad.5.xml:941 +#: sssd-ipa.5.xml:287 sssd-ad.5.xml:961 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:287 sssd-ad.5.xml:962 +#: sssd-ipa.5.xml:293 sssd-ad.5.xml:982 msgid "dyndns_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:290 sssd-ad.5.xml:965 +#: sssd-ipa.5.xml:296 sssd-ad.5.xml:985 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:295 sssd-ad.5.xml:970 +#: sssd-ipa.5.xml:301 sssd-ad.5.xml:990 msgid "" "Setting this option makes sense for environments where the DNS server is " "different from the identity server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:300 sssd-ad.5.xml:975 +#: sssd-ipa.5.xml:306 sssd-ad.5.xml:995 msgid "" "Please note that this option will be only used in fallback attempt when " "previous attempt using autodetected settings failed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:305 sssd-ad.5.xml:980 +#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1000 msgid "Default: None (let nsupdate choose the server)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:311 +#: sssd-ipa.5.xml:317 #, fuzzy #| msgid "ipa_host_search_base (string)" msgid "ipa_deskprofile_search_base (string)" msgstr "ipa_host_search_base (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:314 +#: sssd-ipa.5.xml:320 #, fuzzy #| msgid "" #| "Optional. Use the given string as search base for HBAC related objects." @@ -9036,110 +9261,93 @@ msgstr "" "して使用します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:318 sssd-ipa.5.xml:331 +#: sssd-ipa.5.xml:324 sssd-ipa.5.xml:337 msgid "Default: Use base DN" msgstr "初期値: ベース DN を使用します" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:324 +#: sssd-ipa.5.xml:330 msgid "ipa_hbac_search_base (string)" msgstr "ipa_hbac_search_base (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:327 +#: sssd-ipa.5.xml:333 msgid "Optional. Use the given string as search base for HBAC related objects." msgstr "" "オプションです。与えられた文字列を HBAC 関連オブジェクトに対する検索ベースと" "して使用します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:337 +#: sssd-ipa.5.xml:343 msgid "ipa_host_search_base (string)" msgstr "ipa_host_search_base (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:340 -msgid "Optional. Use the given string as search base for host objects." +#: sssd-ipa.5.xml:346 +msgid "Deprecated. Use ldap_host_search_base instead." msgstr "" -"オプションです。ホストオブジェクトの検索ベースとして与えられた文字列を使用し" -"ます。" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:344 sssd-ipa.5.xml:363 sssd-ipa.5.xml:382 sssd-ipa.5.xml:401 -#: sssd-ipa.5.xml:420 -msgid "" -"See <quote>ldap_search_base</quote> for information about configuring " -"multiple search bases." -msgstr "" -"複数の検索ベースを設定することの詳細は <quote>ldap_search_base</quote> を参照" -"してください。" - -#. type: Content of: <listitem><para> -#: sssd-ipa.5.xml:349 sssd-ipa.5.xml:368 include/ldap_search_bases.xml:27 -msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" -msgstr "初期値: <emphasis>ldap_search_base</emphasis> の値" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:356 +#: sssd-ipa.5.xml:352 msgid "ipa_selinux_search_base (string)" msgstr "ipa_selinux_search_base (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:359 +#: sssd-ipa.5.xml:355 msgid "Optional. Use the given string as search base for SELinux user maps." msgstr "" "オプションです。与えられた文字列を SELinux ユーザーマップに対する検索ベースと" "して使用します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:375 +#: sssd-ipa.5.xml:371 msgid "ipa_subdomains_search_base (string)" msgstr "ipa_subdomains_search_base (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:378 +#: sssd-ipa.5.xml:374 msgid "Optional. Use the given string as search base for trusted domains." msgstr "" "オプションです。信頼されたドメインに対する検索ベースとして、与えられた文字列" "を使用します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:387 +#: sssd-ipa.5.xml:383 msgid "Default: the value of <emphasis>cn=trusts,%basedn</emphasis>" msgstr "初期値: <emphasis>cn=trusts,%basedn</emphasis> の値" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:394 +#: sssd-ipa.5.xml:390 msgid "ipa_master_domain_search_base (string)" msgstr "ipa_master_domain_search_base (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:397 +#: sssd-ipa.5.xml:393 msgid "Optional. Use the given string as search base for master domain object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:406 +#: sssd-ipa.5.xml:402 msgid "Default: the value of <emphasis>cn=ad,cn=etc,%basedn</emphasis>" msgstr "初期値: <emphasis>cn=ad,cn=etc,%basedn</emphasis> の値" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:413 +#: sssd-ipa.5.xml:409 msgid "ipa_views_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:416 +#: sssd-ipa.5.xml:412 msgid "Optional. Use the given string as search base for views containers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:425 +#: sssd-ipa.5.xml:421 msgid "Default: the value of <emphasis>cn=views,cn=accounts,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:435 +#: sssd-ipa.5.xml:431 msgid "" "The name of the Kerberos realm. This is optional and defaults to the value " "of <quote>ipa_domain</quote>." @@ -9148,7 +9356,7 @@ msgstr "" "quote> の値です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:439 +#: sssd-ipa.5.xml:435 msgid "" "The name of the Kerberos realm has a special meaning in IPA - it is " "converted into the base DN to use for performing LDAP operations." @@ -9157,39 +9365,39 @@ msgstr "" "めに使用するベース DN に変換されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:447 sssd-ad.5.xml:989 +#: sssd-ipa.5.xml:443 sssd-ad.5.xml:1009 msgid "krb5_confd_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:450 sssd-ad.5.xml:992 +#: sssd-ipa.5.xml:446 sssd-ad.5.xml:1012 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:454 sssd-ad.5.xml:996 +#: sssd-ipa.5.xml:450 sssd-ad.5.xml:1016 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:458 sssd-ad.5.xml:1000 +#: sssd-ipa.5.xml:454 sssd-ad.5.xml:1020 msgid "" "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:465 +#: sssd-ipa.5.xml:461 #, fuzzy #| msgid "ipa_hbac_refresh (integer)" msgid "ipa_deskprofile_refresh (integer)" msgstr "ipa_hbac_refresh (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:468 +#: sssd-ipa.5.xml:464 msgid "" "The amount of time between lookups of the Desktop Profile rules against the " "IPA server. This will reduce the latency and load on the IPA server if there " @@ -9197,38 +9405,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:475 sssd-ipa.5.xml:505 sssd-ipa.5.xml:521 sssd-ad.5.xml:408 +#: sssd-ipa.5.xml:471 sssd-ipa.5.xml:501 sssd-ipa.5.xml:517 sssd-ad.5.xml:428 msgid "Default: 5 (seconds)" msgstr "初期値: 5 (秒)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:481 +#: sssd-ipa.5.xml:477 #, fuzzy #| msgid "ldap_sudo_full_refresh_interval (integer)" msgid "ipa_deskprofile_request_interval (integer)" msgstr "ldap_sudo_full_refresh_interval (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:484 +#: sssd-ipa.5.xml:480 msgid "" "The amount of time between lookups of the Desktop Profile rules against the " "IPA server in case the last request did not return any rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:489 +#: sssd-ipa.5.xml:485 #, fuzzy #| msgid "Default: 900 (15 minutes)" msgid "Default: 60 (minutes)" msgstr "初期値: 900 (15 分)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:495 +#: sssd-ipa.5.xml:491 msgid "ipa_hbac_refresh (integer)" msgstr "ipa_hbac_refresh (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:498 +#: sssd-ipa.5.xml:494 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server. " "This will reduce the latency and load on the IPA server if there are many " @@ -9236,12 +9444,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:511 +#: sssd-ipa.5.xml:507 msgid "ipa_hbac_selinux (integer)" msgstr "ipa_hbac_selinux (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:514 +#: sssd-ipa.5.xml:510 msgid "" "The amount of time between lookups of the SELinux maps against the IPA " "server. This will reduce the latency and load on the IPA server if there are " @@ -9249,192 +9457,214 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:527 +#: sssd-ipa.5.xml:523 msgid "ipa_server_mode (boolean)" msgstr "ipa_server_mode (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:530 +#: sssd-ipa.5.xml:526 msgid "" "This option will be set by the IPA installer (ipa-server-install) " "automatically and denotes if SSSD is running on an IPA server or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:535 +#: sssd-ipa.5.xml:531 msgid "" "On an IPA server SSSD will lookup users and groups from trusted domains " "directly while on a client it will ask an IPA server." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:536 +msgid "" +"NOTE: There are currently some assumptions that must be met when SSSD is " +"running on an IPA server." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ipa.5.xml:541 +msgid "" +"The <quote>ipa_server</quote> option must be configured to point to the IPA " +"server itself. This is already the default set by the IPA installer, so no " +"manual change is required." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ipa.5.xml:550 +msgid "" +"The <quote>full_name_format</quote> option must not be tweaked to only print " +"short names for users from trusted domains." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:546 +#: sssd-ipa.5.xml:565 msgid "ipa_automount_location (string)" msgstr "ipa_automount_location (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:549 +#: sssd-ipa.5.xml:568 msgid "The automounter location this IPA client will be using" msgstr "この IPA クライアントが使用する automounter の場所です" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:552 +#: sssd-ipa.5.xml:571 msgid "Default: The location named \"default\"" msgstr "初期値: \"default\" という名前の場所" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:560 +#: sssd-ipa.5.xml:579 msgid "VIEWS AND OVERRIDES" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:569 +#: sssd-ipa.5.xml:588 msgid "ipa_view_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:572 +#: sssd-ipa.5.xml:591 msgid "Objectclass of the view container." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:575 +#: sssd-ipa.5.xml:594 msgid "Default: nsContainer" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:581 +#: sssd-ipa.5.xml:600 msgid "ipa_view_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:584 +#: sssd-ipa.5.xml:603 msgid "Name of the attribute holding the name of the view." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:594 +#: sssd-ipa.5.xml:613 msgid "ipa_override_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:597 +#: sssd-ipa.5.xml:616 msgid "Objectclass of the override objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:600 +#: sssd-ipa.5.xml:619 msgid "Default: ipaOverrideAnchor" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:606 +#: sssd-ipa.5.xml:625 msgid "ipa_anchor_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:609 +#: sssd-ipa.5.xml:628 msgid "" "Name of the attribute containing the reference to the original object in a " "remote domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:613 +#: sssd-ipa.5.xml:632 msgid "Default: ipaAnchorUUID" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:619 +#: sssd-ipa.5.xml:638 msgid "ipa_user_override_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:622 +#: sssd-ipa.5.xml:641 msgid "" "Name of the objectclass for user overrides. It is used to determine if the " "found override object is related to a user or a group." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:627 +#: sssd-ipa.5.xml:646 msgid "User overrides can contain attributes given by" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:630 +#: sssd-ipa.5.xml:649 msgid "ldap_user_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:633 +#: sssd-ipa.5.xml:652 msgid "ldap_user_uid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:636 +#: sssd-ipa.5.xml:655 msgid "ldap_user_gid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:639 +#: sssd-ipa.5.xml:658 msgid "ldap_user_gecos" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:642 +#: sssd-ipa.5.xml:661 msgid "ldap_user_home_directory" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:645 +#: sssd-ipa.5.xml:664 msgid "ldap_user_shell" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:648 +#: sssd-ipa.5.xml:667 msgid "ldap_user_ssh_public_key" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:653 +#: sssd-ipa.5.xml:672 msgid "Default: ipaUserOverride" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:659 +#: sssd-ipa.5.xml:678 msgid "ipa_group_override_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:662 +#: sssd-ipa.5.xml:681 msgid "" "Name of the objectclass for group overrides. It is used to determine if the " "found override object is related to a user or a group." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:667 +#: sssd-ipa.5.xml:686 msgid "Group overrides can contain attributes given by" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:670 +#: sssd-ipa.5.xml:689 msgid "ldap_group_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:673 +#: sssd-ipa.5.xml:692 msgid "ldap_group_gid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:678 +#: sssd-ipa.5.xml:697 msgid "Default: ipaGroupOverride" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:562 +#: sssd-ipa.5.xml:581 msgid "" "SSSD can handle views and overrides which are offered by FreeIPA 4.1 and " "later version. Since all paths and objectclasses are fixed on the server " @@ -9444,19 +9674,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ipa.5.xml:690 +#: sssd-ipa.5.xml:709 msgid "SUBDOMAINS PROVIDER" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:692 +#: sssd-ipa.5.xml:711 msgid "" "The IPA subdomains provider behaves slightly differently if it is configured " "explicitly or implicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:696 +#: sssd-ipa.5.xml:715 msgid "" "If the option 'subdomains_provider = ipa' is found in the domain section of " "sssd.conf, the IPA subdomains provider is configured explicitly, and all " @@ -9467,7 +9697,7 @@ msgstr "" "メインのリクエストが必要に応じて IPA サーバーに送られます。" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:702 +#: sssd-ipa.5.xml:721 msgid "" "If the option 'subdomains_provider' is not set in the domain section of sssd." "conf but there is the option 'id_provider = ipa', the IPA subdomains " @@ -9479,7 +9709,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:719 +#: sssd-ipa.5.xml:738 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -9490,7 +9720,7 @@ msgstr "" "例は IPA プロバイダー固有のオプションのみを示しています。" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:726 +#: sssd-ipa.5.xml:745 #, no-wrap msgid "" "[domain/example.com]\n" @@ -9526,7 +9756,7 @@ msgid "" "This provider requires that the machine be joined to the AD domain and a " "keytab is available. Back end communication occurs over a GSSAPI-encrypted " "channel, SSL/TLS options should not be used with the AD provider and will be " -"superceded by Kerberos usage." +"superseded by Kerberos usage." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> @@ -9574,8 +9804,16 @@ msgid "" "side." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ad.5.xml:79 +msgid "" +"If <quote>auth_provider=ad</quote> or <quote>access_provider=ad</quote> is " +"configured in sssd.conf then the id_provider must also be set to <quote>ad</" +"quote>." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:85 +#: sssd-ad.5.xml:91 #, no-wrap msgid "" "ldap_id_mapping = False\n" @@ -9585,20 +9823,25 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:79 +#: sssd-ad.5.xml:85 msgid "" "By default, the AD provider will map UID and GID values from the objectSID " "parameter in Active Directory. For details on this, see the <quote>ID " "MAPPING</quote> section below. If you want to disable ID mapping and instead " "rely on POSIX attributes defined in Active Directory, you should set " -"<placeholder type=\"programlisting\" id=\"0\"/> In order to retrieve users " -"and groups using POSIX attributes from trusted domains, the AD administrator " -"must make sure that the POSIX attributes are replicated to the Global " -"Catalog." +"<placeholder type=\"programlisting\" id=\"0\"/> If POSIX attributes should " +"be used, it is recommended for performance reasons that the attributes are " +"also replicated to the Global Catalog. If POSIX attributes are replicated, " +"SSSD will attempt to locate the domain of a requested numerical ID with the " +"help of the Global Catalog and only search that domain. In contrast, if " +"POSIX attributes are not replicated to the Global Catalog, SSSD must search " +"all the domains in the forest sequentially. Please note that the " +"<quote>cache_first</quote> option might be also helpful in speeding up " +"domainless searches." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:92 +#: sssd-ad.5.xml:105 msgid "" "Users, groups and other entities served by SSSD are always treated as case-" "insensitive in the AD provider for compatibility with Active Directory's " @@ -9606,12 +9849,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:107 +#: sssd-ad.5.xml:120 msgid "ad_domain (string)" msgstr "ad_domain (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:110 +#: sssd-ad.5.xml:123 msgid "" "Specifies the name of the Active Directory domain. This is optional. If not " "provided, the configuration domain name is used." @@ -9620,7 +9863,7 @@ msgstr "" "ければ、設定のドメイン名が使用されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:115 +#: sssd-ad.5.xml:128 msgid "" "For proper operation, this option should be specified as the lower-case " "version of the long version of the Active Directory domain." @@ -9629,19 +9872,19 @@ msgstr "" "ンの小文字バージョンとして指定されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:120 +#: sssd-ad.5.xml:133 msgid "" "The short domain name (also known as the NetBIOS or the flat name) is " "autodetected by the SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:127 +#: sssd-ad.5.xml:140 msgid "ad_enabled_domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:130 +#: sssd-ad.5.xml:143 msgid "" "A comma-separated list of enabled Active Directory domains. If provided, " "SSSD will ignore any domains not listed in this option. If left unset, all " @@ -9649,7 +9892,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:140 +#: sssd-ad.5.xml:153 #, no-wrap msgid "" "ad_enabled_domains = sales.example.com, eng.example.com\n" @@ -9657,7 +9900,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:136 +#: sssd-ad.5.xml:149 msgid "" "For proper operation, this option must be specified in all lower-case and as " "the fully qualified domain name of the Active Directory domain. For example: " @@ -9665,19 +9908,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:144 +#: sssd-ad.5.xml:157 msgid "" "The short domain name (also known as the NetBIOS or the flat name) will be " "autodetected by SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:154 +#: sssd-ad.5.xml:167 msgid "ad_server, ad_backup_server (string)" msgstr "ad_server, ad_backup_server (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:157 +#: sssd-ad.5.xml:170 msgid "" "The comma-separated list of hostnames of the AD servers to which SSSD should " "connect in order of preference. For more information on failover and server " @@ -9685,26 +9928,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:164 +#: sssd-ad.5.xml:177 msgid "" "This is optional if autodiscovery is enabled. For more information on " "service discovery, refer to the <quote>SERVICE DISCOVERY</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:169 +#: sssd-ad.5.xml:182 msgid "" "Note: Trusted domains will always auto-discover servers even if the primary " "server is explicitly defined in the ad_server option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:177 +#: sssd-ad.5.xml:190 msgid "ad_hostname (string)" msgstr "ad_hostname (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:180 +#: sssd-ad.5.xml:193 msgid "" "Optional. May be set on machines where the hostname(5) does not reflect the " "fully qualified name used in the Active Directory domain to identify this " @@ -9714,7 +9957,7 @@ msgstr "" "全修飾名を反映しないマシンにおいてマシンに設定されるかもしれません。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:186 +#: sssd-ad.5.xml:199 msgid "" "This field is used to determine the host principal in use in the keytab. It " "must match the hostname for which the keytab was issued." @@ -9723,12 +9966,12 @@ msgstr "" "されます。キーテーブルが発行されたホスト名と一致する必要があります。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:194 +#: sssd-ad.5.xml:207 msgid "ad_enable_dns_sites (boolean)" msgstr "ad_enable_dns_sites (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:201 +#: sssd-ad.5.xml:214 msgid "" "If true and service discovery (see Service Discovery paragraph at the bottom " "of the man page) is enabled, the SSSD will first attempt to discover the " @@ -9739,12 +9982,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:217 +#: sssd-ad.5.xml:230 msgid "ad_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:220 +#: sssd-ad.5.xml:233 msgid "" "This option specifies LDAP access control filter that the user must match in " "order to be allowed access. Please note that the <quote>access_provider</" @@ -9753,7 +9996,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:228 +#: sssd-ad.5.xml:241 msgid "" "The option also supports specifying different filters per domain or forest. " "This extended filter would consist of: <quote>KEYWORD:NAME:FILTER</quote>. " @@ -9762,7 +10005,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:236 +#: sssd-ad.5.xml:249 msgid "" "If the keyword equals to <quote>DOM</quote> or is missing, then <quote>NAME</" "quote> specifies the domain or subdomain the filter applies to. If the " @@ -9771,14 +10014,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:244 +#: sssd-ad.5.xml:257 msgid "" "Multiple filters can be separated with the <quote>?</quote> character, " "similarly to how search bases work." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:249 +#: sssd-ad.5.xml:262 msgid "" "Nested group membership must be searched for using a special OID " "<quote>:1.2.840.113556.1.4.1941:</quote> in addition to the full DOM:domain." @@ -9791,7 +10034,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:262 +#: sssd-ad.5.xml:275 msgid "" "The most specific match is always used. For example, if the option specified " "filter for a domain the user is a member of and a global filter, the per-" @@ -9800,7 +10043,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ad.5.xml:273 +#: sssd-ad.5.xml:286 #, no-wrap msgid "" "# apply filter on domain called dom1 only:\n" @@ -9818,24 +10061,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:292 +#: sssd-ad.5.xml:305 msgid "ad_site (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:295 +#: sssd-ad.5.xml:308 msgid "" "Specify AD site to which client should try to connect. If this option is " "not provided, the AD site will be auto-discovered." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:306 +#: sssd-ad.5.xml:319 msgid "ad_enable_gc (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:309 +#: sssd-ad.5.xml:322 msgid "" "By default, the SSSD connects to the Global Catalog first to retrieve users " "from trusted domains and uses the LDAP port to retrieve group memberships or " @@ -9844,7 +10087,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:317 +#: sssd-ad.5.xml:330 msgid "" "Please note that disabling Global Catalog support does not disable " "retrieving users from trusted domains. The SSSD would connect to the LDAP " @@ -9853,12 +10096,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:331 +#: sssd-ad.5.xml:344 msgid "ad_gpo_access_control (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:334 +#: sssd-ad.5.xml:347 msgid "" "This option specifies the operation mode for GPO-based access control " "functionality: whether it operates in disabled mode, enforcing mode, or " @@ -9868,14 +10111,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:343 +#: sssd-ad.5.xml:356 msgid "" "GPO-based access control functionality uses GPO policy settings to determine " "whether or not a particular user is allowed to logon to a particular host." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:349 +#: sssd-ad.5.xml:362 +msgid "" +"NOTE: The current version of SSSD does not support host (computer) entries " +"in the GPO 'Security Filtering' list. Only user and group entries are " +"supported. Host entries in the list have no effect." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:369 msgid "" "NOTE: If the operation mode is set to enforcing, it is possible that users " "that were previously allowed logon access will now be denied logon access " @@ -9888,23 +10139,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:362 +#: sssd-ad.5.xml:382 msgid "There are three supported values for this option:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:366 +#: sssd-ad.5.xml:386 msgid "" "disabled: GPO-based access control rules are neither evaluated nor enforced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:372 +#: sssd-ad.5.xml:392 msgid "enforcing: GPO-based access control rules are evaluated and enforced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:378 +#: sssd-ad.5.xml:398 msgid "" "permissive: GPO-based access control rules are evaluated, but not enforced. " "Instead, a syslog message will be emitted indicating that the user would " @@ -9912,22 +10163,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:389 +#: sssd-ad.5.xml:409 msgid "Default: permissive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:392 +#: sssd-ad.5.xml:412 msgid "Default: enforcing" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:398 +#: sssd-ad.5.xml:418 msgid "ad_gpo_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:401 +#: sssd-ad.5.xml:421 msgid "" "The amount of time between lookups of GPO policy files against the AD " "server. This will reduce the latency and load on the AD server if there are " @@ -9935,12 +10186,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:414 +#: sssd-ad.5.xml:434 msgid "ad_gpo_map_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:417 +#: sssd-ad.5.xml:437 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the InteractiveLogonRight and " @@ -9948,14 +10199,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:423 +#: sssd-ad.5.xml:443 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on locally\" and \"Deny log on locally\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:437 +#: sssd-ad.5.xml:457 #, no-wrap msgid "" "ad_gpo_map_interactive = +my_pam_service, -login\n" @@ -9963,7 +10214,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:428 +#: sssd-ad.5.xml:448 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9975,78 +10226,78 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:441 sssd-ad.5.xml:537 sssd-ad.5.xml:583 sssd-ad.5.xml:628 -#: sssd-ad.5.xml:694 +#: sssd-ad.5.xml:461 sssd-ad.5.xml:557 sssd-ad.5.xml:603 sssd-ad.5.xml:648 +#: sssd-ad.5.xml:714 msgid "Default: the default set of PAM service names includes:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:445 +#: sssd-ad.5.xml:465 msgid "login" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:450 +#: sssd-ad.5.xml:470 msgid "su" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:455 +#: sssd-ad.5.xml:475 msgid "su-l" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:460 +#: sssd-ad.5.xml:480 msgid "gdm-fingerprint" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:465 +#: sssd-ad.5.xml:485 msgid "gdm-password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:470 +#: sssd-ad.5.xml:490 msgid "gdm-smartcard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:475 +#: sssd-ad.5.xml:495 msgid "kdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:480 +#: sssd-ad.5.xml:500 msgid "lightdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:485 +#: sssd-ad.5.xml:505 msgid "lxdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:490 +#: sssd-ad.5.xml:510 msgid "sddm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:495 +#: sssd-ad.5.xml:515 msgid "unity" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:500 +#: sssd-ad.5.xml:520 msgid "xdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:509 +#: sssd-ad.5.xml:529 msgid "ad_gpo_map_remote_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:512 +#: sssd-ad.5.xml:532 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the RemoteInteractiveLogonRight and " @@ -10054,7 +10305,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:518 +#: sssd-ad.5.xml:538 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on through Remote Desktop Services\" and \"Deny log on through Remote " @@ -10062,7 +10313,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:533 +#: sssd-ad.5.xml:553 #, no-wrap msgid "" "ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n" @@ -10070,7 +10321,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:524 +#: sssd-ad.5.xml:544 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10082,22 +10333,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:541 +#: sssd-ad.5.xml:561 msgid "sshd" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:546 +#: sssd-ad.5.xml:566 msgid "cockpit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:555 +#: sssd-ad.5.xml:575 msgid "ad_gpo_map_network (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:558 +#: sssd-ad.5.xml:578 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the NetworkLogonRight and " @@ -10105,7 +10356,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:564 +#: sssd-ad.5.xml:584 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Access " "this computer from the network\" and \"Deny access to this computer from the " @@ -10113,7 +10364,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:579 +#: sssd-ad.5.xml:599 #, no-wrap msgid "" "ad_gpo_map_network = +my_pam_service, -ftp\n" @@ -10121,7 +10372,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:570 +#: sssd-ad.5.xml:590 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10133,22 +10384,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:587 +#: sssd-ad.5.xml:607 msgid "ftp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:592 +#: sssd-ad.5.xml:612 msgid "samba" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:601 +#: sssd-ad.5.xml:621 msgid "ad_gpo_map_batch (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:604 +#: sssd-ad.5.xml:624 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " @@ -10156,14 +10407,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:610 +#: sssd-ad.5.xml:630 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a batch job\" and \"Deny log on as a batch job\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:624 +#: sssd-ad.5.xml:644 #, no-wrap msgid "" "ad_gpo_map_batch = +my_pam_service, -crond\n" @@ -10171,7 +10422,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:615 +#: sssd-ad.5.xml:635 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10183,17 +10434,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:632 +#: sssd-ad.5.xml:652 msgid "crond" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:641 +#: sssd-ad.5.xml:661 msgid "ad_gpo_map_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:644 +#: sssd-ad.5.xml:664 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the ServiceLogonRight and " @@ -10201,14 +10452,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:650 +#: sssd-ad.5.xml:670 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a service\" and \"Deny log on as a service\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:663 +#: sssd-ad.5.xml:683 #, no-wrap msgid "" "ad_gpo_map_service = +my_pam_service\n" @@ -10216,7 +10467,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:655 sssd-ad.5.xml:730 +#: sssd-ad.5.xml:675 sssd-ad.5.xml:750 msgid "" "It is possible to add a PAM service name to the default set by using <quote>" "+service_name</quote>. Since the default set is empty, it is not possible " @@ -10227,19 +10478,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:673 +#: sssd-ad.5.xml:693 msgid "ad_gpo_map_permit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:676 +#: sssd-ad.5.xml:696 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always granted, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:690 +#: sssd-ad.5.xml:710 #, no-wrap msgid "" "ad_gpo_map_permit = +my_pam_service, -sudo\n" @@ -10247,7 +10498,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:681 +#: sssd-ad.5.xml:701 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10259,39 +10510,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:698 +#: sssd-ad.5.xml:718 msgid "polkit-1" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:703 +#: sssd-ad.5.xml:723 msgid "sudo" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:708 +#: sssd-ad.5.xml:728 msgid "sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:713 +#: sssd-ad.5.xml:733 msgid "systemd-user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:722 +#: sssd-ad.5.xml:742 msgid "ad_gpo_map_deny (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:725 +#: sssd-ad.5.xml:745 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always denied, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:738 +#: sssd-ad.5.xml:758 #, no-wrap msgid "" "ad_gpo_map_deny = +my_pam_service\n" @@ -10299,12 +10550,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:748 +#: sssd-ad.5.xml:768 msgid "ad_gpo_default_right (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:751 +#: sssd-ad.5.xml:771 msgid "" "This option defines how access control is evaluated for PAM service names " "that are not explicitly listed in one of the ad_gpo_map_* options. This " @@ -10317,57 +10568,57 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:764 +#: sssd-ad.5.xml:784 msgid "Supported values for this option include:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:768 +#: sssd-ad.5.xml:788 msgid "interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:773 +#: sssd-ad.5.xml:793 msgid "remote_interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:778 +#: sssd-ad.5.xml:798 msgid "network" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:783 +#: sssd-ad.5.xml:803 msgid "batch" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:788 +#: sssd-ad.5.xml:808 msgid "service" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:793 +#: sssd-ad.5.xml:813 msgid "permit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:798 +#: sssd-ad.5.xml:818 msgid "deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:804 +#: sssd-ad.5.xml:824 msgid "Default: deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:810 +#: sssd-ad.5.xml:830 msgid "ad_maximum_machine_account_password_age (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:813 +#: sssd-ad.5.xml:833 msgid "" "SSSD will check once a day if the machine account password is older than the " "given age in days and try to renew it. A value of 0 will disable the renewal " @@ -10375,17 +10626,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:819 +#: sssd-ad.5.xml:839 msgid "Default: 30 days" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:825 +#: sssd-ad.5.xml:845 msgid "ad_machine_account_password_renewal_opts (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:828 +#: sssd-ad.5.xml:848 msgid "" "This option should only be used to test the machine account renewal task. " "The option expects 2 integers separated by a colon (':'). The first integer " @@ -10395,12 +10646,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:837 +#: sssd-ad.5.xml:857 msgid "Default: 86400:750 (24h and 15m)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:846 +#: sssd-ad.5.xml:866 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -10411,19 +10662,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:876 +#: sssd-ad.5.xml:896 msgid "Default: 3600 (seconds)" msgstr "初期値: 3600 (秒)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:892 +#: sssd-ad.5.xml:912 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:905 +#: sssd-ad.5.xml:925 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -10433,12 +10684,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:928 sss_rpcidmapd.5.xml:76 +#: sssd-ad.5.xml:948 sss_rpcidmapd.5.xml:76 msgid "Default: True" msgstr "初期値: True" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1020 +#: sssd-ad.5.xml:1040 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -10449,7 +10700,7 @@ msgstr "" "AD プロバイダー固有のオプションのみ示してします。" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1027 +#: sssd-ad.5.xml:1047 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -10473,7 +10724,7 @@ msgstr "" "ad_domain = example.com\n" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1047 +#: sssd-ad.5.xml:1067 #, no-wrap msgid "" "access_provider = ldap\n" @@ -10485,7 +10736,7 @@ msgstr "" "ldap_account_expire_policy = ad\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1043 +#: sssd-ad.5.xml:1063 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -10493,7 +10744,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1053 +#: sssd-ad.5.xml:1073 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -10503,7 +10754,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1061 +#: sssd-ad.5.xml:1081 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " @@ -10839,33 +11090,87 @@ msgstr "" "イルは <filename>/var/log/sssd</filename> に保存され、すべての SSSD サービス" "とドメインに対して別々のログファイルがあります。" +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:94 +msgid "" +"This option is deprecated. It is replaced by <option>--logger=files</option>." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:97 +#: sssd.8.xml:101 +#, fuzzy +#| msgid "<option>--debug-timestamps=</option><replaceable>mode</replaceable>" +msgid "<option>--logger=</option><replaceable>value</replaceable>" +msgstr "<option>--debug-timestamps=</option><replaceable>mode</replaceable>" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:105 +msgid "" +"Location where SSSD will send log messages. This option overrides the value " +"of the deprecated option <option>--debug-to-files</option>. The deprecated " +"option will still work if the <option>--logger</option> is not used." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:112 +#, fuzzy +#| msgid "<emphasis>1</emphasis>: Add a timestamp to the debug messages" +msgid "" +"<emphasis>stderr</emphasis>: Redirect debug messages to standard error " +"output." +msgstr "<emphasis>1</emphasis>: デバッグメッセージに日時を追加します" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:116 +#, fuzzy +#| msgid "" +#| "Send the debug output to files instead of stderr. By default, the log " +#| "files are stored in <filename>/var/log/sssd</filename> and there are " +#| "separate log files for every SSSD service and domain." +msgid "" +"<emphasis>files</emphasis>: Redirect debug messages to the log files. By " +"default, the log files are stored in <filename>/var/log/sssd</filename> and " +"there are separate log files for every SSSD service and domain." +msgstr "" +"デバッグ出力を標準エラーの代わりにファイルに送信します。初期状態で、ログファ" +"イルは <filename>/var/log/sssd</filename> に保存され、すべての SSSD サービス" +"とドメインに対して別々のログファイルがあります。" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:122 +#, fuzzy +#| msgid "<emphasis>1</emphasis>: Add a timestamp to the debug messages" +msgid "" +"<emphasis>journald</emphasis>: Redirect debug messages to systemd-journald" +msgstr "<emphasis>1</emphasis>: デバッグメッセージに日時を追加します" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sssd.8.xml:132 msgid "<option>-D</option>,<option>--daemon</option>" msgstr "<option>-D</option>,<option>--daemon</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:101 +#: sssd.8.xml:136 msgid "Become a daemon after starting up." msgstr "起動後にデーモンになります。" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:107 sss_seed.8.xml:136 +#: sssd.8.xml:142 sss_seed.8.xml:136 msgid "<option>-i</option>,<option>--interactive</option>" msgstr "<option>-i</option>,<option>--interactive</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:111 +#: sssd.8.xml:146 msgid "Run in the foreground, don't become a daemon." msgstr "フォアグラウンドで実行して、デーモンになりません。" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:117 +#: sssd.8.xml:152 msgid "<option>-c</option>,<option>--config</option>" msgstr "<option>-c</option>,<option>--config</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:121 +#: sssd.8.xml:156 msgid "" "Specify a non-default config file. The default is <filename>/etc/sssd/sssd." "conf</filename>. For reference on the config file syntax and options, " @@ -10878,27 +11183,27 @@ msgstr "" "citerefentry> マニュアルページを参照してください。" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:135 +#: sssd.8.xml:170 msgid "<option>--version</option>" msgstr "<option>--version</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:139 +#: sssd.8.xml:174 msgid "Print version number and exit." msgstr "バージョン番号を表示して終了します。" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.8.xml:147 +#: sssd.8.xml:182 msgid "Signals" msgstr "シグナル" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:150 +#: sssd.8.xml:185 msgid "SIGTERM/SIGINT" msgstr "SIGTERM/SIGINT" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:153 +#: sssd.8.xml:188 msgid "" "Informs the SSSD to gracefully terminate all of its child processes and then " "shut down the monitor." @@ -10907,12 +11212,12 @@ msgstr "" "ウンします。" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:159 +#: sssd.8.xml:194 msgid "SIGHUP" msgstr "SIGHUP" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:162 +#: sssd.8.xml:197 msgid "" "Tells the SSSD to stop writing to its current debug file descriptors and to " "close and reopen them. This is meant to facilitate log rolling with programs " @@ -10923,12 +11228,12 @@ msgstr "" "てログローテーションを促進することを意味します。" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:170 +#: sssd.8.xml:205 msgid "SIGUSR1" msgstr "SIGUSR1" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:173 +#: sssd.8.xml:208 msgid "" "Tells the SSSD to simulate offline operation for the duration of the " "<quote>offline_timeout</quote> parameter. This is useful for testing. The " @@ -10937,12 +11242,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:182 +#: sssd.8.xml:217 msgid "SIGUSR2" msgstr "SIGUSR2" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:185 +#: sssd.8.xml:220 msgid "" "Tells the SSSD to go online immediately. This is useful for testing. The " "signal can be sent to either the sssd process or any sssd_be process " @@ -10950,7 +11255,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.8.xml:197 +#: sssd.8.xml:232 msgid "" "If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", client " "applications will not use the fast in memory cache." @@ -13554,7 +13859,7 @@ msgid "" "project was born to deal with this problem in cloud like environments, but " "we found the idea compelling even at a single system level. As a security " "service, SSSD is ideal to host this capability while offering the same API " -"via a Unix Socket. This will make it possible to use local calls and have " +"via a UNIX Socket. This will make it possible to use local calls and have " "them transparently routed to a local or a remote key management store like " "IPA Vault for storage, escrow and recovery." msgstr "" @@ -16174,6 +16479,13 @@ msgstr "" msgid "ldap_group_external_member = ipaExternalMember" msgstr "" +#~ msgid "" +#~ "Determines if a domain can be enumerated. This parameter can have one of " +#~ "the following values:" +#~ msgstr "" +#~ "ドメインが列挙できるかを決定します。このパラメーターは以下の値のどれかであ" +#~ "る必要があります:" + #~ msgid "" #~ "<command>sss_debuglevel</command> changes debug level of SSSD monitor and " #~ "providers to <replaceable>NEW_DEBUG_LEVEL</replaceable> while SSSD is " diff --git a/src/man/po/lv.po b/src/man/po/lv.po index a8c07af219c..d51596fdf7c 100644 --- a/src/man/po/lv.po +++ b/src/man/po/lv.po @@ -9,7 +9,7 @@ msgid "" msgstr "" "Project-Id-Version: sssd-docs 1.15.3\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2017-10-20 16:15+0200\n" +"POT-Creation-Date: 2018-03-09 12:30+0100\n" "PO-Revision-Date: 2014-12-15 12:00-0500\n" "Last-Translator: Copied by Zanata <copied-by-zanata@zanata.org>\n" "Language-Team: Latvian (http://www.transifex.com/projects/p/sssd/language/" @@ -296,9 +296,9 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:133 sssd.conf.5.xml:543 sssd.conf.5.xml:837 -#: sssd.conf.5.xml:1467 sssd-ldap.5.xml:1722 sssd-ldap.5.xml:1819 -#: sssd-ldap.5.xml:1881 sssd-ldap.5.xml:2447 sssd-ldap.5.xml:2512 -#: sssd-ldap.5.xml:2530 sssd-ad.5.xml:211 sssd-ad.5.xml:325 sssd-ad.5.xml:862 +#: sssd.conf.5.xml:1474 sssd-ldap.5.xml:1840 sssd-ldap.5.xml:1937 +#: sssd-ldap.5.xml:1999 sssd-ldap.5.xml:2565 sssd-ldap.5.xml:2630 +#: sssd-ldap.5.xml:2648 sssd-ad.5.xml:224 sssd-ad.5.xml:338 sssd-ad.5.xml:882 #: sssd-krb5.5.xml:499 sssd-secrets.5.xml:351 sssd-secrets.5.xml:364 msgid "Default: true" msgstr "" @@ -317,16 +317,16 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:146 sssd.conf.5.xml:540 sssd.conf.5.xml:721 -#: sssd.conf.5.xml:1400 sssd.conf.5.xml:2865 sssd-ldap.5.xml:708 -#: sssd-ldap.5.xml:1596 sssd-ldap.5.xml:1615 sssd-ldap.5.xml:1791 -#: sssd-ldap.5.xml:2217 sssd-ipa.5.xml:145 sssd-ipa.5.xml:232 -#: sssd-ipa.5.xml:540 sssd-krb5.5.xml:266 sssd-krb5.5.xml:300 +#: sssd.conf.5.xml:1407 sssd.conf.5.xml:2925 sssd-ldap.5.xml:708 +#: sssd-ldap.5.xml:1714 sssd-ldap.5.xml:1733 sssd-ldap.5.xml:1909 +#: sssd-ldap.5.xml:2335 sssd-ipa.5.xml:151 sssd-ipa.5.xml:238 +#: sssd-ipa.5.xml:559 sssd-krb5.5.xml:266 sssd-krb5.5.xml:300 #: sssd-krb5.5.xml:471 msgid "Default: false" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2255 +#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2373 #: sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 sssd-systemtap.5.xml:210 #: sssd-systemtap.5.xml:248 sssd-systemtap.5.xml:304 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" @@ -351,8 +351,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:169 sssd.conf.5.xml:1352 sssd.conf.5.xml:2881 -#: sssd-ldap.5.xml:1467 include/ldap_id_mapping.xml:264 +#: sssd.conf.5.xml:169 sssd.conf.5.xml:1359 sssd.conf.5.xml:2941 +#: sssd-ldap.5.xml:1585 include/ldap_id_mapping.xml:264 msgid "Default: 10" msgstr "Noklusējuma: 10" @@ -367,7 +367,7 @@ msgid "The [sssd] section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:191 sssd.conf.5.xml:2970 +#: sssd.conf.5.xml:191 sssd.conf.5.xml:3030 msgid "Section parameters" msgstr "" @@ -393,7 +393,7 @@ msgstr "pakalpojumi" msgid "" "Comma separated list of services that are started when sssd itself starts. " "<phrase condition=\"have_systemd\"> The services' list is optional on " -"platforms where systemd is supported, as they will either be socket or dbus " +"platforms where systemd is supported, as they will either be socket or D-Bus " "activated when needed. </phrase>" msgstr "" @@ -447,7 +447,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:259 sssd.conf.5.xml:2508 +#: sssd.conf.5.xml:259 sssd.conf.5.xml:2539 msgid "re_expression (string)" msgstr "" @@ -467,12 +467,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:276 sssd.conf.5.xml:2559 +#: sssd.conf.5.xml:276 sssd.conf.5.xml:2590 msgid "full_name_format (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:279 sssd.conf.5.xml:2562 +#: sssd.conf.5.xml:279 sssd.conf.5.xml:2593 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -480,39 +480,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:290 sssd.conf.5.xml:2573 +#: sssd.conf.5.xml:290 sssd.conf.5.xml:2604 msgid "%1$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:291 sssd.conf.5.xml:2574 +#: sssd.conf.5.xml:291 sssd.conf.5.xml:2605 msgid "user name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:294 sssd.conf.5.xml:2577 +#: sssd.conf.5.xml:294 sssd.conf.5.xml:2608 msgid "%2$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:297 sssd.conf.5.xml:2580 +#: sssd.conf.5.xml:297 sssd.conf.5.xml:2611 msgid "domain name as specified in the SSSD config file." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:303 sssd.conf.5.xml:2586 +#: sssd.conf.5.xml:303 sssd.conf.5.xml:2617 msgid "%3$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:306 sssd.conf.5.xml:2589 +#: sssd.conf.5.xml:306 sssd.conf.5.xml:2620 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:287 sssd.conf.5.xml:2570 +#: sssd.conf.5.xml:287 sssd.conf.5.xml:2601 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -636,12 +636,13 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:418 sssd.conf.5.xml:1156 sssd-ldap.5.xml:679 -#: sssd-ldap.5.xml:1555 sssd-ldap.5.xml:1567 sssd-ldap.5.xml:1649 -#: sssd-ad.5.xml:667 sssd-ad.5.xml:742 sssd-krb5.5.xml:410 sssd-krb5.5.xml:556 -#: sssd-secrets.5.xml:339 sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 -#: sssd-secrets.5.xml:404 sssd-secrets.5.xml:415 -#: include/ldap_id_mapping.xml:205 include/ldap_id_mapping.xml:216 +#: sssd.conf.5.xml:418 sssd.conf.5.xml:1163 sssd-ldap.5.xml:679 +#: sssd-ldap.5.xml:1319 sssd-ldap.5.xml:1673 sssd-ldap.5.xml:1685 +#: sssd-ldap.5.xml:1767 sssd-ad.5.xml:687 sssd-ad.5.xml:762 sssd.8.xml:126 +#: sssd-krb5.5.xml:410 sssd-krb5.5.xml:556 sssd-secrets.5.xml:339 +#: sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 sssd-secrets.5.xml:404 +#: sssd-secrets.5.xml:415 include/ldap_id_mapping.xml:205 +#: include/ldap_id_mapping.xml:216 msgid "Default: not set" msgstr "" @@ -828,8 +829,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:587 sssd.conf.5.xml:1364 sssd.conf.5.xml:2931 -#: sssd-ad.5.xml:148 sssd-ad.5.xml:286 sssd-ad.5.xml:300 +#: sssd.conf.5.xml:587 sssd.conf.5.xml:1371 sssd.conf.5.xml:2991 +#: sssd-ad.5.xml:161 sssd-ad.5.xml:299 sssd-ad.5.xml:313 msgid "Default: Not set" msgstr "" @@ -905,7 +906,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:655 sssd.conf.5.xml:687 sssd.conf.5.xml:968 -#: sssd.conf.5.xml:1222 sssd-ldap.5.xml:1294 +#: sssd.conf.5.xml:1229 sssd-ldap.5.xml:1412 msgid "Default: 60" msgstr "Noklusējuma: 60" @@ -960,12 +961,12 @@ msgid "" "resource exhaustion on the system. The minimum acceptable value for this " "option is 60 seconds. Setting this option to 0 (zero) means that no timeout " "will be set up to the responder. This option only has effect when SSSD is " -"built with systemd support and when services are either socket or dbus " +"built with systemd support and when services are either socket or D-Bus " "activated." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:709 sssd.conf.5.xml:980 sssd.conf.5.xml:1559 +#: sssd.conf.5.xml:709 sssd.conf.5.xml:981 sssd.conf.5.xml:1566 #: sssd-ldap.5.xml:722 msgid "Default: 300" msgstr "Noklusējuma: 300" @@ -1043,7 +1044,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:775 sssd.conf.5.xml:1421 +#: sssd.conf.5.xml:775 sssd.conf.5.xml:1428 msgid "Default: 50" msgstr "" @@ -1061,7 +1062,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:789 sssd.conf.5.xml:1445 +#: sssd.conf.5.xml:789 sssd.conf.5.xml:1452 msgid "Default: 15" msgstr "Noklusējuma: 15" @@ -1078,7 +1079,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:802 sssd.conf.5.xml:1210 sssd.conf.5.xml:2815 sssd.8.xml:79 +#: sssd.conf.5.xml:802 sssd.conf.5.xml:1217 sssd.conf.5.xml:2846 sssd.8.xml:79 msgid "Default: 0" msgstr "" @@ -1148,7 +1149,7 @@ msgid "" msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:856 sssd.conf.5.xml:1289 sssd.conf.5.xml:1308 +#: sssd.conf.5.xml:856 sssd.conf.5.xml:1296 sssd.conf.5.xml:1315 #: sssd-krb5.5.xml:539 include/override_homedir.xml:59 msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" @@ -1282,12 +1283,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:961 sssd.conf.5.xml:1215 +#: sssd.conf.5.xml:961 sssd.conf.5.xml:1222 msgid "get_domains_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:964 sssd.conf.5.xml:1218 +#: sssd.conf.5.xml:964 sssd.conf.5.xml:1225 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." @@ -1302,23 +1303,30 @@ msgstr "" #: sssd.conf.5.xml:976 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " -"valid." +"valid. Setting this option to zero will disable the in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:983 +#: sssd.conf.5.xml:984 +msgid "" +"WARNING: Disabling the in-memory cache will have significant negative impact " +"on SSSD's performance and should only be used for testing." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:990 msgid "" "NOTE: If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", " "client applications will not use the fast in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:991 sssd-ifp.5.xml:74 +#: sssd.conf.5.xml:998 sssd-ifp.5.xml:74 msgid "user_attributes (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:994 +#: sssd.conf.5.xml:1001 msgid "" "Some of the additional NSS responder requests can return more attributes " "than just the POSIX ones defined by the NSS interface. The list of " @@ -1329,96 +1337,96 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1007 +#: sssd.conf.5.xml:1014 msgid "" "To make configuration more easy the NSS responder will check the InfoPipe " "option if it is not set for the NSS responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1012 +#: sssd.conf.5.xml:1019 msgid "Default: not set, fallback to InfoPipe option" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1017 +#: sssd.conf.5.xml:1024 msgid "pwfield (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1020 +#: sssd.conf.5.xml:1027 msgid "" "The value that NSS operations that return users or groups will return for " "the <quote>password</quote> field." msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:1025 include/override_homedir.xml:56 +#: sssd.conf.5.xml:1032 include/override_homedir.xml:56 msgid "This option can also be set per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1028 +#: sssd.conf.5.xml:1035 msgid "" "Default: <quote>*</quote> (remote domains) or <quote>x</quote> (the files " "domain)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1036 +#: sssd.conf.5.xml:1043 msgid "PAM configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1038 +#: sssd.conf.5.xml:1045 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1043 +#: sssd.conf.5.xml:1050 msgid "offline_credentials_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1046 +#: sssd.conf.5.xml:1053 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1051 sssd.conf.5.xml:1064 +#: sssd.conf.5.xml:1058 sssd.conf.5.xml:1071 msgid "Default: 0 (No limit)" msgstr "Noklusējuma: 0 (bez ierobežojuma)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1057 +#: sssd.conf.5.xml:1064 msgid "offline_failed_login_attempts (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1060 +#: sssd.conf.5.xml:1067 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1070 +#: sssd.conf.5.xml:1077 msgid "offline_failed_login_delay (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1073 +#: sssd.conf.5.xml:1080 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1078 +#: sssd.conf.5.xml:1085 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -1426,59 +1434,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1084 sssd.conf.5.xml:1182 +#: sssd.conf.5.xml:1091 sssd.conf.5.xml:1189 msgid "Default: 5" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1090 +#: sssd.conf.5.xml:1097 msgid "pam_verbosity (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1093 +#: sssd.conf.5.xml:1100 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1098 +#: sssd.conf.5.xml:1105 msgid "Currently sssd supports the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1101 +#: sssd.conf.5.xml:1108 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1104 +#: sssd.conf.5.xml:1111 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1108 +#: sssd.conf.5.xml:1115 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1111 +#: sssd.conf.5.xml:1118 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1115 sssd.8.xml:63 +#: sssd.conf.5.xml:1122 sssd.8.xml:63 msgid "Default: 1" msgstr "Noklusējuma: 1" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1121 +#: sssd.conf.5.xml:1128 msgid "pam_response_filter (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1124 +#: sssd.conf.5.xml:1131 msgid "" "A comma separated list of strings which allows to remove (filter) data sent " "by the PAM responder to pam_sss PAM module. There are different kind of " @@ -1487,61 +1495,61 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1132 +#: sssd.conf.5.xml:1139 msgid "" "While messages already can be controlled with the help of the pam_verbosity " "option this option allows to filter out other kind of responses as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1139 +#: sssd.conf.5.xml:1146 msgid "ENV" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1140 +#: sssd.conf.5.xml:1147 msgid "Do not send any environment variables to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1143 +#: sssd.conf.5.xml:1150 msgid "ENV:var_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1144 +#: sssd.conf.5.xml:1151 msgid "Do not send environment variable var_name to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1148 +#: sssd.conf.5.xml:1155 msgid "ENV:var_name:service" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1149 +#: sssd.conf.5.xml:1156 msgid "Do not send environment variable var_name to service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1137 +#: sssd.conf.5.xml:1144 msgid "" "Currently the following filters are supported: <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1159 +#: sssd.conf.5.xml:1166 msgid "Example: ENV:KRB5CCNAME:sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1165 +#: sssd.conf.5.xml:1172 msgid "pam_id_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1168 +#: sssd.conf.5.xml:1175 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1549,7 +1557,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1174 +#: sssd.conf.5.xml:1181 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -1558,17 +1566,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1188 +#: sssd.conf.5.xml:1195 msgid "pam_pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1191 sssd.conf.5.xml:2010 +#: sssd.conf.5.xml:1198 sssd.conf.5.xml:2028 msgid "Display a warning N days before the password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1194 +#: sssd.conf.5.xml:1201 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1576,26 +1584,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1200 sssd.conf.5.xml:2013 +#: sssd.conf.5.xml:1207 sssd.conf.5.xml:2031 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1205 +#: sssd.conf.5.xml:1212 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:1234 msgid "pam_trusted_users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1230 +#: sssd.conf.5.xml:1237 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to run PAM conversations against trusted domains. Users not " @@ -1605,74 +1613,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1240 +#: sssd.conf.5.xml:1247 msgid "Default: All users are considered trusted by default" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1244 +#: sssd.conf.5.xml:1251 msgid "" "Please note that UID 0 is always allowed to access the PAM responder even in " "case it is not in the pam_trusted_users list." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1251 +#: sssd.conf.5.xml:1258 msgid "pam_public_domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1254 +#: sssd.conf.5.xml:1261 msgid "" "Specifies the comma-separated list of domain names that are accessible even " "to untrusted users." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1258 +#: sssd.conf.5.xml:1265 msgid "Two special values for pam_public_domains option are defined:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1262 +#: sssd.conf.5.xml:1269 msgid "" "all (Untrusted users are allowed to access all domains in PAM responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1266 +#: sssd.conf.5.xml:1273 msgid "" "none (Untrusted users are not allowed to access any domains PAM in " "responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1270 sssd.conf.5.xml:1295 sssd.conf.5.xml:1314 -#: sssd.conf.5.xml:1807 sssd.conf.5.xml:2751 sssd-ldap.5.xml:1850 +#: sssd.conf.5.xml:1277 sssd.conf.5.xml:1302 sssd.conf.5.xml:1321 +#: sssd.conf.5.xml:1825 sssd.conf.5.xml:2782 sssd-ldap.5.xml:1968 msgid "Default: none" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1275 +#: sssd.conf.5.xml:1282 msgid "pam_account_expired_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1278 +#: sssd.conf.5.xml:1285 msgid "" "Allows a custom expiration message to be set, replacing the default " "'Permission denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1283 +#: sssd.conf.5.xml:1290 msgid "" "Note: Please be aware that message is only printed for the SSH service " "unless pam_verbosity is set to 3 (show all messages and debug information)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1291 +#: sssd.conf.5.xml:1298 #, no-wrap msgid "" "pam_account_expired_message = Account expired, please contact help desk.\n" @@ -1680,19 +1688,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1300 +#: sssd.conf.5.xml:1307 msgid "pam_account_locked_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1303 +#: sssd.conf.5.xml:1310 msgid "" "Allows a custom lockout message to be set, replacing the default 'Permission " "denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1310 +#: sssd.conf.5.xml:1317 #, no-wrap msgid "" "pam_account_locked_message = Account locked, please contact help desk.\n" @@ -1700,12 +1708,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1319 +#: sssd.conf.5.xml:1326 msgid "pam_cert_auth (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1322 +#: sssd.conf.5.xml:1329 msgid "" "Enable certificate based Smartcard authentication. Since this requires " "additional communication with the Smartcard which will delay the " @@ -1713,58 +1721,58 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1328 sssd-ldap.5.xml:1078 sssd-ldap.5.xml:1105 -#: sssd-ldap.5.xml:1396 sssd-ldap.5.xml:1417 sssd-ldap.5.xml:1923 -#: include/ldap_id_mapping.xml:244 +#: sssd.conf.5.xml:1335 sssd.conf.5.xml:2875 sssd-ldap.5.xml:1087 +#: sssd-ldap.5.xml:1114 sssd-ldap.5.xml:1514 sssd-ldap.5.xml:1535 +#: sssd-ldap.5.xml:2041 include/ldap_id_mapping.xml:244 msgid "Default: False" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1333 +#: sssd.conf.5.xml:1340 msgid "pam_cert_db_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1336 +#: sssd.conf.5.xml:1343 msgid "" "The path to the certificate database which contain the PKCS#11 modules to " "access the Smartcard." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1340 +#: sssd.conf.5.xml:1347 msgid "Default: /etc/pki/nssdb (NSS version)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1345 +#: sssd.conf.5.xml:1352 msgid "p11_child_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1348 +#: sssd.conf.5.xml:1355 msgid "How many seconds will pam_sss wait for p11_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1357 +#: sssd.conf.5.xml:1364 msgid "pam_app_services (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1360 +#: sssd.conf.5.xml:1367 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1373 +#: sssd.conf.5.xml:1380 msgid "SUDO configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1375 +#: sssd.conf.5.xml:1382 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -1775,26 +1783,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1392 +#: sssd.conf.5.xml:1399 msgid "sudo_timed (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1395 +#: sssd.conf.5.xml:1402 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1407 +#: sssd.conf.5.xml:1414 #, fuzzy #| msgid "timeout (integer)" msgid "sudo_threshold (integer)" msgstr "noildze (vesels skaitlis)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1410 +#: sssd.conf.5.xml:1417 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -1804,22 +1812,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1429 +#: sssd.conf.5.xml:1436 msgid "AUTOFS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1431 +#: sssd.conf.5.xml:1438 msgid "These options can be used to configure the autofs service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1435 +#: sssd.conf.5.xml:1442 msgid "autofs_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1438 +#: sssd.conf.5.xml:1445 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -1827,68 +1835,68 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1454 +#: sssd.conf.5.xml:1461 msgid "SSH configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1456 +#: sssd.conf.5.xml:1463 msgid "These options can be used to configure the SSH service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1460 +#: sssd.conf.5.xml:1467 msgid "ssh_hash_known_hosts (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1463 +#: sssd.conf.5.xml:1470 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1472 +#: sssd.conf.5.xml:1479 msgid "ssh_known_hosts_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1475 +#: sssd.conf.5.xml:1482 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1479 +#: sssd.conf.5.xml:1486 msgid "Default: 180" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1484 +#: sssd.conf.5.xml:1491 msgid "ca_db (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1487 +#: sssd.conf.5.xml:1494 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1492 +#: sssd.conf.5.xml:1499 msgid "Default: /etc/pki/nssdb" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1500 +#: sssd.conf.5.xml:1507 msgid "PAC responder configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1502 +#: sssd.conf.5.xml:1509 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -1899,7 +1907,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1511 +#: sssd.conf.5.xml:1518 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -1910,24 +1918,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1519 +#: sssd.conf.5.xml:1526 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1525 +#: sssd.conf.5.xml:1532 msgid "These options can be used to configure the PAC responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1529 sssd-ifp.5.xml:50 +#: sssd.conf.5.xml:1536 sssd-ifp.5.xml:50 msgid "allowed_uids (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1532 +#: sssd.conf.5.xml:1539 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -1935,12 +1943,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1538 +#: sssd.conf.5.xml:1545 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1542 +#: sssd.conf.5.xml:1549 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -1949,24 +1957,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1551 +#: sssd.conf.5.xml:1558 msgid "pac_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1554 +#: sssd.conf.5.xml:1561 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1567 +#: sssd.conf.5.xml:1574 msgid "Session recording configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1569 +#: sssd.conf.5.xml:1576 msgid "" "Session recording works in conjunction with <citerefentry> " "<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> </" @@ -1976,68 +1984,68 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1582 +#: sssd.conf.5.xml:1589 msgid "These options can be used to configure session recording." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1586 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:1593 sssd-session-recording.5.xml:64 msgid "scope (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1593 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:1600 sssd-session-recording.5.xml:71 msgid "\"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1596 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:1603 sssd-session-recording.5.xml:74 msgid "No users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1601 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:1608 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1604 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:1611 sssd-session-recording.5.xml:82 msgid "" "Users/groups specified by <replaceable>users</replaceable> and " "<replaceable>groups</replaceable> options are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1613 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:1620 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1616 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:1623 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1589 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:1596 sssd-session-recording.5.xml:67 msgid "" "One of the following strings specifying the scope of session recording: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1623 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:1630 sssd-session-recording.5.xml:101 #, fuzzy #| msgid "Default: 1" msgid "Default: \"none\"" msgstr "Noklusējuma: 1" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1628 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:1635 sssd-session-recording.5.xml:106 msgid "users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1631 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:1638 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording enabled. " "Matches user names as returned by NSS. I.e. after the possible space " @@ -2045,17 +2053,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1637 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:1644 sssd-session-recording.5.xml:115 msgid "Default: Empty. Matches no users." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1642 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:1649 sssd-session-recording.5.xml:120 msgid "groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1645 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:1652 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " @@ -2063,7 +2071,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1651 sssd-session-recording.5.xml:129 +#: sssd.conf.5.xml:1658 sssd-session-recording.5.xml:129 msgid "" "NOTE: using this option (having it set to anything) has a considerable " "performance cost, because each uncached request for a user requires " @@ -2071,22 +2079,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1658 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:1665 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1668 +#: sssd.conf.5.xml:1675 msgid "DOMAIN SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1675 +#: sssd.conf.5.xml:1682 msgid "domain_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1678 +#: sssd.conf.5.xml:1685 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " @@ -2095,14 +2103,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1686 +#: sssd.conf.5.xml:1693 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1690 +#: sssd.conf.5.xml:1697 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " @@ -2111,38 +2119,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1698 +#: sssd.conf.5.xml:1705 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1702 +#: sssd.conf.5.xml:1709 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1706 +#: sssd.conf.5.xml:1713 msgid "Default: posix" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1712 +#: sssd.conf.5.xml:1719 msgid "min_id,max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1715 +#: sssd.conf.5.xml:1722 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1720 +#: sssd.conf.5.xml:1727 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -2151,46 +2159,55 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1727 +#: sssd.conf.5.xml:1734 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1731 +#: sssd.conf.5.xml:1738 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1737 +#: sssd.conf.5.xml:1744 msgid "enumerate (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1740 +#: sssd.conf.5.xml:1747 msgid "" -"Determines if a domain can be enumerated. This parameter can have one of the " -"following values:" +"Determines if a domain can be enumerated, that is, whether the domain can " +"list all the users and group it contains. Note that it is not required to " +"enable enumeration in order for secondary groups to be displayed. This " +"parameter can have one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1744 +#: sssd.conf.5.xml:1755 msgid "TRUE = Users and groups are enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1747 +#: sssd.conf.5.xml:1758 msgid "FALSE = No enumerations for this domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1750 sssd.conf.5.xml:1965 sssd.conf.5.xml:2132 +#: sssd.conf.5.xml:1761 sssd.conf.5.xml:1983 sssd.conf.5.xml:2150 msgid "Default: FALSE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1753 +#: sssd.conf.5.xml:1764 +msgid "" +"Enumerating a domain requires SSSD to download and store ALL user and group " +"entries from the remote server." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1769 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -2198,18 +2215,20 @@ msgid "" "information will go directly to LDAP, though it may be slow, due to the " "heavy enumeration processing. Saving a large number of entries to cache " "after the enumeration completes might also be CPU intensive as the " -"memberships have to be recomputed." +"memberships have to be recomputed. This can lead to the <quote>sssd_be</" +"quote> process becoming unresponsive or even restarted by the internal " +"watchdog." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1766 +#: sssd.conf.5.xml:1784 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1771 +#: sssd.conf.5.xml:1789 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -2218,39 +2237,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1779 +#: sssd.conf.5.xml:1797 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1787 +#: sssd.conf.5.xml:1805 msgid "subdomain_enumerate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1794 +#: sssd.conf.5.xml:1812 msgid "all" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1795 +#: sssd.conf.5.xml:1813 msgid "All discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1798 +#: sssd.conf.5.xml:1816 msgid "none" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1799 +#: sssd.conf.5.xml:1817 msgid "No discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1790 +#: sssd.conf.5.xml:1808 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -2259,19 +2278,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1813 +#: sssd.conf.5.xml:1831 msgid "entry_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1816 +#: sssd.conf.5.xml:1834 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1820 +#: sssd.conf.5.xml:1838 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -2282,151 +2301,151 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1833 +#: sssd.conf.5.xml:1851 msgid "Default: 5400" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1839 +#: sssd.conf.5.xml:1857 msgid "entry_cache_user_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1842 +#: sssd.conf.5.xml:1860 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1846 sssd.conf.5.xml:1859 sssd.conf.5.xml:1872 -#: sssd.conf.5.xml:1885 sssd.conf.5.xml:1898 sssd.conf.5.xml:1912 -#: sssd.conf.5.xml:1926 +#: sssd.conf.5.xml:1864 sssd.conf.5.xml:1877 sssd.conf.5.xml:1890 +#: sssd.conf.5.xml:1903 sssd.conf.5.xml:1916 sssd.conf.5.xml:1930 +#: sssd.conf.5.xml:1944 msgid "Default: entry_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1852 +#: sssd.conf.5.xml:1870 msgid "entry_cache_group_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1855 +#: sssd.conf.5.xml:1873 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1865 +#: sssd.conf.5.xml:1883 msgid "entry_cache_netgroup_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1868 +#: sssd.conf.5.xml:1886 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1878 +#: sssd.conf.5.xml:1896 msgid "entry_cache_service_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1881 +#: sssd.conf.5.xml:1899 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1891 +#: sssd.conf.5.xml:1909 msgid "entry_cache_sudo_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1894 +#: sssd.conf.5.xml:1912 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1904 +#: sssd.conf.5.xml:1922 msgid "entry_cache_autofs_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1907 +#: sssd.conf.5.xml:1925 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1918 +#: sssd.conf.5.xml:1936 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1921 +#: sssd.conf.5.xml:1939 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1932 +#: sssd.conf.5.xml:1950 msgid "refresh_expired_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1935 +#: sssd.conf.5.xml:1953 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1940 +#: sssd.conf.5.xml:1958 msgid "" "The background refresh will process users, groups and netgroups in the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1944 +#: sssd.conf.5.xml:1962 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1948 sssd-ldap.5.xml:746 sssd-ipa.5.xml:248 +#: sssd.conf.5.xml:1966 sssd-ldap.5.xml:746 sssd-ipa.5.xml:254 msgid "Default: 0 (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1954 +#: sssd.conf.5.xml:1972 msgid "cache_credentials (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1957 +#: sssd.conf.5.xml:1975 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1961 +#: sssd.conf.5.xml:1979 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1971 +#: sssd.conf.5.xml:1989 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1974 +#: sssd.conf.5.xml:1992 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " @@ -2434,24 +2453,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1981 +#: sssd.conf.5.xml:1999 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1986 +#: sssd.conf.5.xml:2004 msgid "Default: 8" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1992 +#: sssd.conf.5.xml:2010 msgid "account_cache_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1995 +#: sssd.conf.5.xml:2013 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -2460,17 +2479,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2002 +#: sssd.conf.5.xml:2020 msgid "Default: 0 (unlimited)" msgstr "Noklusējuma: 0 (neierobežots)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2007 +#: sssd.conf.5.xml:2025 msgid "pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2018 +#: sssd.conf.5.xml:2036 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -2479,33 +2498,33 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2025 +#: sssd.conf.5.xml:2043 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2031 +#: sssd.conf.5.xml:2049 msgid "id_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2034 +#: sssd.conf.5.xml:2052 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2038 +#: sssd.conf.5.xml:2056 msgid "<quote>proxy</quote>: Support a legacy NSS provider" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2041 sssd.conf.5.xml:2178 +#: sssd.conf.5.xml:2059 sssd.conf.5.xml:2196 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2045 +#: sssd.conf.5.xml:2063 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -2513,8 +2532,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2053 sssd.conf.5.xml:2158 sssd.conf.5.xml:2213 -#: sssd.conf.5.xml:2276 +#: sssd.conf.5.xml:2071 sssd.conf.5.xml:2176 sssd.conf.5.xml:2231 +#: sssd.conf.5.xml:2294 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -2523,8 +2542,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2062 sssd.conf.5.xml:2167 sssd.conf.5.xml:2222 -#: sssd.conf.5.xml:2285 +#: sssd.conf.5.xml:2080 sssd.conf.5.xml:2185 sssd.conf.5.xml:2240 +#: sssd.conf.5.xml:2303 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2532,19 +2551,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2073 +#: sssd.conf.5.xml:2091 msgid "use_fully_qualified_names (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2076 +#: sssd.conf.5.xml:2094 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2081 +#: sssd.conf.5.xml:2099 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -2553,7 +2572,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2089 +#: sssd.conf.5.xml:2107 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -2561,22 +2580,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2096 +#: sssd.conf.5.xml:2114 msgid "Default: FALSE (TRUE if default_domain_suffix is used)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2102 +#: sssd.conf.5.xml:2120 msgid "ignore_group_members (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2105 +#: sssd.conf.5.xml:2123 msgid "Do not return group members for group lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2108 +#: sssd.conf.5.xml:2126 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -2588,7 +2607,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2126 +#: sssd.conf.5.xml:2144 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " @@ -2596,19 +2615,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2137 +#: sssd.conf.5.xml:2155 msgid "auth_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2140 +#: sssd.conf.5.xml:2158 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2144 sssd.conf.5.xml:2206 +#: sssd.conf.5.xml:2162 sssd.conf.5.xml:2224 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2616,7 +2635,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2151 +#: sssd.conf.5.xml:2169 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2624,30 +2643,30 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2175 +#: sssd.conf.5.xml:2193 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2182 +#: sssd.conf.5.xml:2200 msgid "<quote>none</quote> disables authentication explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2185 +#: sssd.conf.5.xml:2203 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2191 +#: sssd.conf.5.xml:2209 msgid "access_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2194 +#: sssd.conf.5.xml:2212 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -2655,19 +2674,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2200 +#: sssd.conf.5.xml:2218 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2203 +#: sssd.conf.5.xml:2221 msgid "<quote>deny</quote> always deny access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2230 +#: sssd.conf.5.xml:2248 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -2676,7 +2695,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2237 +#: sssd.conf.5.xml:2255 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum></" @@ -2684,29 +2703,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2244 +#: sssd.conf.5.xml:2262 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2247 +#: sssd.conf.5.xml:2265 msgid "Default: <quote>permit</quote>" msgstr "Noklusējuma: <quote>atļaut</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2252 +#: sssd.conf.5.xml:2270 msgid "chpass_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2255 +#: sssd.conf.5.xml:2273 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2260 +#: sssd.conf.5.xml:2278 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -2714,7 +2733,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2268 +#: sssd.conf.5.xml:2286 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2722,35 +2741,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2293 +#: sssd.conf.5.xml:2311 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2297 +#: sssd.conf.5.xml:2315 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2300 +#: sssd.conf.5.xml:2318 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2307 +#: sssd.conf.5.xml:2325 msgid "sudo_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2310 +#: sssd.conf.5.xml:2328 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2314 +#: sssd.conf.5.xml:2332 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2758,32 +2777,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2322 +#: sssd.conf.5.xml:2340 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2326 +#: sssd.conf.5.xml:2344 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2330 +#: sssd.conf.5.xml:2348 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2333 sssd.conf.5.xml:2411 sssd.conf.5.xml:2476 -#: sssd.conf.5.xml:2501 +#: sssd.conf.5.xml:2351 sssd.conf.5.xml:2437 sssd.conf.5.xml:2507 +#: sssd.conf.5.xml:2532 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2337 +#: sssd.conf.5.xml:2355 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -2793,13 +2812,22 @@ msgid "" "<manvolnum>5</manvolnum> </citerefentry>." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2370 +msgid "" +"<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " +"background unless the sudo provider is explicitly disabled. Set " +"<emphasis>sudo_provider = None</emphasis> to disable all sudo-related " +"activity in SSSD if you do not want to use sudo with SSSD at all." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2354 +#: sssd.conf.5.xml:2380 msgid "selinux_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2357 +#: sssd.conf.5.xml:2383 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -2807,7 +2835,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2363 +#: sssd.conf.5.xml:2389 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -2815,31 +2843,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2371 +#: sssd.conf.5.xml:2397 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2374 +#: sssd.conf.5.xml:2400 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2380 +#: sssd.conf.5.xml:2406 msgid "subdomains_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2383 +#: sssd.conf.5.xml:2409 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2389 +#: sssd.conf.5.xml:2415 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -2847,7 +2875,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2398 +#: sssd.conf.5.xml:2424 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -2856,17 +2884,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2407 +#: sssd.conf.5.xml:2433 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2417 +#: sssd.conf.5.xml:2443 msgid "session_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2420 +#: sssd.conf.5.xml:2446 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " @@ -2874,36 +2902,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2427 +#: sssd.conf.5.xml:2453 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2431 +#: sssd.conf.5.xml:2457 msgid "" "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2435 +#: sssd.conf.5.xml:2461 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can perform " "session related tasks." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2465 +msgid "" +"<emphasis>NOTE:</emphasis> In order to have this feature working as expected " +"SSSD must be running as \"root\" and not as the unprivileged user." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2442 +#: sssd.conf.5.xml:2473 msgid "autofs_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2445 +#: sssd.conf.5.xml:2476 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2449 +#: sssd.conf.5.xml:2480 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2911,7 +2946,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2456 +#: sssd.conf.5.xml:2487 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2919,7 +2954,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2464 +#: sssd.conf.5.xml:2495 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2927,24 +2962,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2473 +#: sssd.conf.5.xml:2504 msgid "<quote>none</quote> disables autofs explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2483 +#: sssd.conf.5.xml:2514 msgid "hostid_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2486 +#: sssd.conf.5.xml:2517 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2490 +#: sssd.conf.5.xml:2521 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -2952,12 +2987,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2498 +#: sssd.conf.5.xml:2529 msgid "<quote>none</quote> disables hostid explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2511 +#: sssd.conf.5.xml:2542 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -2967,7 +3002,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2520 +#: sssd.conf.5.xml:2551 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -2976,29 +3011,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2525 +#: sssd.conf.5.xml:2556 msgid "username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2528 +#: sssd.conf.5.xml:2559 msgid "username@domain.name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2531 +#: sssd.conf.5.xml:2562 msgid "domain\\username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2534 +#: sssd.conf.5.xml:2565 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2539 +#: sssd.conf.5.xml:2570 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -3006,7 +3041,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2545 +#: sssd.conf.5.xml:2576 msgid "" "PLEASE NOTE: the support for non-unique named subpatterns is not available " "on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre " @@ -3014,66 +3049,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2552 +#: sssd.conf.5.xml:2583 msgid "" "PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?" "P<name>) to label subpatterns." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2599 +#: sssd.conf.5.xml:2630 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "Noklusējuma: <quote>%1$s@%2$s</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2605 +#: sssd.conf.5.xml:2636 msgid "lookup_family_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2608 +#: sssd.conf.5.xml:2639 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2612 +#: sssd.conf.5.xml:2643 msgid "Supported values:" msgstr "Atbalstītās vērtības:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2615 +#: sssd.conf.5.xml:2646 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2618 +#: sssd.conf.5.xml:2649 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2621 +#: sssd.conf.5.xml:2652 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2624 +#: sssd.conf.5.xml:2655 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2627 +#: sssd.conf.5.xml:2658 msgid "Default: ipv4_first" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2633 +#: sssd.conf.5.xml:2664 msgid "dns_resolver_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2636 +#: sssd.conf.5.xml:2667 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the " "internal fail over service before assuming that the service is unreachable. " @@ -3082,77 +3117,77 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2643 +#: sssd.conf.5.xml:2674 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2648 sssd-ldap.5.xml:1278 sssd-ldap.5.xml:1320 -#: sssd-ldap.5.xml:1338 sssd-krb5.5.xml:248 +#: sssd.conf.5.xml:2679 sssd-ldap.5.xml:1396 sssd-ldap.5.xml:1438 +#: sssd-ldap.5.xml:1456 sssd-krb5.5.xml:248 msgid "Default: 6" msgstr "Noklusējuma: 6" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2654 +#: sssd.conf.5.xml:2685 msgid "dns_discovery_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2657 +#: sssd.conf.5.xml:2688 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2661 +#: sssd.conf.5.xml:2692 msgid "Default: Use the domain part of machine's hostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2667 +#: sssd.conf.5.xml:2698 msgid "override_gid (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2670 +#: sssd.conf.5.xml:2701 msgid "Override the primary GID value with the one specified." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2676 +#: sssd.conf.5.xml:2707 msgid "case_sensitive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2684 +#: sssd.conf.5.xml:2715 msgid "True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2687 +#: sssd.conf.5.xml:2718 msgid "Case sensitive. This value is invalid for AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2693 +#: sssd.conf.5.xml:2724 msgid "False" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2695 +#: sssd.conf.5.xml:2726 msgid "Case insensitive." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2699 +#: sssd.conf.5.xml:2730 msgid "Preserving" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2702 +#: sssd.conf.5.xml:2733 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " @@ -3160,7 +3195,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2679 +#: sssd.conf.5.xml:2710 msgid "" "Treat user and group names as case sensitive. At the moment, this option is " "not supported in the local provider. Possible option values are: " @@ -3168,17 +3203,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2714 +#: sssd.conf.5.xml:2745 msgid "Default: True (False for AD provider)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2720 +#: sssd.conf.5.xml:2751 msgid "subdomain_inherit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2723 +#: sssd.conf.5.xml:2754 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " @@ -3186,34 +3221,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2729 +#: sssd.conf.5.xml:2760 msgid "ignore_group_members" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2732 +#: sssd.conf.5.xml:2763 msgid "ldap_purge_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2735 sssd-ldap.5.xml:1111 +#: sssd.conf.5.xml:2766 sssd-ldap.5.xml:1120 msgid "ldap_use_tokengroups" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2738 +#: sssd.conf.5.xml:2769 msgid "ldap_user_principal" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2741 +#: sssd.conf.5.xml:2772 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:2747 +#: sssd.conf.5.xml:2778 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" @@ -3221,32 +3256,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2745 sssd-secrets.5.xml:448 +#: sssd.conf.5.xml:2776 sssd-secrets.5.xml:448 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2754 +#: sssd.conf.5.xml:2785 msgid "Note: This option only works with the IPA and AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2761 +#: sssd.conf.5.xml:2792 msgid "subdomain_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2772 +#: sssd.conf.5.xml:2803 msgid "%F" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2773 +#: sssd.conf.5.xml:2804 msgid "flat (NetBIOS) name of a subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2764 +#: sssd.conf.5.xml:2795 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -3256,34 +3291,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2778 +#: sssd.conf.5.xml:2809 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2782 +#: sssd.conf.5.xml:2813 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2787 +#: sssd.conf.5.xml:2818 msgid "realmd_tags (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2790 +#: sssd.conf.5.xml:2821 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2796 +#: sssd.conf.5.xml:2827 msgid "cached_auth_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2799 +#: sssd.conf.5.xml:2830 msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " @@ -3291,20 +3326,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2805 +#: sssd.conf.5.xml:2836 msgid "Special value 0 implies that this feature is disabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2809 +#: sssd.conf.5.xml:2840 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " "<quote>initgroups.</quote>" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2851 +msgid "auto_private_groups (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2854 +msgid "" +"If this option is enabled, SSSD will automatically create user private " +"groups based on user's UID number. The GID number is ignored in this case." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2859 +msgid "" +"For POSIX subdomains, setting the option in the main domain is inherited in " +"the subdomain." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2863 +msgid "" +"For ID-mapping subdomains, auto_private_groups is already enabled for the " +"subdomains and setting it to false will not have any effect for the " +"subdomain." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2868 +msgid "" +"NOTE: Because the GID number and the user private group are inferred from " +"the UID number, it is not supported to have multiple entries with the same " +"UID or GID number with this option. In other words, enabling this option " +"enforces uniqueness across the ID space." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1670 +#: sssd.conf.5.xml:1677 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -3312,29 +3383,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2827 +#: sssd.conf.5.xml:2887 msgid "proxy_pam_target (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2830 +#: sssd.conf.5.xml:2890 msgid "The proxy target PAM proxies to." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2833 +#: sssd.conf.5.xml:2893 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2841 +#: sssd.conf.5.xml:2901 msgid "proxy_lib_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2844 +#: sssd.conf.5.xml:2904 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -3342,12 +3413,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2854 +#: sssd.conf.5.xml:2914 msgid "proxy_fast_alias (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2857 +#: sssd.conf.5.xml:2917 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -3356,12 +3427,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2871 +#: sssd.conf.5.xml:2931 msgid "proxy_max_children (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2874 +#: sssd.conf.5.xml:2934 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " @@ -3369,19 +3440,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:2823 +#: sssd.conf.5.xml:2883 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2890 +#: sssd.conf.5.xml:2950 msgid "Application domains" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2892 +#: sssd.conf.5.xml:2952 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> <refentrytitle>sssd-ifp</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) is appealing to " @@ -3398,7 +3469,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2912 +#: sssd.conf.5.xml:2972 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " @@ -3406,17 +3477,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:2918 +#: sssd.conf.5.xml:2978 msgid "Application domain parameters" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2920 +#: sssd.conf.5.xml:2980 msgid "inherit_from (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2923 +#: sssd.conf.5.xml:2983 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " @@ -3425,7 +3496,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2937 +#: sssd.conf.5.xml:2997 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " @@ -3435,7 +3506,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:2945 +#: sssd.conf.5.xml:3005 #, no-wrap msgid "" "[sssd]\n" @@ -3455,12 +3526,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2963 +#: sssd.conf.5.xml:3023 msgid "The local domain section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2965 +#: sssd.conf.5.xml:3025 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -3468,73 +3539,73 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2972 +#: sssd.conf.5.xml:3032 msgid "default_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2975 +#: sssd.conf.5.xml:3035 msgid "The default shell for users created with SSSD userspace tools." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2979 +#: sssd.conf.5.xml:3039 msgid "Default: <filename>/bin/bash</filename>" msgstr "Noklusējuma: <filename>/bin/bash</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2984 +#: sssd.conf.5.xml:3044 msgid "base_directory (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2987 +#: sssd.conf.5.xml:3047 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2992 +#: sssd.conf.5.xml:3052 msgid "Default: <filename>/home</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2997 +#: sssd.conf.5.xml:3057 msgid "create_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3000 +#: sssd.conf.5.xml:3060 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3004 sssd.conf.5.xml:3016 +#: sssd.conf.5.xml:3064 sssd.conf.5.xml:3076 msgid "Default: TRUE" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3009 +#: sssd.conf.5.xml:3069 msgid "remove_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3012 +#: sssd.conf.5.xml:3072 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3021 +#: sssd.conf.5.xml:3081 msgid "homedir_umask (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3024 +#: sssd.conf.5.xml:3084 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -3542,17 +3613,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3032 +#: sssd.conf.5.xml:3092 msgid "Default: 077" msgstr "Noklusējuma: 077" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3037 +#: sssd.conf.5.xml:3097 msgid "skel_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3040 +#: sssd.conf.5.xml:3100 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -3561,17 +3632,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3050 +#: sssd.conf.5.xml:3110 msgid "Default: <filename>/etc/skel</filename>" msgstr "Noklusējuma: <filename>/etc/skel</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3055 +#: sssd.conf.5.xml:3115 msgid "mail_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3058 +#: sssd.conf.5.xml:3118 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -3579,17 +3650,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3065 +#: sssd.conf.5.xml:3125 msgid "Default: <filename>/var/mail</filename>" msgstr "Noklusējuma: <filename>/var/mail</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3070 +#: sssd.conf.5.xml:3130 msgid "userdel_cmd (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3073 +#: sssd.conf.5.xml:3133 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -3597,17 +3668,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3079 +#: sssd.conf.5.xml:3139 msgid "Default: None, no command is run" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3089 +#: sssd.conf.5.xml:3149 msgid "TRUSTED DOMAIN SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3091 +#: sssd.conf.5.xml:3151 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called <quote>[domain/" @@ -3618,64 +3689,64 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3098 +#: sssd.conf.5.xml:3158 msgid "ldap_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3099 +#: sssd.conf.5.xml:3159 msgid "ldap_user_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3100 +#: sssd.conf.5.xml:3160 msgid "ldap_group_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3101 +#: sssd.conf.5.xml:3161 msgid "ldap_netgroup_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3102 +#: sssd.conf.5.xml:3162 msgid "ldap_service_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3103 +#: sssd.conf.5.xml:3163 msgid "ad_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3104 +#: sssd.conf.5.xml:3164 msgid "ad_backup_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3105 +#: sssd.conf.5.xml:3165 msgid "ad_site," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3106 +#: sssd.conf.5.xml:3166 msgid "use_fully_qualified_names" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3108 +#: sssd.conf.5.xml:3168 msgid "" "For more details about these options see their individual description in the " "manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3114 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:3174 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3120 +#: sssd.conf.5.xml:3180 #, no-wrap msgid "" "[sssd]\n" @@ -3705,7 +3776,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3116 +#: sssd.conf.5.xml:3176 msgid "" "1. The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -3714,7 +3785,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3153 +#: sssd.conf.5.xml:3213 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" @@ -3722,7 +3793,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3147 +#: sssd.conf.5.xml:3207 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -3770,7 +3841,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:75 sssd-ad.5.xml:99 +#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:81 sssd-ad.5.xml:112 #: sssd-krb5.5.xml:63 sssd-ifp.5.xml:44 sssd-files.5.xml:57 #: sssd-secrets.5.xml:120 sssd-session-recording.5.xml:58 sssd-kcm.8.xml:139 msgid "CONFIGURATION OPTIONS" @@ -3871,7 +3942,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:662 sssd-ad.5.xml:270 +#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:662 sssd-ad.5.xml:283 #: sss_override.8.xml:137 sss_override.8.xml:234 msgid "Examples:" msgstr "" @@ -4072,7 +4143,7 @@ msgid "The LDAP attribute that corresponds to the user's primary group id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:297 sssd-ldap.5.xml:920 +#: sssd-ldap.5.xml:297 sssd-ldap.5.xml:929 msgid "Default: gidNumber" msgstr "" @@ -4150,7 +4221,7 @@ msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:364 sssd-ldap.5.xml:946 +#: sssd-ldap.5.xml:364 sssd-ldap.5.xml:955 msgid "" "Default: not set in the general case, objectGUID for AD and ipaUniqueID for " "IPA" @@ -4169,7 +4240,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:379 sssd-ldap.5.xml:961 +#: sssd-ldap.5.xml:379 sssd-ldap.5.xml:970 msgid "Default: objectSid for ActiveDirectory, not set for other servers." msgstr "" @@ -4179,14 +4250,14 @@ msgid "ldap_user_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:389 sssd-ldap.5.xml:971 sssd-ldap.5.xml:1194 +#: sssd-ldap.5.xml:389 sssd-ldap.5.xml:980 sssd-ldap.5.xml:1203 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:393 sssd-ldap.5.xml:975 sssd-ldap.5.xml:1201 +#: sssd-ldap.5.xml:393 sssd-ldap.5.xml:984 sssd-ldap.5.xml:1210 msgid "Default: modifyTimestamp" msgstr "" @@ -4518,7 +4589,7 @@ msgid "The LDAP attribute that contains the user's SSH public keys." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:692 +#: sssd-ldap.5.xml:692 sssd-ldap.5.xml:1306 msgid "Default: sshPublicKey" msgstr "" @@ -4581,8 +4652,8 @@ msgid "The LDAP attribute that corresponds to the user's full name." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:759 sssd-ldap.5.xml:1152 sssd-ldap.5.xml:1226 -#: sssd-ldap.5.xml:2276 sssd-ipa.5.xml:588 +#: sssd-ldap.5.xml:759 sssd-ldap.5.xml:1161 sssd-ldap.5.xml:1235 +#: sssd-ldap.5.xml:1344 sssd-ldap.5.xml:2394 sssd-ipa.5.xml:607 msgid "Default: cn" msgstr "" @@ -4597,7 +4668,7 @@ msgid "The LDAP attribute that lists the user's group memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:772 +#: sssd-ldap.5.xml:772 sssd-ldap.5.xml:1274 msgid "Default: memberOf" msgstr "" @@ -4731,105 +4802,115 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:881 +msgid "" +"Note: If an email address of a user conflicts with an email address or fully " +"qualified name of another user, then SSSD will not be able to serve those " +"users properly. If for some reason several users need to share the same " +"email address then set this option to a nonexistent attribute name in order " +"to disable user lookup/login by email." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:890 msgid "Default: mail" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:887 +#: sssd-ldap.5.xml:896 msgid "ldap_group_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:890 +#: sssd-ldap.5.xml:899 msgid "The object class of a group entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:893 +#: sssd-ldap.5.xml:902 msgid "Default: posixGroup" msgstr "Noklusējuma: posixGroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:899 +#: sssd-ldap.5.xml:908 msgid "ldap_group_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:902 +#: sssd-ldap.5.xml:911 msgid "The LDAP attribute that corresponds to the group name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:906 +#: sssd-ldap.5.xml:915 msgid "Default: cn (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:913 +#: sssd-ldap.5.xml:922 msgid "ldap_group_gid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:916 +#: sssd-ldap.5.xml:925 msgid "The LDAP attribute that corresponds to the group's id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:926 +#: sssd-ldap.5.xml:935 msgid "ldap_group_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:929 +#: sssd-ldap.5.xml:938 msgid "The LDAP attribute that contains the names of the group's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:933 +#: sssd-ldap.5.xml:942 msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:939 +#: sssd-ldap.5.xml:948 msgid "ldap_group_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:942 +#: sssd-ldap.5.xml:951 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:953 +#: sssd-ldap.5.xml:962 msgid "ldap_group_objectsid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:956 +#: sssd-ldap.5.xml:965 msgid "" "The LDAP attribute that contains the objectSID of an LDAP group object. This " "is usually only necessary for ActiveDirectory servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:968 +#: sssd-ldap.5.xml:977 msgid "ldap_group_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:981 +#: sssd-ldap.5.xml:990 msgid "ldap_group_type (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:984 +#: sssd-ldap.5.xml:993 msgid "" "The LDAP attribute that contains an integer value indicating the type of the " "group and maybe other flags." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:989 +#: sssd-ldap.5.xml:998 msgid "" "This attribute is currently only used by the AD provider to determine if a " "group is a domain local groups and has to be filtered out for trusted " @@ -4837,34 +4918,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:995 +#: sssd-ldap.5.xml:1004 msgid "Default: groupType in the AD provider, otherwise not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1002 +#: sssd-ldap.5.xml:1011 msgid "ldap_group_external_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1005 +#: sssd-ldap.5.xml:1014 msgid "" "The LDAP attribute that references group members that are defined in an " "external domain. At the moment, only IPA's external members are supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1011 +#: sssd-ldap.5.xml:1020 msgid "Default: ipaExternalMember in the IPA provider, otherwise unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1018 +#: sssd-ldap.5.xml:1027 msgid "ldap_group_nesting_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1021 +#: sssd-ldap.5.xml:1030 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -4872,7 +4953,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1028 +#: sssd-ldap.5.xml:1037 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -4882,7 +4963,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1037 +#: sssd-ldap.5.xml:1046 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " @@ -4892,17 +4973,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1046 +#: sssd-ldap.5.xml:1055 msgid "Default: 2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1052 +#: sssd-ldap.5.xml:1061 msgid "ldap_groups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1055 +#: sssd-ldap.5.xml:1064 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which may speed up group lookup operations on deployments with " @@ -4910,14 +4991,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1061 +#: sssd-ldap.5.xml:1070 msgid "" "In most common cases, it is best to leave this option disabled. It generally " "only provides a performance increase on very complex nestings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1066 sssd-ldap.5.xml:1093 +#: sssd-ldap.5.xml:1075 sssd-ldap.5.xml:1102 msgid "" "If this option is enabled, SSSD will use it if it detects that the server " "supports it during initial connection. So \"True\" here essentially means " @@ -4925,7 +5006,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1072 sssd-ldap.5.xml:1099 +#: sssd-ldap.5.xml:1081 sssd-ldap.5.xml:1108 msgid "" "Note: This feature is currently known to work only with Active Directory " "2008 R1 and later. See <ulink url=\"http://msdn.microsoft.com/en-us/library/" @@ -4934,12 +5015,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1084 +#: sssd-ldap.5.xml:1093 msgid "ldap_initgroups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1087 +#: sssd-ldap.5.xml:1096 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which might speed up initgroups operations (most notably when " @@ -4947,168 +5028,272 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1114 +#: sssd-ldap.5.xml:1123 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1119 +#: sssd-ldap.5.xml:1128 msgid "Default: True for AD and IPA otherwise False." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1125 +#: sssd-ldap.5.xml:1134 msgid "ldap_netgroup_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1128 +#: sssd-ldap.5.xml:1137 msgid "The object class of a netgroup entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1131 +#: sssd-ldap.5.xml:1140 msgid "In IPA provider, ipa_netgroup_object_class should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1135 +#: sssd-ldap.5.xml:1144 msgid "Default: nisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1141 +#: sssd-ldap.5.xml:1150 msgid "ldap_netgroup_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1144 +#: sssd-ldap.5.xml:1153 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1148 +#: sssd-ldap.5.xml:1157 msgid "In IPA provider, ipa_netgroup_name should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1158 +#: sssd-ldap.5.xml:1167 msgid "ldap_netgroup_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1161 +#: sssd-ldap.5.xml:1170 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1165 +#: sssd-ldap.5.xml:1174 msgid "In IPA provider, ipa_netgroup_member should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1169 +#: sssd-ldap.5.xml:1178 msgid "Default: memberNisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1175 +#: sssd-ldap.5.xml:1184 msgid "ldap_netgroup_triple (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1178 +#: sssd-ldap.5.xml:1187 msgid "" "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1182 sssd-ldap.5.xml:1198 +#: sssd-ldap.5.xml:1191 sssd-ldap.5.xml:1207 msgid "This option is not available in IPA provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1185 +#: sssd-ldap.5.xml:1194 msgid "Default: nisNetgroupTriple" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1191 +#: sssd-ldap.5.xml:1200 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1207 -msgid "ldap_service_object_class (string)" +#: sssd-ldap.5.xml:1216 +msgid "ldap_host_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1210 -msgid "The object class of a service entry in LDAP." +#: sssd-ldap.5.xml:1219 +msgid "The object class of a host entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1213 +#: sssd-ldap.5.xml:1222 sssd-ldap.5.xml:1331 msgid "Default: ipService" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1219 +#: sssd-ldap.5.xml:1228 +msgid "ldap_host_name (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1231 sssd-ldap.5.xml:1257 +msgid "The LDAP attribute that corresponds to the host's name." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1241 +msgid "ldap_host_fqdn (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1244 +msgid "" +"The LDAP attribute that corresponds to the host's fully-qualified domain " +"name." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1248 +#, fuzzy +#| msgid "Default: 1" +msgid "Default: fqdn" +msgstr "Noklusējuma: 1" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1254 +msgid "ldap_host_serverhostname (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1261 +#, fuzzy +#| msgid "Default: /tmp" +msgid "Default: serverHostname" +msgstr "Noklusējuma: / tmp" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1267 +msgid "ldap_host_member_of (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1270 +msgid "The LDAP attribute that lists the host's group memberships." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1280 +msgid "ldap_host_search_base (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1283 +msgid "Optional. Use the given string as search base for host objects." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1287 sssd-ipa.5.xml:359 sssd-ipa.5.xml:378 +#: sssd-ipa.5.xml:397 sssd-ipa.5.xml:416 +msgid "" +"See <quote>ldap_search_base</quote> for information about configuring " +"multiple search bases." +msgstr "" + +#. type: Content of: <listitem><para> +#: sssd-ldap.5.xml:1292 sssd-ipa.5.xml:364 include/ldap_search_bases.xml:27 +msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1299 +msgid "ldap_host_ssh_public_key (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1302 +msgid "The LDAP attribute that contains the host's SSH public keys." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1312 +msgid "ldap_host_uuid (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1315 +msgid "The LDAP attribute that contains the UUID/GUID of an LDAP host object." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1325 +msgid "ldap_service_object_class (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1328 +msgid "The object class of a service entry in LDAP." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1337 msgid "ldap_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1222 +#: sssd-ldap.5.xml:1340 msgid "" "The LDAP attribute that contains the name of service attributes and their " "aliases." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1232 +#: sssd-ldap.5.xml:1350 msgid "ldap_service_port (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1235 +#: sssd-ldap.5.xml:1353 msgid "The LDAP attribute that contains the port managed by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1239 +#: sssd-ldap.5.xml:1357 msgid "Default: ipServicePort" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1245 +#: sssd-ldap.5.xml:1363 msgid "ldap_service_proto (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1248 +#: sssd-ldap.5.xml:1366 msgid "" "The LDAP attribute that contains the protocols understood by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1252 +#: sssd-ldap.5.xml:1370 msgid "Default: ipServiceProtocol" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1258 +#: sssd-ldap.5.xml:1376 msgid "ldap_service_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1263 +#: sssd-ldap.5.xml:1381 msgid "ldap_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1266 +#: sssd-ldap.5.xml:1384 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -5116,7 +5301,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1272 +#: sssd-ldap.5.xml:1390 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -5124,12 +5309,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1284 +#: sssd-ldap.5.xml:1402 msgid "ldap_enumeration_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1287 +#: sssd-ldap.5.xml:1405 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -5137,12 +5322,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1300 +#: sssd-ldap.5.xml:1418 msgid "ldap_network_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1303 +#: sssd-ldap.5.xml:1421 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -5153,12 +5338,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1326 +#: sssd-ldap.5.xml:1444 msgid "ldap_opt_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1329 +#: sssd-ldap.5.xml:1447 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -5167,12 +5352,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1344 +#: sssd-ldap.5.xml:1462 msgid "ldap_connection_expire_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1347 +#: sssd-ldap.5.xml:1465 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -5181,34 +5366,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1355 sssd-ldap.5.xml:2433 +#: sssd-ldap.5.xml:1473 sssd-ldap.5.xml:2551 msgid "Default: 900 (15 minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1361 +#: sssd-ldap.5.xml:1479 msgid "ldap_page_size (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1364 +#: sssd-ldap.5.xml:1482 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1369 +#: sssd-ldap.5.xml:1487 msgid "Default: 1000" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1375 +#: sssd-ldap.5.xml:1493 msgid "ldap_disable_paging (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1378 +#: sssd-ldap.5.xml:1496 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -5216,14 +5401,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1384 +#: sssd-ldap.5.xml:1502 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1390 +#: sssd-ldap.5.xml:1508 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -5231,17 +5416,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1402 +#: sssd-ldap.5.xml:1520 msgid "ldap_disable_range_retrieval (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1405 +#: sssd-ldap.5.xml:1523 msgid "Disable Active Directory range retrieval." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1408 +#: sssd-ldap.5.xml:1526 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -5251,12 +5436,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1423 +#: sssd-ldap.5.xml:1541 msgid "ldap_sasl_minssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1426 +#: sssd-ldap.5.xml:1544 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -5264,17 +5449,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1432 +#: sssd-ldap.5.xml:1550 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1439 +#: sssd-ldap.5.xml:1557 msgid "ldap_deref_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1442 +#: sssd-ldap.5.xml:1560 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -5282,13 +5467,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1448 +#: sssd-ldap.5.xml:1566 msgid "" "You can turn off dereference lookups completely by setting the value to 0." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1452 +#: sssd-ldap.5.xml:1570 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -5297,7 +5482,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1460 +#: sssd-ldap.5.xml:1578 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -5305,26 +5490,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1473 +#: sssd-ldap.5.xml:1591 msgid "ldap_tls_reqcert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1476 +#: sssd-ldap.5.xml:1594 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1482 +#: sssd-ldap.5.xml:1600 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1486 +#: sssd-ldap.5.xml:1604 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5332,7 +5517,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1493 +#: sssd-ldap.5.xml:1611 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5340,7 +5525,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1499 +#: sssd-ldap.5.xml:1617 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -5348,41 +5533,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1505 +#: sssd-ldap.5.xml:1623 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1509 +#: sssd-ldap.5.xml:1627 msgid "Default: hard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1515 +#: sssd-ldap.5.xml:1633 msgid "ldap_tls_cacert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1518 +#: sssd-ldap.5.xml:1636 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1523 sssd-ldap.5.xml:1541 sssd-ldap.5.xml:1582 +#: sssd-ldap.5.xml:1641 sssd-ldap.5.xml:1659 sssd-ldap.5.xml:1700 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1530 +#: sssd-ldap.5.xml:1648 msgid "ldap_tls_cacertdir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1533 +#: sssd-ldap.5.xml:1651 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -5391,32 +5576,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1548 +#: sssd-ldap.5.xml:1666 msgid "ldap_tls_cert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1551 +#: sssd-ldap.5.xml:1669 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1561 +#: sssd-ldap.5.xml:1679 msgid "ldap_tls_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1564 +#: sssd-ldap.5.xml:1682 msgid "Specifies the file that contains the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1573 +#: sssd-ldap.5.xml:1691 msgid "ldap_tls_cipher_suite (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1576 +#: sssd-ldap.5.xml:1694 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -5424,24 +5609,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1589 +#: sssd-ldap.5.xml:1707 msgid "ldap_id_use_start_tls (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1592 +#: sssd-ldap.5.xml:1710 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1602 +#: sssd-ldap.5.xml:1720 msgid "ldap_id_mapping (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1605 +#: sssd-ldap.5.xml:1723 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -5449,17 +5634,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1611 +#: sssd-ldap.5.xml:1729 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1621 +#: sssd-ldap.5.xml:1739 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1624 +#: sssd-ldap.5.xml:1742 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -5470,29 +5655,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1636 +#: sssd-ldap.5.xml:1754 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1642 +#: sssd-ldap.5.xml:1760 msgid "ldap_sasl_mech (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1645 +#: sssd-ldap.5.xml:1763 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI is tested and " "supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1655 +#: sssd-ldap.5.xml:1773 msgid "ldap_sasl_authid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1658 +#: sssd-ldap.5.xml:1776 msgid "" "Specify the SASL authorization id to use. When GSSAPI is used, this " "represents the Kerberos principal used for authentication to the directory. " @@ -5501,17 +5686,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1666 +#: sssd-ldap.5.xml:1784 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1672 +#: sssd-ldap.5.xml:1790 msgid "ldap_sasl_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1675 +#: sssd-ldap.5.xml:1793 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -5519,49 +5704,49 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1681 +#: sssd-ldap.5.xml:1799 msgid "Default: the value of krb5_realm." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1687 +#: sssd-ldap.5.xml:1805 msgid "ldap_sasl_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1690 +#: sssd-ldap.5.xml:1808 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1695 +#: sssd-ldap.5.xml:1813 msgid "Default: false;" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1701 +#: sssd-ldap.5.xml:1819 msgid "ldap_krb5_keytab (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1704 +#: sssd-ldap.5.xml:1822 msgid "Specify the keytab to use when using SASL/GSSAPI." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1707 +#: sssd-ldap.5.xml:1825 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1713 +#: sssd-ldap.5.xml:1831 msgid "ldap_krb5_init_creds (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1716 +#: sssd-ldap.5.xml:1834 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -5569,27 +5754,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1728 +#: sssd-ldap.5.xml:1846 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1731 +#: sssd-ldap.5.xml:1849 msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1735 sssd-ad.5.xml:914 +#: sssd-ldap.5.xml:1853 sssd-ad.5.xml:934 msgid "Default: 86400 (24 hours)" msgstr "Noklusējuma: 86400 (24 stundas)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1741 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1859 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1744 +#: sssd-ldap.5.xml:1862 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -5601,7 +5786,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1756 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1874 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -5609,7 +5794,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1761 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1879 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -5617,39 +5802,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1770 sssd-ipa.5.xml:432 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1888 sssd-ipa.5.xml:428 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1773 +#: sssd-ldap.5.xml:1891 msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1776 +#: sssd-ldap.5.xml:1894 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1782 sssd-krb5.5.xml:462 +#: sssd-ldap.5.xml:1900 sssd-krb5.5.xml:462 msgid "krb5_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1785 +#: sssd-ldap.5.xml:1903 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1797 sssd-krb5.5.xml:477 +#: sssd-ldap.5.xml:1915 sssd-krb5.5.xml:477 msgid "krb5_use_kdcinfo (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1800 sssd-krb5.5.xml:480 +#: sssd-ldap.5.xml:1918 sssd-krb5.5.xml:480 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -5659,7 +5844,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1811 sssd-krb5.5.xml:491 +#: sssd-ldap.5.xml:1929 sssd-krb5.5.xml:491 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -5667,26 +5852,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1825 +#: sssd-ldap.5.xml:1943 msgid "ldap_pwd_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1828 +#: sssd-ldap.5.xml:1946 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1833 +#: sssd-ldap.5.xml:1951 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1838 +#: sssd-ldap.5.xml:1956 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -5694,7 +5879,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1844 +#: sssd-ldap.5.xml:1962 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -5702,31 +5887,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1853 +#: sssd-ldap.5.xml:1971 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1861 +#: sssd-ldap.5.xml:1979 msgid "ldap_referrals (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1864 +#: sssd-ldap.5.xml:1982 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1868 +#: sssd-ldap.5.xml:1986 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1873 +#: sssd-ldap.5.xml:1991 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -5735,56 +5920,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1887 +#: sssd-ldap.5.xml:2005 msgid "ldap_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1890 +#: sssd-ldap.5.xml:2008 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1894 +#: sssd-ldap.5.xml:2012 msgid "Default: ldap" msgstr "Noklusējuma: ldap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1900 +#: sssd-ldap.5.xml:2018 msgid "ldap_chpass_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1903 +#: sssd-ldap.5.xml:2021 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1908 +#: sssd-ldap.5.xml:2026 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1914 +#: sssd-ldap.5.xml:2032 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1917 +#: sssd-ldap.5.xml:2035 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1929 +#: sssd-ldap.5.xml:2047 msgid "ldap_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1932 +#: sssd-ldap.5.xml:2050 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -5800,12 +5985,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1952 +#: sssd-ldap.5.xml:2070 msgid "Example:" msgstr "Piemērs:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1955 +#: sssd-ldap.5.xml:2073 #, no-wrap msgid "" "access_provider = ldap\n" @@ -5814,14 +5999,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1959 +#: sssd-ldap.5.xml:2077 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1964 +#: sssd-ldap.5.xml:2082 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -5830,24 +6015,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1972 sssd-ldap.5.xml:2029 +#: sssd-ldap.5.xml:2090 sssd-ldap.5.xml:2147 msgid "Default: Empty" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1978 +#: sssd-ldap.5.xml:2096 msgid "ldap_account_expire_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1981 +#: sssd-ldap.5.xml:2099 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1985 +#: sssd-ldap.5.xml:2103 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -5855,19 +6040,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1992 +#: sssd-ldap.5.xml:2110 msgid "The following values are allowed:" msgstr "Atļautas šādas vērtības:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1995 +#: sssd-ldap.5.xml:2113 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2000 +#: sssd-ldap.5.xml:2118 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -5876,7 +6061,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2007 +#: sssd-ldap.5.xml:2125 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -5884,7 +6069,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2013 +#: sssd-ldap.5.xml:2131 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -5893,7 +6078,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2022 +#: sssd-ldap.5.xml:2140 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -5901,22 +6086,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2035 +#: sssd-ldap.5.xml:2153 msgid "ldap_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2038 +#: sssd-ldap.5.xml:2156 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2042 +#: sssd-ldap.5.xml:2160 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2045 +#: sssd-ldap.5.xml:2163 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -5926,14 +6111,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2055 +#: sssd-ldap.5.xml:2173 msgid "" "<emphasis> Please note that this option is superseded by the <quote>ppolicy</" "quote> option and might be removed in a future release. </emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2062 +#: sssd-ldap.5.xml:2180 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -5946,12 +6131,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2079 +#: sssd-ldap.5.xml:2197 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2083 +#: sssd-ldap.5.xml:2201 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " @@ -5961,7 +6146,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2093 +#: sssd-ldap.5.xml:2211 msgid "" "The difference between these options is the action taken if user password is " "expired: pwd_expire_policy_reject - user is denied to log in, " @@ -5971,63 +6156,63 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2101 +#: sssd-ldap.5.xml:2219 msgid "" "Note If user password is expired no explicit message is prompted by SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2105 +#: sssd-ldap.5.xml:2223 msgid "" "Please note that 'access_provider = ldap' must be set for this feature to " "work. Also 'ldap_pwd_policy' must be set to an appropriate password policy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2110 +#: sssd-ldap.5.xml:2228 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2115 +#: sssd-ldap.5.xml:2233 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2119 +#: sssd-ldap.5.xml:2237 msgid "" "<emphasis>rhost</emphasis>: use the rhost attribute to determine whether " "remote host can access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2123 +#: sssd-ldap.5.xml:2241 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control option" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2128 +#: sssd-ldap.5.xml:2246 msgid "Default: filter" msgstr "Noklusējuma: filtrēt" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2131 +#: sssd-ldap.5.xml:2249 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2138 +#: sssd-ldap.5.xml:2256 msgid "ldap_pwdlockout_dn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2141 +#: sssd-ldap.5.xml:2259 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " @@ -6036,74 +6221,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2149 +#: sssd-ldap.5.xml:2267 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2152 +#: sssd-ldap.5.xml:2270 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2158 +#: sssd-ldap.5.xml:2276 msgid "ldap_deref (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2161 +#: sssd-ldap.5.xml:2279 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2166 +#: sssd-ldap.5.xml:2284 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2170 +#: sssd-ldap.5.xml:2288 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2175 +#: sssd-ldap.5.xml:2293 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2180 +#: sssd-ldap.5.xml:2298 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2185 +#: sssd-ldap.5.xml:2303 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2193 +#: sssd-ldap.5.xml:2311 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2196 +#: sssd-ldap.5.xml:2314 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2200 +#: sssd-ldap.5.xml:2318 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -6114,7 +6299,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2211 +#: sssd-ldap.5.xml:2329 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -6122,26 +6307,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2223 sssd-ifp.5.xml:136 +#: sssd-ldap.5.xml:2341 sssd-ifp.5.xml:136 #, fuzzy #| msgid "timeout (integer)" msgid "wildcard_limit (integer)" msgstr "noildze (vesels skaitlis)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2226 +#: sssd-ldap.5.xml:2344 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2230 +#: sssd-ldap.5.xml:2348 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2234 +#: sssd-ldap.5.xml:2352 msgid "Default: 1000 (often the size of one page)" msgstr "" @@ -6156,12 +6341,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2244 +#: sssd-ldap.5.xml:2362 msgid "SUDO OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2246 +#: sssd-ldap.5.xml:2364 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -6169,208 +6354,208 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2257 +#: sssd-ldap.5.xml:2375 msgid "ldap_sudorule_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2260 +#: sssd-ldap.5.xml:2378 msgid "The object class of a sudo rule entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2263 +#: sssd-ldap.5.xml:2381 msgid "Default: sudoRole" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2269 +#: sssd-ldap.5.xml:2387 msgid "ldap_sudorule_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2272 +#: sssd-ldap.5.xml:2390 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2282 +#: sssd-ldap.5.xml:2400 msgid "ldap_sudorule_command (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2285 +#: sssd-ldap.5.xml:2403 msgid "The LDAP attribute that corresponds to the command name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2289 +#: sssd-ldap.5.xml:2407 msgid "Default: sudoCommand" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2295 +#: sssd-ldap.5.xml:2413 msgid "ldap_sudorule_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2298 +#: sssd-ldap.5.xml:2416 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2303 +#: sssd-ldap.5.xml:2421 msgid "Default: sudoHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2309 +#: sssd-ldap.5.xml:2427 msgid "ldap_sudorule_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2312 +#: sssd-ldap.5.xml:2430 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2316 +#: sssd-ldap.5.xml:2434 msgid "Default: sudoUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2322 +#: sssd-ldap.5.xml:2440 msgid "ldap_sudorule_option (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2325 +#: sssd-ldap.5.xml:2443 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2329 +#: sssd-ldap.5.xml:2447 msgid "Default: sudoOption" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2335 +#: sssd-ldap.5.xml:2453 msgid "ldap_sudorule_runasuser (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2338 +#: sssd-ldap.5.xml:2456 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2342 +#: sssd-ldap.5.xml:2460 msgid "Default: sudoRunAsUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2348 +#: sssd-ldap.5.xml:2466 msgid "ldap_sudorule_runasgroup (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2351 +#: sssd-ldap.5.xml:2469 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2355 +#: sssd-ldap.5.xml:2473 msgid "Default: sudoRunAsGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2361 +#: sssd-ldap.5.xml:2479 msgid "ldap_sudorule_notbefore (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2364 +#: sssd-ldap.5.xml:2482 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2368 +#: sssd-ldap.5.xml:2486 msgid "Default: sudoNotBefore" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2374 +#: sssd-ldap.5.xml:2492 msgid "ldap_sudorule_notafter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2377 +#: sssd-ldap.5.xml:2495 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2382 +#: sssd-ldap.5.xml:2500 msgid "Default: sudoNotAfter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2388 +#: sssd-ldap.5.xml:2506 msgid "ldap_sudorule_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2391 +#: sssd-ldap.5.xml:2509 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2395 +#: sssd-ldap.5.xml:2513 msgid "Default: sudoOrder" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2401 +#: sssd-ldap.5.xml:2519 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2404 +#: sssd-ldap.5.xml:2522 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2409 +#: sssd-ldap.5.xml:2527 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2414 +#: sssd-ldap.5.xml:2532 msgid "Default: 21600 (6 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2420 +#: sssd-ldap.5.xml:2538 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2423 +#: sssd-ldap.5.xml:2541 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest USN " @@ -6378,101 +6563,101 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2429 +#: sssd-ldap.5.xml:2547 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2439 +#: sssd-ldap.5.xml:2557 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2442 +#: sssd-ldap.5.xml:2560 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2453 +#: sssd-ldap.5.xml:2571 msgid "ldap_sudo_hostnames (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2456 +#: sssd-ldap.5.xml:2574 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2461 +#: sssd-ldap.5.xml:2579 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2466 sssd-ldap.5.xml:2489 sssd-ldap.5.xml:2507 -#: sssd-ldap.5.xml:2525 +#: sssd-ldap.5.xml:2584 sssd-ldap.5.xml:2607 sssd-ldap.5.xml:2625 +#: sssd-ldap.5.xml:2643 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2471 sssd-ldap.5.xml:2494 +#: sssd-ldap.5.xml:2589 sssd-ldap.5.xml:2612 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2477 +#: sssd-ldap.5.xml:2595 msgid "ldap_sudo_ip (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2480 +#: sssd-ldap.5.xml:2598 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2485 +#: sssd-ldap.5.xml:2603 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2500 +#: sssd-ldap.5.xml:2618 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2503 +#: sssd-ldap.5.xml:2621 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2518 +#: sssd-ldap.5.xml:2636 msgid "ldap_sudo_include_regexp (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2521 +#: sssd-ldap.5.xml:2639 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2537 +#: sssd-ldap.5.xml:2655 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -6481,111 +6666,111 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2547 +#: sssd-ldap.5.xml:2665 msgid "AUTOFS OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2549 +#: sssd-ldap.5.xml:2667 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2555 +#: sssd-ldap.5.xml:2673 msgid "ldap_autofs_map_master_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2558 +#: sssd-ldap.5.xml:2676 msgid "The name of the automount master map in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2561 +#: sssd-ldap.5.xml:2679 msgid "Default: auto.master" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2568 +#: sssd-ldap.5.xml:2686 msgid "ldap_autofs_map_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2571 +#: sssd-ldap.5.xml:2689 msgid "The object class of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2574 +#: sssd-ldap.5.xml:2692 msgid "Default: nisMap (rfc2307, autofs_provider=ad), otherwise automountMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2582 +#: sssd-ldap.5.xml:2700 msgid "ldap_autofs_map_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2585 +#: sssd-ldap.5.xml:2703 msgid "The name of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2588 +#: sssd-ldap.5.xml:2706 msgid "" "Default: nisMapName (rfc2307, autofs_provider=ad), otherwise automountMapName" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2596 +#: sssd-ldap.5.xml:2714 msgid "ldap_autofs_entry_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2599 +#: sssd-ldap.5.xml:2717 msgid "" "The object class of an automount entry in LDAP. The entry usually " "corresponds to a mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2604 +#: sssd-ldap.5.xml:2722 msgid "Default: nisObject (rfc2307, autofs_provider=ad), otherwise automount" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2612 +#: sssd-ldap.5.xml:2730 msgid "ldap_autofs_entry_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2615 sssd-ldap.5.xml:2630 +#: sssd-ldap.5.xml:2733 sssd-ldap.5.xml:2748 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2619 +#: sssd-ldap.5.xml:2737 msgid "Default: cn (rfc2307, autofs_provider=ad), otherwise automountKey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2627 +#: sssd-ldap.5.xml:2745 msgid "ldap_autofs_entry_value (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2634 +#: sssd-ldap.5.xml:2752 msgid "" "Default: nisMapEntry (rfc2307, autofs_provider=ad), otherwise " "automountInformation" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2553 +#: sssd-ldap.5.xml:2671 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " @@ -6594,32 +6779,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2645 +#: sssd-ldap.5.xml:2763 msgid "ADVANCED OPTIONS" msgstr "PAPLAŠINĀTĀS IESPĒJAS" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2652 +#: sssd-ldap.5.xml:2770 msgid "ldap_netgroup_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2657 +#: sssd-ldap.5.xml:2775 msgid "ldap_user_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2662 +#: sssd-ldap.5.xml:2780 msgid "ldap_group_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> -#: sssd-ldap.5.xml:2667 +#: sssd-ldap.5.xml:2785 msgid "<note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> -#: sssd-ldap.5.xml:2669 +#: sssd-ldap.5.xml:2787 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " @@ -6628,22 +6813,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist> -#: sssd-ldap.5.xml:2676 +#: sssd-ldap.5.xml:2794 msgid "</note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2678 +#: sssd-ldap.5.xml:2796 msgid "ldap_sudo_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2683 +#: sssd-ldap.5.xml:2801 msgid "ldap_autofs_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2647 +#: sssd-ldap.5.xml:2765 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -6652,14 +6837,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2698 sssd-simple.5.xml:131 sssd-ipa.5.xml:717 -#: sssd-ad.5.xml:1018 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 +#: sssd-ldap.5.xml:2816 sssd-simple.5.xml:131 sssd-ipa.5.xml:736 +#: sssd-ad.5.xml:1038 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 #: sssd-files.5.xml:71 sssd-session-recording.5.xml:144 msgid "EXAMPLE" msgstr "PIEMĒRS" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2700 +#: sssd-ldap.5.xml:2818 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -6667,7 +6852,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2706 +#: sssd-ldap.5.xml:2824 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -6680,27 +6865,27 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2705 sssd-ldap.5.xml:2723 sssd-simple.5.xml:139 -#: sssd-ipa.5.xml:725 sssd-ad.5.xml:1026 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 +#: sssd-ldap.5.xml:2823 sssd-ldap.5.xml:2841 sssd-simple.5.xml:139 +#: sssd-ipa.5.xml:744 sssd-ad.5.xml:1046 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 #: sssd-files.5.xml:78 sssd-session-recording.5.xml:150 #: include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2717 +#: sssd-ldap.5.xml:2835 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2719 +#: sssd-ldap.5.xml:2837 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2724 +#: sssd-ldap.5.xml:2842 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -6716,13 +6901,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2739 sssd_krb5_locator_plugin.8.xml:61 sssd-simple.5.xml:148 -#: sssd-ad.5.xml:1041 sssd.8.xml:195 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2857 sssd_krb5_locator_plugin.8.xml:61 sssd-simple.5.xml:148 +#: sssd-ad.5.xml:1061 sssd.8.xml:230 sss_seed.8.xml:163 msgid "NOTES" msgstr "PIEZĪMES" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2741 +#: sssd-ldap.5.xml:2859 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -7128,7 +7313,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:70 sssd-ipa.5.xml:76 sssd-ad.5.xml:100 +#: sssd-simple.5.xml:70 sssd-ipa.5.xml:82 sssd-ad.5.xml:113 msgid "" "Refer to the section <quote>DOMAIN SECTIONS</quote> of the <citerefentry> " "<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" @@ -7978,7 +8163,7 @@ msgstr "" #: sss-certmap.5.xml:577 msgid "" "This template will add the OID which is stored in the registeredID component " -"of the SAN as as dotted-decimal string." +"of the SAN as a dotted-decimal string." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> @@ -8069,30 +8254,38 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:67 msgid "" +"If <quote>auth_provider=ipa</quote> or <quote>access_provider=ipa</quote> is " +"configured in sssd.conf then the id_provider must also be set to <quote>ipa</" +"quote>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:73 +msgid "" "The IPA provider will use the PAC responder if the Kerberos tickets of users " "from trusted realms contain a PAC. To make configuration easier the PAC " "responder is started automatically if the IPA ID provider is configured." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:83 +#: sssd-ipa.5.xml:89 msgid "ipa_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:86 +#: sssd-ipa.5.xml:92 msgid "" "Specifies the name of the IPA domain. This is optional. If not provided, " "the configuration domain name is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:94 +#: sssd-ipa.5.xml:100 msgid "ipa_server, ipa_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:97 +#: sssd-ipa.5.xml:103 msgid "" "The comma-separated list of IP addresses or hostnames of the IPA servers to " "which SSSD should connect in the order of preference. For more information " @@ -8102,12 +8295,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:110 +#: sssd-ipa.5.xml:116 msgid "ipa_hostname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:113 +#: sssd-ipa.5.xml:119 msgid "" "Optional. May be set on machines where the hostname(5) does not reflect the " "fully qualified name used in the IPA domain to identify this host. The " @@ -8115,12 +8308,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:122 sssd-ad.5.xml:843 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:863 msgid "dyndns_update (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:125 +#: sssd-ipa.5.xml:131 msgid "" "Optional. This option tells SSSD to automatically update the DNS server " "built into FreeIPA with the IP address of this client. The update is secured " @@ -8130,14 +8323,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:134 sssd-ad.5.xml:857 +#: sssd-ipa.5.xml:140 sssd-ad.5.xml:877 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:139 +#: sssd-ipa.5.xml:145 msgid "" "NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_update</" "emphasis> option, users should migrate to using <emphasis>dyndns_update</" @@ -8145,12 +8338,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:151 sssd-ad.5.xml:868 +#: sssd-ipa.5.xml:157 sssd-ad.5.xml:888 msgid "dyndns_ttl (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:154 sssd-ad.5.xml:871 +#: sssd-ipa.5.xml:160 sssd-ad.5.xml:891 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -8158,7 +8351,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:159 +#: sssd-ipa.5.xml:165 msgid "" "NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_ttl</" "emphasis> option, users should migrate to using <emphasis>dyndns_ttl</" @@ -8166,17 +8359,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:165 +#: sssd-ipa.5.xml:171 msgid "Default: 1200 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:171 sssd-ad.5.xml:882 +#: sssd-ipa.5.xml:177 sssd-ad.5.xml:902 msgid "dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:174 sssd-ad.5.xml:885 +#: sssd-ipa.5.xml:180 sssd-ad.5.xml:905 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " @@ -8185,7 +8378,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:181 +#: sssd-ipa.5.xml:187 msgid "" "NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_iface</" "emphasis> option, users should migrate to using <emphasis>dyndns_iface</" @@ -8193,24 +8386,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:187 +#: sssd-ipa.5.xml:193 msgid "" "Default: Use the IP addresses of the interface which is used for IPA LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:191 sssd-ad.5.xml:896 +#: sssd-ipa.5.xml:197 sssd-ad.5.xml:916 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:197 sssd-ad.5.xml:947 +#: sssd-ipa.5.xml:203 sssd-ad.5.xml:967 msgid "dyndns_auth (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:200 sssd-ad.5.xml:950 +#: sssd-ipa.5.xml:206 sssd-ad.5.xml:970 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " @@ -8218,22 +8411,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:206 sssd-ad.5.xml:956 +#: sssd-ipa.5.xml:212 sssd-ad.5.xml:976 msgid "Default: GSS-TSIG" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:212 +#: sssd-ipa.5.xml:218 msgid "ipa_enable_dns_sites (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:215 sssd-ad.5.xml:197 +#: sssd-ipa.5.xml:221 sssd-ad.5.xml:210 msgid "Enables DNS sites - location based service discovery." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:219 +#: sssd-ipa.5.xml:225 msgid "" "If true and service discovery (see Service Discovery paragraph at the bottom " "of the man page) is enabled, then the SSSD will first attempt location " @@ -8245,12 +8438,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:238 sssd-ad.5.xml:902 +#: sssd-ipa.5.xml:244 sssd-ad.5.xml:922 msgid "dyndns_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:241 +#: sssd-ipa.5.xml:247 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -8258,228 +8451,215 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:254 sssd-ad.5.xml:920 +#: sssd-ipa.5.xml:260 sssd-ad.5.xml:940 msgid "dyndns_update_ptr (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:257 sssd-ad.5.xml:923 +#: sssd-ipa.5.xml:263 sssd-ad.5.xml:943 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:262 +#: sssd-ipa.5.xml:268 msgid "" "This option should be False in most IPA deployments as the IPA server " "generates the PTR records automatically when forward records are changed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:268 +#: sssd-ipa.5.xml:274 msgid "Default: False (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:274 sssd-ad.5.xml:934 +#: sssd-ipa.5.xml:280 sssd-ad.5.xml:954 msgid "dyndns_force_tcp (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:277 sssd-ad.5.xml:937 +#: sssd-ipa.5.xml:283 sssd-ad.5.xml:957 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:281 sssd-ad.5.xml:941 +#: sssd-ipa.5.xml:287 sssd-ad.5.xml:961 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:287 sssd-ad.5.xml:962 +#: sssd-ipa.5.xml:293 sssd-ad.5.xml:982 msgid "dyndns_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:290 sssd-ad.5.xml:965 +#: sssd-ipa.5.xml:296 sssd-ad.5.xml:985 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:295 sssd-ad.5.xml:970 +#: sssd-ipa.5.xml:301 sssd-ad.5.xml:990 msgid "" "Setting this option makes sense for environments where the DNS server is " "different from the identity server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:300 sssd-ad.5.xml:975 +#: sssd-ipa.5.xml:306 sssd-ad.5.xml:995 msgid "" "Please note that this option will be only used in fallback attempt when " "previous attempt using autodetected settings failed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:305 sssd-ad.5.xml:980 +#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1000 msgid "Default: None (let nsupdate choose the server)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:311 +#: sssd-ipa.5.xml:317 msgid "ipa_deskprofile_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:314 +#: sssd-ipa.5.xml:320 msgid "" "Optional. Use the given string as search base for Desktop Profile related " "objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:318 sssd-ipa.5.xml:331 +#: sssd-ipa.5.xml:324 sssd-ipa.5.xml:337 msgid "Default: Use base DN" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:324 +#: sssd-ipa.5.xml:330 msgid "ipa_hbac_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:327 +#: sssd-ipa.5.xml:333 msgid "Optional. Use the given string as search base for HBAC related objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:337 +#: sssd-ipa.5.xml:343 msgid "ipa_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:340 -msgid "Optional. Use the given string as search base for host objects." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:344 sssd-ipa.5.xml:363 sssd-ipa.5.xml:382 sssd-ipa.5.xml:401 -#: sssd-ipa.5.xml:420 -msgid "" -"See <quote>ldap_search_base</quote> for information about configuring " -"multiple search bases." -msgstr "" - -#. type: Content of: <listitem><para> -#: sssd-ipa.5.xml:349 sssd-ipa.5.xml:368 include/ldap_search_bases.xml:27 -msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" +#: sssd-ipa.5.xml:346 +msgid "Deprecated. Use ldap_host_search_base instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:356 +#: sssd-ipa.5.xml:352 msgid "ipa_selinux_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:359 +#: sssd-ipa.5.xml:355 msgid "Optional. Use the given string as search base for SELinux user maps." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:375 +#: sssd-ipa.5.xml:371 msgid "ipa_subdomains_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:378 +#: sssd-ipa.5.xml:374 msgid "Optional. Use the given string as search base for trusted domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:387 +#: sssd-ipa.5.xml:383 msgid "Default: the value of <emphasis>cn=trusts,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:394 +#: sssd-ipa.5.xml:390 msgid "ipa_master_domain_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:397 +#: sssd-ipa.5.xml:393 msgid "Optional. Use the given string as search base for master domain object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:406 +#: sssd-ipa.5.xml:402 msgid "Default: the value of <emphasis>cn=ad,cn=etc,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:413 +#: sssd-ipa.5.xml:409 msgid "ipa_views_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:416 +#: sssd-ipa.5.xml:412 msgid "Optional. Use the given string as search base for views containers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:425 +#: sssd-ipa.5.xml:421 msgid "Default: the value of <emphasis>cn=views,cn=accounts,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:435 +#: sssd-ipa.5.xml:431 msgid "" "The name of the Kerberos realm. This is optional and defaults to the value " "of <quote>ipa_domain</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:439 +#: sssd-ipa.5.xml:435 msgid "" "The name of the Kerberos realm has a special meaning in IPA - it is " "converted into the base DN to use for performing LDAP operations." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:447 sssd-ad.5.xml:989 +#: sssd-ipa.5.xml:443 sssd-ad.5.xml:1009 msgid "krb5_confd_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:450 sssd-ad.5.xml:992 +#: sssd-ipa.5.xml:446 sssd-ad.5.xml:1012 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:454 sssd-ad.5.xml:996 +#: sssd-ipa.5.xml:450 sssd-ad.5.xml:1016 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:458 sssd-ad.5.xml:1000 +#: sssd-ipa.5.xml:454 sssd-ad.5.xml:1020 msgid "" "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:465 +#: sssd-ipa.5.xml:461 msgid "ipa_deskprofile_refresh (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:468 +#: sssd-ipa.5.xml:464 msgid "" "The amount of time between lookups of the Desktop Profile rules against the " "IPA server. This will reduce the latency and load on the IPA server if there " @@ -8487,36 +8667,36 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:475 sssd-ipa.5.xml:505 sssd-ipa.5.xml:521 sssd-ad.5.xml:408 +#: sssd-ipa.5.xml:471 sssd-ipa.5.xml:501 sssd-ipa.5.xml:517 sssd-ad.5.xml:428 msgid "Default: 5 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:481 +#: sssd-ipa.5.xml:477 msgid "ipa_deskprofile_request_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:484 +#: sssd-ipa.5.xml:480 msgid "" "The amount of time between lookups of the Desktop Profile rules against the " "IPA server in case the last request did not return any rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:489 +#: sssd-ipa.5.xml:485 #, fuzzy #| msgid "Default: 0 (unlimited)" msgid "Default: 60 (minutes)" msgstr "Noklusējuma: 0 (neierobežots)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:495 +#: sssd-ipa.5.xml:491 msgid "ipa_hbac_refresh (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:498 +#: sssd-ipa.5.xml:494 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server. " "This will reduce the latency and load on the IPA server if there are many " @@ -8524,12 +8704,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:511 +#: sssd-ipa.5.xml:507 msgid "ipa_hbac_selinux (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:514 +#: sssd-ipa.5.xml:510 msgid "" "The amount of time between lookups of the SELinux maps against the IPA " "server. This will reduce the latency and load on the IPA server if there are " @@ -8537,192 +8717,214 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:527 +#: sssd-ipa.5.xml:523 msgid "ipa_server_mode (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:530 +#: sssd-ipa.5.xml:526 msgid "" "This option will be set by the IPA installer (ipa-server-install) " "automatically and denotes if SSSD is running on an IPA server or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:535 +#: sssd-ipa.5.xml:531 msgid "" "On an IPA server SSSD will lookup users and groups from trusted domains " "directly while on a client it will ask an IPA server." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:536 +msgid "" +"NOTE: There are currently some assumptions that must be met when SSSD is " +"running on an IPA server." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ipa.5.xml:541 +msgid "" +"The <quote>ipa_server</quote> option must be configured to point to the IPA " +"server itself. This is already the default set by the IPA installer, so no " +"manual change is required." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ipa.5.xml:550 +msgid "" +"The <quote>full_name_format</quote> option must not be tweaked to only print " +"short names for users from trusted domains." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:546 +#: sssd-ipa.5.xml:565 msgid "ipa_automount_location (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:549 +#: sssd-ipa.5.xml:568 msgid "The automounter location this IPA client will be using" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:552 +#: sssd-ipa.5.xml:571 msgid "Default: The location named \"default\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:560 +#: sssd-ipa.5.xml:579 msgid "VIEWS AND OVERRIDES" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:569 +#: sssd-ipa.5.xml:588 msgid "ipa_view_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:572 +#: sssd-ipa.5.xml:591 msgid "Objectclass of the view container." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:575 +#: sssd-ipa.5.xml:594 msgid "Default: nsContainer" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:581 +#: sssd-ipa.5.xml:600 msgid "ipa_view_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:584 +#: sssd-ipa.5.xml:603 msgid "Name of the attribute holding the name of the view." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:594 +#: sssd-ipa.5.xml:613 msgid "ipa_override_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:597 +#: sssd-ipa.5.xml:616 msgid "Objectclass of the override objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:600 +#: sssd-ipa.5.xml:619 msgid "Default: ipaOverrideAnchor" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:606 +#: sssd-ipa.5.xml:625 msgid "ipa_anchor_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:609 +#: sssd-ipa.5.xml:628 msgid "" "Name of the attribute containing the reference to the original object in a " "remote domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:613 +#: sssd-ipa.5.xml:632 msgid "Default: ipaAnchorUUID" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:619 +#: sssd-ipa.5.xml:638 msgid "ipa_user_override_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:622 +#: sssd-ipa.5.xml:641 msgid "" "Name of the objectclass for user overrides. It is used to determine if the " "found override object is related to a user or a group." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:627 +#: sssd-ipa.5.xml:646 msgid "User overrides can contain attributes given by" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:630 +#: sssd-ipa.5.xml:649 msgid "ldap_user_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:633 +#: sssd-ipa.5.xml:652 msgid "ldap_user_uid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:636 +#: sssd-ipa.5.xml:655 msgid "ldap_user_gid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:639 +#: sssd-ipa.5.xml:658 msgid "ldap_user_gecos" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:642 +#: sssd-ipa.5.xml:661 msgid "ldap_user_home_directory" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:645 +#: sssd-ipa.5.xml:664 msgid "ldap_user_shell" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:648 +#: sssd-ipa.5.xml:667 msgid "ldap_user_ssh_public_key" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:653 +#: sssd-ipa.5.xml:672 msgid "Default: ipaUserOverride" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:659 +#: sssd-ipa.5.xml:678 msgid "ipa_group_override_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:662 +#: sssd-ipa.5.xml:681 msgid "" "Name of the objectclass for group overrides. It is used to determine if the " "found override object is related to a user or a group." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:667 +#: sssd-ipa.5.xml:686 msgid "Group overrides can contain attributes given by" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:670 +#: sssd-ipa.5.xml:689 msgid "ldap_group_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:673 +#: sssd-ipa.5.xml:692 msgid "ldap_group_gid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:678 +#: sssd-ipa.5.xml:697 msgid "Default: ipaGroupOverride" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:562 +#: sssd-ipa.5.xml:581 msgid "" "SSSD can handle views and overrides which are offered by FreeIPA 4.1 and " "later version. Since all paths and objectclasses are fixed on the server " @@ -8732,19 +8934,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ipa.5.xml:690 +#: sssd-ipa.5.xml:709 msgid "SUBDOMAINS PROVIDER" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:692 +#: sssd-ipa.5.xml:711 msgid "" "The IPA subdomains provider behaves slightly differently if it is configured " "explicitly or implicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:696 +#: sssd-ipa.5.xml:715 msgid "" "If the option 'subdomains_provider = ipa' is found in the domain section of " "sssd.conf, the IPA subdomains provider is configured explicitly, and all " @@ -8752,7 +8954,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:702 +#: sssd-ipa.5.xml:721 msgid "" "If the option 'subdomains_provider' is not set in the domain section of sssd." "conf but there is the option 'id_provider = ipa', the IPA subdomains " @@ -8764,7 +8966,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:719 +#: sssd-ipa.5.xml:738 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -8772,7 +8974,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:726 +#: sssd-ipa.5.xml:745 #, no-wrap msgid "" "[domain/example.com]\n" @@ -8808,7 +9010,7 @@ msgid "" "This provider requires that the machine be joined to the AD domain and a " "keytab is available. Back end communication occurs over a GSSAPI-encrypted " "channel, SSL/TLS options should not be used with the AD provider and will be " -"superceded by Kerberos usage." +"superseded by Kerberos usage." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> @@ -8856,8 +9058,16 @@ msgid "" "side." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ad.5.xml:79 +msgid "" +"If <quote>auth_provider=ad</quote> or <quote>access_provider=ad</quote> is " +"configured in sssd.conf then the id_provider must also be set to <quote>ad</" +"quote>." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:85 +#: sssd-ad.5.xml:91 #, no-wrap msgid "" "ldap_id_mapping = False\n" @@ -8865,20 +9075,25 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:79 +#: sssd-ad.5.xml:85 msgid "" "By default, the AD provider will map UID and GID values from the objectSID " "parameter in Active Directory. For details on this, see the <quote>ID " "MAPPING</quote> section below. If you want to disable ID mapping and instead " "rely on POSIX attributes defined in Active Directory, you should set " -"<placeholder type=\"programlisting\" id=\"0\"/> In order to retrieve users " -"and groups using POSIX attributes from trusted domains, the AD administrator " -"must make sure that the POSIX attributes are replicated to the Global " -"Catalog." +"<placeholder type=\"programlisting\" id=\"0\"/> If POSIX attributes should " +"be used, it is recommended for performance reasons that the attributes are " +"also replicated to the Global Catalog. If POSIX attributes are replicated, " +"SSSD will attempt to locate the domain of a requested numerical ID with the " +"help of the Global Catalog and only search that domain. In contrast, if " +"POSIX attributes are not replicated to the Global Catalog, SSSD must search " +"all the domains in the forest sequentially. Please note that the " +"<quote>cache_first</quote> option might be also helpful in speeding up " +"domainless searches." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:92 +#: sssd-ad.5.xml:105 msgid "" "Users, groups and other entities served by SSSD are always treated as case-" "insensitive in the AD provider for compatibility with Active Directory's " @@ -8886,38 +9101,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:107 +#: sssd-ad.5.xml:120 msgid "ad_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:110 +#: sssd-ad.5.xml:123 msgid "" "Specifies the name of the Active Directory domain. This is optional. If not " "provided, the configuration domain name is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:115 +#: sssd-ad.5.xml:128 msgid "" "For proper operation, this option should be specified as the lower-case " "version of the long version of the Active Directory domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:120 +#: sssd-ad.5.xml:133 msgid "" "The short domain name (also known as the NetBIOS or the flat name) is " "autodetected by the SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:127 +#: sssd-ad.5.xml:140 msgid "ad_enabled_domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:130 +#: sssd-ad.5.xml:143 msgid "" "A comma-separated list of enabled Active Directory domains. If provided, " "SSSD will ignore any domains not listed in this option. If left unset, all " @@ -8925,7 +9140,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:140 +#: sssd-ad.5.xml:153 #, no-wrap msgid "" "ad_enabled_domains = sales.example.com, eng.example.com\n" @@ -8933,7 +9148,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:136 +#: sssd-ad.5.xml:149 msgid "" "For proper operation, this option must be specified in all lower-case and as " "the fully qualified domain name of the Active Directory domain. For example: " @@ -8941,19 +9156,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:144 +#: sssd-ad.5.xml:157 msgid "" "The short domain name (also known as the NetBIOS or the flat name) will be " "autodetected by SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:154 +#: sssd-ad.5.xml:167 msgid "ad_server, ad_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:157 +#: sssd-ad.5.xml:170 msgid "" "The comma-separated list of hostnames of the AD servers to which SSSD should " "connect in order of preference. For more information on failover and server " @@ -8961,26 +9176,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:164 +#: sssd-ad.5.xml:177 msgid "" "This is optional if autodiscovery is enabled. For more information on " "service discovery, refer to the <quote>SERVICE DISCOVERY</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:169 +#: sssd-ad.5.xml:182 msgid "" "Note: Trusted domains will always auto-discover servers even if the primary " "server is explicitly defined in the ad_server option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:177 +#: sssd-ad.5.xml:190 msgid "ad_hostname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:180 +#: sssd-ad.5.xml:193 msgid "" "Optional. May be set on machines where the hostname(5) does not reflect the " "fully qualified name used in the Active Directory domain to identify this " @@ -8988,19 +9203,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:186 +#: sssd-ad.5.xml:199 msgid "" "This field is used to determine the host principal in use in the keytab. It " "must match the hostname for which the keytab was issued." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:194 +#: sssd-ad.5.xml:207 msgid "ad_enable_dns_sites (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:201 +#: sssd-ad.5.xml:214 msgid "" "If true and service discovery (see Service Discovery paragraph at the bottom " "of the man page) is enabled, the SSSD will first attempt to discover the " @@ -9011,12 +9226,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:217 +#: sssd-ad.5.xml:230 msgid "ad_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:220 +#: sssd-ad.5.xml:233 msgid "" "This option specifies LDAP access control filter that the user must match in " "order to be allowed access. Please note that the <quote>access_provider</" @@ -9025,7 +9240,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:228 +#: sssd-ad.5.xml:241 msgid "" "The option also supports specifying different filters per domain or forest. " "This extended filter would consist of: <quote>KEYWORD:NAME:FILTER</quote>. " @@ -9034,7 +9249,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:236 +#: sssd-ad.5.xml:249 msgid "" "If the keyword equals to <quote>DOM</quote> or is missing, then <quote>NAME</" "quote> specifies the domain or subdomain the filter applies to. If the " @@ -9043,14 +9258,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:244 +#: sssd-ad.5.xml:257 msgid "" "Multiple filters can be separated with the <quote>?</quote> character, " "similarly to how search bases work." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:249 +#: sssd-ad.5.xml:262 msgid "" "Nested group membership must be searched for using a special OID " "<quote>:1.2.840.113556.1.4.1941:</quote> in addition to the full DOM:domain." @@ -9063,7 +9278,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:262 +#: sssd-ad.5.xml:275 msgid "" "The most specific match is always used. For example, if the option specified " "filter for a domain the user is a member of and a global filter, the per-" @@ -9072,7 +9287,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ad.5.xml:273 +#: sssd-ad.5.xml:286 #, no-wrap msgid "" "# apply filter on domain called dom1 only:\n" @@ -9090,24 +9305,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:292 +#: sssd-ad.5.xml:305 msgid "ad_site (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:295 +#: sssd-ad.5.xml:308 msgid "" "Specify AD site to which client should try to connect. If this option is " "not provided, the AD site will be auto-discovered." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:306 +#: sssd-ad.5.xml:319 msgid "ad_enable_gc (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:309 +#: sssd-ad.5.xml:322 msgid "" "By default, the SSSD connects to the Global Catalog first to retrieve users " "from trusted domains and uses the LDAP port to retrieve group memberships or " @@ -9116,7 +9331,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:317 +#: sssd-ad.5.xml:330 msgid "" "Please note that disabling Global Catalog support does not disable " "retrieving users from trusted domains. The SSSD would connect to the LDAP " @@ -9125,12 +9340,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:331 +#: sssd-ad.5.xml:344 msgid "ad_gpo_access_control (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:334 +#: sssd-ad.5.xml:347 msgid "" "This option specifies the operation mode for GPO-based access control " "functionality: whether it operates in disabled mode, enforcing mode, or " @@ -9140,14 +9355,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:343 +#: sssd-ad.5.xml:356 msgid "" "GPO-based access control functionality uses GPO policy settings to determine " "whether or not a particular user is allowed to logon to a particular host." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:349 +#: sssd-ad.5.xml:362 +msgid "" +"NOTE: The current version of SSSD does not support host (computer) entries " +"in the GPO 'Security Filtering' list. Only user and group entries are " +"supported. Host entries in the list have no effect." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:369 msgid "" "NOTE: If the operation mode is set to enforcing, it is possible that users " "that were previously allowed logon access will now be denied logon access " @@ -9160,23 +9383,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:362 +#: sssd-ad.5.xml:382 msgid "There are three supported values for this option:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:366 +#: sssd-ad.5.xml:386 msgid "" "disabled: GPO-based access control rules are neither evaluated nor enforced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:372 +#: sssd-ad.5.xml:392 msgid "enforcing: GPO-based access control rules are evaluated and enforced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:378 +#: sssd-ad.5.xml:398 msgid "" "permissive: GPO-based access control rules are evaluated, but not enforced. " "Instead, a syslog message will be emitted indicating that the user would " @@ -9184,22 +9407,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:389 +#: sssd-ad.5.xml:409 msgid "Default: permissive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:392 +#: sssd-ad.5.xml:412 msgid "Default: enforcing" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:398 +#: sssd-ad.5.xml:418 msgid "ad_gpo_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:401 +#: sssd-ad.5.xml:421 msgid "" "The amount of time between lookups of GPO policy files against the AD " "server. This will reduce the latency and load on the AD server if there are " @@ -9207,12 +9430,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:414 +#: sssd-ad.5.xml:434 msgid "ad_gpo_map_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:417 +#: sssd-ad.5.xml:437 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the InteractiveLogonRight and " @@ -9220,14 +9443,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:423 +#: sssd-ad.5.xml:443 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on locally\" and \"Deny log on locally\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:437 +#: sssd-ad.5.xml:457 #, no-wrap msgid "" "ad_gpo_map_interactive = +my_pam_service, -login\n" @@ -9235,7 +9458,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:428 +#: sssd-ad.5.xml:448 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9247,78 +9470,78 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:441 sssd-ad.5.xml:537 sssd-ad.5.xml:583 sssd-ad.5.xml:628 -#: sssd-ad.5.xml:694 +#: sssd-ad.5.xml:461 sssd-ad.5.xml:557 sssd-ad.5.xml:603 sssd-ad.5.xml:648 +#: sssd-ad.5.xml:714 msgid "Default: the default set of PAM service names includes:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:445 +#: sssd-ad.5.xml:465 msgid "login" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:450 +#: sssd-ad.5.xml:470 msgid "su" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:455 +#: sssd-ad.5.xml:475 msgid "su-l" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:460 +#: sssd-ad.5.xml:480 msgid "gdm-fingerprint" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:465 +#: sssd-ad.5.xml:485 msgid "gdm-password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:470 +#: sssd-ad.5.xml:490 msgid "gdm-smartcard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:475 +#: sssd-ad.5.xml:495 msgid "kdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:480 +#: sssd-ad.5.xml:500 msgid "lightdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:485 +#: sssd-ad.5.xml:505 msgid "lxdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:490 +#: sssd-ad.5.xml:510 msgid "sddm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:495 +#: sssd-ad.5.xml:515 msgid "unity" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:500 +#: sssd-ad.5.xml:520 msgid "xdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:509 +#: sssd-ad.5.xml:529 msgid "ad_gpo_map_remote_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:512 +#: sssd-ad.5.xml:532 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the RemoteInteractiveLogonRight and " @@ -9326,7 +9549,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:518 +#: sssd-ad.5.xml:538 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on through Remote Desktop Services\" and \"Deny log on through Remote " @@ -9334,7 +9557,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:533 +#: sssd-ad.5.xml:553 #, no-wrap msgid "" "ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n" @@ -9342,7 +9565,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:524 +#: sssd-ad.5.xml:544 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9354,22 +9577,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:541 +#: sssd-ad.5.xml:561 msgid "sshd" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:546 +#: sssd-ad.5.xml:566 msgid "cockpit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:555 +#: sssd-ad.5.xml:575 msgid "ad_gpo_map_network (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:558 +#: sssd-ad.5.xml:578 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the NetworkLogonRight and " @@ -9377,7 +9600,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:564 +#: sssd-ad.5.xml:584 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Access " "this computer from the network\" and \"Deny access to this computer from the " @@ -9385,7 +9608,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:579 +#: sssd-ad.5.xml:599 #, no-wrap msgid "" "ad_gpo_map_network = +my_pam_service, -ftp\n" @@ -9393,7 +9616,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:570 +#: sssd-ad.5.xml:590 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9405,22 +9628,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:587 +#: sssd-ad.5.xml:607 msgid "ftp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:592 +#: sssd-ad.5.xml:612 msgid "samba" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:601 +#: sssd-ad.5.xml:621 msgid "ad_gpo_map_batch (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:604 +#: sssd-ad.5.xml:624 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " @@ -9428,14 +9651,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:610 +#: sssd-ad.5.xml:630 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a batch job\" and \"Deny log on as a batch job\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:624 +#: sssd-ad.5.xml:644 #, no-wrap msgid "" "ad_gpo_map_batch = +my_pam_service, -crond\n" @@ -9443,7 +9666,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:615 +#: sssd-ad.5.xml:635 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9455,17 +9678,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:632 +#: sssd-ad.5.xml:652 msgid "crond" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:641 +#: sssd-ad.5.xml:661 msgid "ad_gpo_map_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:644 +#: sssd-ad.5.xml:664 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the ServiceLogonRight and " @@ -9473,14 +9696,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:650 +#: sssd-ad.5.xml:670 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a service\" and \"Deny log on as a service\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:663 +#: sssd-ad.5.xml:683 #, no-wrap msgid "" "ad_gpo_map_service = +my_pam_service\n" @@ -9488,7 +9711,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:655 sssd-ad.5.xml:730 +#: sssd-ad.5.xml:675 sssd-ad.5.xml:750 msgid "" "It is possible to add a PAM service name to the default set by using <quote>" "+service_name</quote>. Since the default set is empty, it is not possible " @@ -9499,19 +9722,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:673 +#: sssd-ad.5.xml:693 msgid "ad_gpo_map_permit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:676 +#: sssd-ad.5.xml:696 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always granted, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:690 +#: sssd-ad.5.xml:710 #, no-wrap msgid "" "ad_gpo_map_permit = +my_pam_service, -sudo\n" @@ -9519,7 +9742,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:681 +#: sssd-ad.5.xml:701 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9531,39 +9754,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:698 +#: sssd-ad.5.xml:718 msgid "polkit-1" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:703 +#: sssd-ad.5.xml:723 msgid "sudo" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:708 +#: sssd-ad.5.xml:728 msgid "sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:713 +#: sssd-ad.5.xml:733 msgid "systemd-user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:722 +#: sssd-ad.5.xml:742 msgid "ad_gpo_map_deny (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:725 +#: sssd-ad.5.xml:745 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always denied, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:738 +#: sssd-ad.5.xml:758 #, no-wrap msgid "" "ad_gpo_map_deny = +my_pam_service\n" @@ -9571,12 +9794,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:748 +#: sssd-ad.5.xml:768 msgid "ad_gpo_default_right (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:751 +#: sssd-ad.5.xml:771 msgid "" "This option defines how access control is evaluated for PAM service names " "that are not explicitly listed in one of the ad_gpo_map_* options. This " @@ -9589,57 +9812,57 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:764 +#: sssd-ad.5.xml:784 msgid "Supported values for this option include:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:768 +#: sssd-ad.5.xml:788 msgid "interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:773 +#: sssd-ad.5.xml:793 msgid "remote_interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:778 +#: sssd-ad.5.xml:798 msgid "network" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:783 +#: sssd-ad.5.xml:803 msgid "batch" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:788 +#: sssd-ad.5.xml:808 msgid "service" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:793 +#: sssd-ad.5.xml:813 msgid "permit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:798 +#: sssd-ad.5.xml:818 msgid "deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:804 +#: sssd-ad.5.xml:824 msgid "Default: deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:810 +#: sssd-ad.5.xml:830 msgid "ad_maximum_machine_account_password_age (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:813 +#: sssd-ad.5.xml:833 msgid "" "SSSD will check once a day if the machine account password is older than the " "given age in days and try to renew it. A value of 0 will disable the renewal " @@ -9647,17 +9870,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:819 +#: sssd-ad.5.xml:839 msgid "Default: 30 days" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:825 +#: sssd-ad.5.xml:845 msgid "ad_machine_account_password_renewal_opts (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:828 +#: sssd-ad.5.xml:848 msgid "" "This option should only be used to test the machine account renewal task. " "The option expects 2 integers separated by a colon (':'). The first integer " @@ -9667,12 +9890,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:837 +#: sssd-ad.5.xml:857 msgid "Default: 86400:750 (24h and 15m)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:846 +#: sssd-ad.5.xml:866 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -9683,19 +9906,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:876 +#: sssd-ad.5.xml:896 msgid "Default: 3600 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:892 +#: sssd-ad.5.xml:912 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:905 +#: sssd-ad.5.xml:925 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -9705,12 +9928,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:928 sss_rpcidmapd.5.xml:76 +#: sssd-ad.5.xml:948 sss_rpcidmapd.5.xml:76 msgid "Default: True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1020 +#: sssd-ad.5.xml:1040 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -9718,7 +9941,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1027 +#: sssd-ad.5.xml:1047 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -9733,7 +9956,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1047 +#: sssd-ad.5.xml:1067 #, no-wrap msgid "" "access_provider = ldap\n" @@ -9742,7 +9965,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1043 +#: sssd-ad.5.xml:1063 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -9750,7 +9973,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1053 +#: sssd-ad.5.xml:1073 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -9760,7 +9983,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1061 +#: sssd-ad.5.xml:1081 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " @@ -10070,33 +10293,73 @@ msgid "" "files for every SSSD service and domain." msgstr "" +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:94 +msgid "" +"This option is deprecated. It is replaced by <option>--logger=files</option>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sssd.8.xml:101 +msgid "<option>--logger=</option><replaceable>value</replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:105 +msgid "" +"Location where SSSD will send log messages. This option overrides the value " +"of the deprecated option <option>--debug-to-files</option>. The deprecated " +"option will still work if the <option>--logger</option> is not used." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:112 +msgid "" +"<emphasis>stderr</emphasis>: Redirect debug messages to standard error " +"output." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:116 +msgid "" +"<emphasis>files</emphasis>: Redirect debug messages to the log files. By " +"default, the log files are stored in <filename>/var/log/sssd</filename> and " +"there are separate log files for every SSSD service and domain." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:122 +msgid "" +"<emphasis>journald</emphasis>: Redirect debug messages to systemd-journald" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:97 +#: sssd.8.xml:132 msgid "<option>-D</option>,<option>--daemon</option>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:101 +#: sssd.8.xml:136 msgid "Become a daemon after starting up." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:107 sss_seed.8.xml:136 +#: sssd.8.xml:142 sss_seed.8.xml:136 msgid "<option>-i</option>,<option>--interactive</option>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:111 +#: sssd.8.xml:146 msgid "Run in the foreground, don't become a daemon." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:117 +#: sssd.8.xml:152 msgid "<option>-c</option>,<option>--config</option>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:121 +#: sssd.8.xml:156 msgid "" "Specify a non-default config file. The default is <filename>/etc/sssd/sssd." "conf</filename>. For reference on the config file syntax and options, " @@ -10105,39 +10368,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:135 +#: sssd.8.xml:170 msgid "<option>--version</option>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:139 +#: sssd.8.xml:174 msgid "Print version number and exit." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.8.xml:147 +#: sssd.8.xml:182 msgid "Signals" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:150 +#: sssd.8.xml:185 msgid "SIGTERM/SIGINT" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:153 +#: sssd.8.xml:188 msgid "" "Informs the SSSD to gracefully terminate all of its child processes and then " "shut down the monitor." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:159 +#: sssd.8.xml:194 msgid "SIGHUP" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:162 +#: sssd.8.xml:197 msgid "" "Tells the SSSD to stop writing to its current debug file descriptors and to " "close and reopen them. This is meant to facilitate log rolling with programs " @@ -10145,12 +10408,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:170 +#: sssd.8.xml:205 msgid "SIGUSR1" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:173 +#: sssd.8.xml:208 msgid "" "Tells the SSSD to simulate offline operation for the duration of the " "<quote>offline_timeout</quote> parameter. This is useful for testing. The " @@ -10159,12 +10422,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:182 +#: sssd.8.xml:217 msgid "SIGUSR2" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:185 +#: sssd.8.xml:220 msgid "" "Tells the SSSD to go online immediately. This is useful for testing. The " "signal can be sent to either the sssd process or any sssd_be process " @@ -10172,7 +10435,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.8.xml:197 +#: sssd.8.xml:232 msgid "" "If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", client " "applications will not use the fast in memory cache." @@ -12530,7 +12793,7 @@ msgid "" "project was born to deal with this problem in cloud like environments, but " "we found the idea compelling even at a single system level. As a security " "service, SSSD is ideal to host this capability while offering the same API " -"via a Unix Socket. This will make it possible to use local calls and have " +"via a UNIX Socket. This will make it possible to use local calls and have " "them transparently routed to a local or a remote key management store like " "IPA Vault for storage, escrow and recovery." msgstr "" diff --git a/src/man/po/nl.po b/src/man/po/nl.po index 5dfa4a940a2..1d36ca99589 100644 --- a/src/man/po/nl.po +++ b/src/man/po/nl.po @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: sssd-docs 1.15.3\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2017-10-20 16:15+0200\n" +"POT-Creation-Date: 2018-03-09 12:30+0100\n" "PO-Revision-Date: 2014-12-15 12:02-0500\n" "Last-Translator: Copied by Zanata <copied-by-zanata@zanata.org>\n" "Language-Team: Dutch (http://www.transifex.com/projects/p/sssd/language/" @@ -319,9 +319,9 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:133 sssd.conf.5.xml:543 sssd.conf.5.xml:837 -#: sssd.conf.5.xml:1467 sssd-ldap.5.xml:1722 sssd-ldap.5.xml:1819 -#: sssd-ldap.5.xml:1881 sssd-ldap.5.xml:2447 sssd-ldap.5.xml:2512 -#: sssd-ldap.5.xml:2530 sssd-ad.5.xml:211 sssd-ad.5.xml:325 sssd-ad.5.xml:862 +#: sssd.conf.5.xml:1474 sssd-ldap.5.xml:1840 sssd-ldap.5.xml:1937 +#: sssd-ldap.5.xml:1999 sssd-ldap.5.xml:2565 sssd-ldap.5.xml:2630 +#: sssd-ldap.5.xml:2648 sssd-ad.5.xml:224 sssd-ad.5.xml:338 sssd-ad.5.xml:882 #: sssd-krb5.5.xml:499 sssd-secrets.5.xml:351 sssd-secrets.5.xml:364 msgid "Default: true" msgstr "Standaard: true" @@ -340,16 +340,16 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:146 sssd.conf.5.xml:540 sssd.conf.5.xml:721 -#: sssd.conf.5.xml:1400 sssd.conf.5.xml:2865 sssd-ldap.5.xml:708 -#: sssd-ldap.5.xml:1596 sssd-ldap.5.xml:1615 sssd-ldap.5.xml:1791 -#: sssd-ldap.5.xml:2217 sssd-ipa.5.xml:145 sssd-ipa.5.xml:232 -#: sssd-ipa.5.xml:540 sssd-krb5.5.xml:266 sssd-krb5.5.xml:300 +#: sssd.conf.5.xml:1407 sssd.conf.5.xml:2925 sssd-ldap.5.xml:708 +#: sssd-ldap.5.xml:1714 sssd-ldap.5.xml:1733 sssd-ldap.5.xml:1909 +#: sssd-ldap.5.xml:2335 sssd-ipa.5.xml:151 sssd-ipa.5.xml:238 +#: sssd-ipa.5.xml:559 sssd-krb5.5.xml:266 sssd-krb5.5.xml:300 #: sssd-krb5.5.xml:471 msgid "Default: false" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2255 +#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2373 #: sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 sssd-systemtap.5.xml:210 #: sssd-systemtap.5.xml:248 sssd-systemtap.5.xml:304 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" @@ -374,8 +374,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:169 sssd.conf.5.xml:1352 sssd.conf.5.xml:2881 -#: sssd-ldap.5.xml:1467 include/ldap_id_mapping.xml:264 +#: sssd.conf.5.xml:169 sssd.conf.5.xml:1359 sssd.conf.5.xml:2941 +#: sssd-ldap.5.xml:1585 include/ldap_id_mapping.xml:264 msgid "Default: 10" msgstr "" @@ -390,7 +390,7 @@ msgid "The [sssd] section" msgstr "De [sssd] sectie" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:191 sssd.conf.5.xml:2970 +#: sssd.conf.5.xml:191 sssd.conf.5.xml:3030 msgid "Section parameters" msgstr "Sectie parameters" @@ -418,7 +418,7 @@ msgstr "diensten" msgid "" "Comma separated list of services that are started when sssd itself starts. " "<phrase condition=\"have_systemd\"> The services' list is optional on " -"platforms where systemd is supported, as they will either be socket or dbus " +"platforms where systemd is supported, as they will either be socket or D-Bus " "activated when needed. </phrase>" msgstr "" @@ -474,7 +474,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:259 sssd.conf.5.xml:2508 +#: sssd.conf.5.xml:259 sssd.conf.5.xml:2539 msgid "re_expression (string)" msgstr "re_expression (tekst)" @@ -494,12 +494,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:276 sssd.conf.5.xml:2559 +#: sssd.conf.5.xml:276 sssd.conf.5.xml:2590 msgid "full_name_format (string)" msgstr "full_name_format (tekst)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:279 sssd.conf.5.xml:2562 +#: sssd.conf.5.xml:279 sssd.conf.5.xml:2593 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -507,39 +507,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:290 sssd.conf.5.xml:2573 +#: sssd.conf.5.xml:290 sssd.conf.5.xml:2604 msgid "%1$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:291 sssd.conf.5.xml:2574 +#: sssd.conf.5.xml:291 sssd.conf.5.xml:2605 msgid "user name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:294 sssd.conf.5.xml:2577 +#: sssd.conf.5.xml:294 sssd.conf.5.xml:2608 msgid "%2$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:297 sssd.conf.5.xml:2580 +#: sssd.conf.5.xml:297 sssd.conf.5.xml:2611 msgid "domain name as specified in the SSSD config file." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:303 sssd.conf.5.xml:2586 +#: sssd.conf.5.xml:303 sssd.conf.5.xml:2617 msgid "%3$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:306 sssd.conf.5.xml:2589 +#: sssd.conf.5.xml:306 sssd.conf.5.xml:2620 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:287 sssd.conf.5.xml:2570 +#: sssd.conf.5.xml:287 sssd.conf.5.xml:2601 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -677,12 +677,13 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:418 sssd.conf.5.xml:1156 sssd-ldap.5.xml:679 -#: sssd-ldap.5.xml:1555 sssd-ldap.5.xml:1567 sssd-ldap.5.xml:1649 -#: sssd-ad.5.xml:667 sssd-ad.5.xml:742 sssd-krb5.5.xml:410 sssd-krb5.5.xml:556 -#: sssd-secrets.5.xml:339 sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 -#: sssd-secrets.5.xml:404 sssd-secrets.5.xml:415 -#: include/ldap_id_mapping.xml:205 include/ldap_id_mapping.xml:216 +#: sssd.conf.5.xml:418 sssd.conf.5.xml:1163 sssd-ldap.5.xml:679 +#: sssd-ldap.5.xml:1319 sssd-ldap.5.xml:1673 sssd-ldap.5.xml:1685 +#: sssd-ldap.5.xml:1767 sssd-ad.5.xml:687 sssd-ad.5.xml:762 sssd.8.xml:126 +#: sssd-krb5.5.xml:410 sssd-krb5.5.xml:556 sssd-secrets.5.xml:339 +#: sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 sssd-secrets.5.xml:404 +#: sssd-secrets.5.xml:415 include/ldap_id_mapping.xml:205 +#: include/ldap_id_mapping.xml:216 msgid "Default: not set" msgstr "" @@ -869,8 +870,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:587 sssd.conf.5.xml:1364 sssd.conf.5.xml:2931 -#: sssd-ad.5.xml:148 sssd-ad.5.xml:286 sssd-ad.5.xml:300 +#: sssd.conf.5.xml:587 sssd.conf.5.xml:1371 sssd.conf.5.xml:2991 +#: sssd-ad.5.xml:161 sssd-ad.5.xml:299 sssd-ad.5.xml:313 msgid "Default: Not set" msgstr "" @@ -946,7 +947,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:655 sssd.conf.5.xml:687 sssd.conf.5.xml:968 -#: sssd.conf.5.xml:1222 sssd-ldap.5.xml:1294 +#: sssd.conf.5.xml:1229 sssd-ldap.5.xml:1412 msgid "Default: 60" msgstr "" @@ -1001,12 +1002,12 @@ msgid "" "resource exhaustion on the system. The minimum acceptable value for this " "option is 60 seconds. Setting this option to 0 (zero) means that no timeout " "will be set up to the responder. This option only has effect when SSSD is " -"built with systemd support and when services are either socket or dbus " +"built with systemd support and when services are either socket or D-Bus " "activated." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:709 sssd.conf.5.xml:980 sssd.conf.5.xml:1559 +#: sssd.conf.5.xml:709 sssd.conf.5.xml:981 sssd.conf.5.xml:1566 #: sssd-ldap.5.xml:722 msgid "Default: 300" msgstr "" @@ -1088,7 +1089,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:775 sssd.conf.5.xml:1421 +#: sssd.conf.5.xml:775 sssd.conf.5.xml:1428 msgid "Default: 50" msgstr "" @@ -1106,7 +1107,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:789 sssd.conf.5.xml:1445 +#: sssd.conf.5.xml:789 sssd.conf.5.xml:1452 msgid "Default: 15" msgstr "" @@ -1123,7 +1124,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:802 sssd.conf.5.xml:1210 sssd.conf.5.xml:2815 sssd.8.xml:79 +#: sssd.conf.5.xml:802 sssd.conf.5.xml:1217 sssd.conf.5.xml:2846 sssd.8.xml:79 msgid "Default: 0" msgstr "Standaard: 0" @@ -1193,7 +1194,7 @@ msgid "" msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:856 sssd.conf.5.xml:1289 sssd.conf.5.xml:1308 +#: sssd.conf.5.xml:856 sssd.conf.5.xml:1296 sssd.conf.5.xml:1315 #: sssd-krb5.5.xml:539 include/override_homedir.xml:59 msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" @@ -1327,12 +1328,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:961 sssd.conf.5.xml:1215 +#: sssd.conf.5.xml:961 sssd.conf.5.xml:1222 msgid "get_domains_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:964 sssd.conf.5.xml:1218 +#: sssd.conf.5.xml:964 sssd.conf.5.xml:1225 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." @@ -1347,23 +1348,30 @@ msgstr "" #: sssd.conf.5.xml:976 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " -"valid." +"valid. Setting this option to zero will disable the in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:983 +#: sssd.conf.5.xml:984 +msgid "" +"WARNING: Disabling the in-memory cache will have significant negative impact " +"on SSSD's performance and should only be used for testing." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:990 msgid "" "NOTE: If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", " "client applications will not use the fast in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:991 sssd-ifp.5.xml:74 +#: sssd.conf.5.xml:998 sssd-ifp.5.xml:74 msgid "user_attributes (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:994 +#: sssd.conf.5.xml:1001 msgid "" "Some of the additional NSS responder requests can return more attributes " "than just the POSIX ones defined by the NSS interface. The list of " @@ -1374,96 +1382,96 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1007 +#: sssd.conf.5.xml:1014 msgid "" "To make configuration more easy the NSS responder will check the InfoPipe " "option if it is not set for the NSS responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1012 +#: sssd.conf.5.xml:1019 msgid "Default: not set, fallback to InfoPipe option" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1017 +#: sssd.conf.5.xml:1024 msgid "pwfield (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1020 +#: sssd.conf.5.xml:1027 msgid "" "The value that NSS operations that return users or groups will return for " "the <quote>password</quote> field." msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:1025 include/override_homedir.xml:56 +#: sssd.conf.5.xml:1032 include/override_homedir.xml:56 msgid "This option can also be set per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1028 +#: sssd.conf.5.xml:1035 msgid "" "Default: <quote>*</quote> (remote domains) or <quote>x</quote> (the files " "domain)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1036 +#: sssd.conf.5.xml:1043 msgid "PAM configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1038 +#: sssd.conf.5.xml:1045 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1043 +#: sssd.conf.5.xml:1050 msgid "offline_credentials_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1046 +#: sssd.conf.5.xml:1053 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1051 sssd.conf.5.xml:1064 +#: sssd.conf.5.xml:1058 sssd.conf.5.xml:1071 msgid "Default: 0 (No limit)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1057 +#: sssd.conf.5.xml:1064 msgid "offline_failed_login_attempts (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1060 +#: sssd.conf.5.xml:1067 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1070 +#: sssd.conf.5.xml:1077 msgid "offline_failed_login_delay (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1073 +#: sssd.conf.5.xml:1080 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1078 +#: sssd.conf.5.xml:1085 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -1471,59 +1479,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1084 sssd.conf.5.xml:1182 +#: sssd.conf.5.xml:1091 sssd.conf.5.xml:1189 msgid "Default: 5" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1090 +#: sssd.conf.5.xml:1097 msgid "pam_verbosity (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1093 +#: sssd.conf.5.xml:1100 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1098 +#: sssd.conf.5.xml:1105 msgid "Currently sssd supports the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1101 +#: sssd.conf.5.xml:1108 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1104 +#: sssd.conf.5.xml:1111 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1108 +#: sssd.conf.5.xml:1115 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1111 +#: sssd.conf.5.xml:1118 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1115 sssd.8.xml:63 +#: sssd.conf.5.xml:1122 sssd.8.xml:63 msgid "Default: 1" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1121 +#: sssd.conf.5.xml:1128 msgid "pam_response_filter (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1124 +#: sssd.conf.5.xml:1131 msgid "" "A comma separated list of strings which allows to remove (filter) data sent " "by the PAM responder to pam_sss PAM module. There are different kind of " @@ -1532,61 +1540,61 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1132 +#: sssd.conf.5.xml:1139 msgid "" "While messages already can be controlled with the help of the pam_verbosity " "option this option allows to filter out other kind of responses as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1139 +#: sssd.conf.5.xml:1146 msgid "ENV" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1140 +#: sssd.conf.5.xml:1147 msgid "Do not send any environment variables to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1143 +#: sssd.conf.5.xml:1150 msgid "ENV:var_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1144 +#: sssd.conf.5.xml:1151 msgid "Do not send environment variable var_name to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1148 +#: sssd.conf.5.xml:1155 msgid "ENV:var_name:service" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1149 +#: sssd.conf.5.xml:1156 msgid "Do not send environment variable var_name to service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1137 +#: sssd.conf.5.xml:1144 msgid "" "Currently the following filters are supported: <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1159 +#: sssd.conf.5.xml:1166 msgid "Example: ENV:KRB5CCNAME:sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1165 +#: sssd.conf.5.xml:1172 msgid "pam_id_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1168 +#: sssd.conf.5.xml:1175 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1594,7 +1602,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1174 +#: sssd.conf.5.xml:1181 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -1603,17 +1611,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1188 +#: sssd.conf.5.xml:1195 msgid "pam_pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1191 sssd.conf.5.xml:2010 +#: sssd.conf.5.xml:1198 sssd.conf.5.xml:2028 msgid "Display a warning N days before the password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1194 +#: sssd.conf.5.xml:1201 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1621,26 +1629,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1200 sssd.conf.5.xml:2013 +#: sssd.conf.5.xml:1207 sssd.conf.5.xml:2031 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1205 +#: sssd.conf.5.xml:1212 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:1234 msgid "pam_trusted_users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1230 +#: sssd.conf.5.xml:1237 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to run PAM conversations against trusted domains. Users not " @@ -1650,74 +1658,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1240 +#: sssd.conf.5.xml:1247 msgid "Default: All users are considered trusted by default" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1244 +#: sssd.conf.5.xml:1251 msgid "" "Please note that UID 0 is always allowed to access the PAM responder even in " "case it is not in the pam_trusted_users list." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1251 +#: sssd.conf.5.xml:1258 msgid "pam_public_domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1254 +#: sssd.conf.5.xml:1261 msgid "" "Specifies the comma-separated list of domain names that are accessible even " "to untrusted users." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1258 +#: sssd.conf.5.xml:1265 msgid "Two special values for pam_public_domains option are defined:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1262 +#: sssd.conf.5.xml:1269 msgid "" "all (Untrusted users are allowed to access all domains in PAM responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1266 +#: sssd.conf.5.xml:1273 msgid "" "none (Untrusted users are not allowed to access any domains PAM in " "responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1270 sssd.conf.5.xml:1295 sssd.conf.5.xml:1314 -#: sssd.conf.5.xml:1807 sssd.conf.5.xml:2751 sssd-ldap.5.xml:1850 +#: sssd.conf.5.xml:1277 sssd.conf.5.xml:1302 sssd.conf.5.xml:1321 +#: sssd.conf.5.xml:1825 sssd.conf.5.xml:2782 sssd-ldap.5.xml:1968 msgid "Default: none" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1275 +#: sssd.conf.5.xml:1282 msgid "pam_account_expired_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1278 +#: sssd.conf.5.xml:1285 msgid "" "Allows a custom expiration message to be set, replacing the default " "'Permission denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1283 +#: sssd.conf.5.xml:1290 msgid "" "Note: Please be aware that message is only printed for the SSH service " "unless pam_verbosity is set to 3 (show all messages and debug information)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1291 +#: sssd.conf.5.xml:1298 #, no-wrap msgid "" "pam_account_expired_message = Account expired, please contact help desk.\n" @@ -1725,19 +1733,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1300 +#: sssd.conf.5.xml:1307 msgid "pam_account_locked_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1303 +#: sssd.conf.5.xml:1310 msgid "" "Allows a custom lockout message to be set, replacing the default 'Permission " "denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1310 +#: sssd.conf.5.xml:1317 #, no-wrap msgid "" "pam_account_locked_message = Account locked, please contact help desk.\n" @@ -1745,12 +1753,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1319 +#: sssd.conf.5.xml:1326 msgid "pam_cert_auth (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1322 +#: sssd.conf.5.xml:1329 msgid "" "Enable certificate based Smartcard authentication. Since this requires " "additional communication with the Smartcard which will delay the " @@ -1758,58 +1766,58 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1328 sssd-ldap.5.xml:1078 sssd-ldap.5.xml:1105 -#: sssd-ldap.5.xml:1396 sssd-ldap.5.xml:1417 sssd-ldap.5.xml:1923 -#: include/ldap_id_mapping.xml:244 +#: sssd.conf.5.xml:1335 sssd.conf.5.xml:2875 sssd-ldap.5.xml:1087 +#: sssd-ldap.5.xml:1114 sssd-ldap.5.xml:1514 sssd-ldap.5.xml:1535 +#: sssd-ldap.5.xml:2041 include/ldap_id_mapping.xml:244 msgid "Default: False" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1333 +#: sssd.conf.5.xml:1340 msgid "pam_cert_db_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1336 +#: sssd.conf.5.xml:1343 msgid "" "The path to the certificate database which contain the PKCS#11 modules to " "access the Smartcard." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1340 +#: sssd.conf.5.xml:1347 msgid "Default: /etc/pki/nssdb (NSS version)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1345 +#: sssd.conf.5.xml:1352 msgid "p11_child_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1348 +#: sssd.conf.5.xml:1355 msgid "How many seconds will pam_sss wait for p11_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1357 +#: sssd.conf.5.xml:1364 msgid "pam_app_services (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1360 +#: sssd.conf.5.xml:1367 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1373 +#: sssd.conf.5.xml:1380 msgid "SUDO configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1375 +#: sssd.conf.5.xml:1382 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -1820,26 +1828,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1392 +#: sssd.conf.5.xml:1399 msgid "sudo_timed (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1395 +#: sssd.conf.5.xml:1402 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1407 +#: sssd.conf.5.xml:1414 #, fuzzy #| msgid "debug_level (integer)" msgid "sudo_threshold (integer)" msgstr "debug_level (numeriek)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1410 +#: sssd.conf.5.xml:1417 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -1849,22 +1857,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1429 +#: sssd.conf.5.xml:1436 msgid "AUTOFS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1431 +#: sssd.conf.5.xml:1438 msgid "These options can be used to configure the autofs service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1435 +#: sssd.conf.5.xml:1442 msgid "autofs_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1438 +#: sssd.conf.5.xml:1445 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -1872,68 +1880,68 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1454 +#: sssd.conf.5.xml:1461 msgid "SSH configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1456 +#: sssd.conf.5.xml:1463 msgid "These options can be used to configure the SSH service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1460 +#: sssd.conf.5.xml:1467 msgid "ssh_hash_known_hosts (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1463 +#: sssd.conf.5.xml:1470 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1472 +#: sssd.conf.5.xml:1479 msgid "ssh_known_hosts_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1475 +#: sssd.conf.5.xml:1482 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1479 +#: sssd.conf.5.xml:1486 msgid "Default: 180" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1484 +#: sssd.conf.5.xml:1491 msgid "ca_db (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1487 +#: sssd.conf.5.xml:1494 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1492 +#: sssd.conf.5.xml:1499 msgid "Default: /etc/pki/nssdb" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1500 +#: sssd.conf.5.xml:1507 msgid "PAC responder configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1502 +#: sssd.conf.5.xml:1509 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -1944,7 +1952,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1511 +#: sssd.conf.5.xml:1518 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -1955,24 +1963,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1519 +#: sssd.conf.5.xml:1526 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1525 +#: sssd.conf.5.xml:1532 msgid "These options can be used to configure the PAC responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1529 sssd-ifp.5.xml:50 +#: sssd.conf.5.xml:1536 sssd-ifp.5.xml:50 msgid "allowed_uids (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1532 +#: sssd.conf.5.xml:1539 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -1980,12 +1988,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1538 +#: sssd.conf.5.xml:1545 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1542 +#: sssd.conf.5.xml:1549 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -1994,26 +2002,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1551 +#: sssd.conf.5.xml:1558 msgid "pac_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1554 +#: sssd.conf.5.xml:1561 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1567 +#: sssd.conf.5.xml:1574 #, fuzzy #| msgid "General service configuration options" msgid "Session recording configuration options" msgstr "Algemene service configuratie-opties" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1569 +#: sssd.conf.5.xml:1576 msgid "" "Session recording works in conjunction with <citerefentry> " "<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> </" @@ -2023,36 +2031,36 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1582 +#: sssd.conf.5.xml:1589 #, fuzzy #| msgid "These options can be used to configure any service." msgid "These options can be used to configure session recording." msgstr "Deze opties kunnen gebruikt worden om services te configureren." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1586 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:1593 sssd-session-recording.5.xml:64 #, fuzzy #| msgid "re_expression (string)" msgid "scope (string)" msgstr "re_expression (tekst)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1593 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:1600 sssd-session-recording.5.xml:71 msgid "\"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1596 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:1603 sssd-session-recording.5.xml:74 msgid "No users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1601 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:1608 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1604 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:1611 sssd-session-recording.5.xml:82 #, fuzzy #| msgid "" #| "Append this group to groups specified by the <replaceable>GROUPS</" @@ -2067,38 +2075,38 @@ msgstr "" "een kommagescheiden lijst van groepnamen." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1613 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:1620 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1616 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:1623 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1589 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:1596 sssd-session-recording.5.xml:67 msgid "" "One of the following strings specifying the scope of session recording: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1623 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:1630 sssd-session-recording.5.xml:101 #, fuzzy #| msgid "Default: 3" msgid "Default: \"none\"" msgstr "Standaard: 3" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1628 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:1635 sssd-session-recording.5.xml:106 #, fuzzy #| msgid "re_expression (string)" msgid "users (string)" msgstr "re_expression (tekst)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1631 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:1638 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording enabled. " "Matches user names as returned by NSS. I.e. after the possible space " @@ -2106,19 +2114,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1637 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:1644 sssd-session-recording.5.xml:115 msgid "Default: Empty. Matches no users." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1642 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:1649 sssd-session-recording.5.xml:120 #, fuzzy #| msgid "re_expression (string)" msgid "groups (string)" msgstr "re_expression (tekst)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1645 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:1652 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " @@ -2126,7 +2134,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1651 sssd-session-recording.5.xml:129 +#: sssd.conf.5.xml:1658 sssd-session-recording.5.xml:129 msgid "" "NOTE: using this option (having it set to anything) has a considerable " "performance cost, because each uncached request for a user requires " @@ -2134,22 +2142,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1658 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:1665 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1668 +#: sssd.conf.5.xml:1675 msgid "DOMAIN SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1675 +#: sssd.conf.5.xml:1682 msgid "domain_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1678 +#: sssd.conf.5.xml:1685 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " @@ -2158,14 +2166,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1686 +#: sssd.conf.5.xml:1693 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1690 +#: sssd.conf.5.xml:1697 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " @@ -2174,38 +2182,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1698 +#: sssd.conf.5.xml:1705 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1702 +#: sssd.conf.5.xml:1709 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1706 +#: sssd.conf.5.xml:1713 msgid "Default: posix" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1712 +#: sssd.conf.5.xml:1719 msgid "min_id,max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1715 +#: sssd.conf.5.xml:1722 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1720 +#: sssd.conf.5.xml:1727 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -2214,46 +2222,55 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1727 +#: sssd.conf.5.xml:1734 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1731 +#: sssd.conf.5.xml:1738 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1737 +#: sssd.conf.5.xml:1744 msgid "enumerate (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1740 +#: sssd.conf.5.xml:1747 msgid "" -"Determines if a domain can be enumerated. This parameter can have one of the " -"following values:" +"Determines if a domain can be enumerated, that is, whether the domain can " +"list all the users and group it contains. Note that it is not required to " +"enable enumeration in order for secondary groups to be displayed. This " +"parameter can have one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1744 +#: sssd.conf.5.xml:1755 msgid "TRUE = Users and groups are enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1747 +#: sssd.conf.5.xml:1758 msgid "FALSE = No enumerations for this domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1750 sssd.conf.5.xml:1965 sssd.conf.5.xml:2132 +#: sssd.conf.5.xml:1761 sssd.conf.5.xml:1983 sssd.conf.5.xml:2150 msgid "Default: FALSE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1753 +#: sssd.conf.5.xml:1764 +msgid "" +"Enumerating a domain requires SSSD to download and store ALL user and group " +"entries from the remote server." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1769 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -2261,18 +2278,20 @@ msgid "" "information will go directly to LDAP, though it may be slow, due to the " "heavy enumeration processing. Saving a large number of entries to cache " "after the enumeration completes might also be CPU intensive as the " -"memberships have to be recomputed." +"memberships have to be recomputed. This can lead to the <quote>sssd_be</" +"quote> process becoming unresponsive or even restarted by the internal " +"watchdog." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1766 +#: sssd.conf.5.xml:1784 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1771 +#: sssd.conf.5.xml:1789 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -2281,39 +2300,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1779 +#: sssd.conf.5.xml:1797 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1787 +#: sssd.conf.5.xml:1805 msgid "subdomain_enumerate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1794 +#: sssd.conf.5.xml:1812 msgid "all" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1795 +#: sssd.conf.5.xml:1813 msgid "All discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1798 +#: sssd.conf.5.xml:1816 msgid "none" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1799 +#: sssd.conf.5.xml:1817 msgid "No discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1790 +#: sssd.conf.5.xml:1808 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -2322,19 +2341,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1813 +#: sssd.conf.5.xml:1831 msgid "entry_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1816 +#: sssd.conf.5.xml:1834 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1820 +#: sssd.conf.5.xml:1838 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -2345,151 +2364,151 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1833 +#: sssd.conf.5.xml:1851 msgid "Default: 5400" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1839 +#: sssd.conf.5.xml:1857 msgid "entry_cache_user_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1842 +#: sssd.conf.5.xml:1860 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1846 sssd.conf.5.xml:1859 sssd.conf.5.xml:1872 -#: sssd.conf.5.xml:1885 sssd.conf.5.xml:1898 sssd.conf.5.xml:1912 -#: sssd.conf.5.xml:1926 +#: sssd.conf.5.xml:1864 sssd.conf.5.xml:1877 sssd.conf.5.xml:1890 +#: sssd.conf.5.xml:1903 sssd.conf.5.xml:1916 sssd.conf.5.xml:1930 +#: sssd.conf.5.xml:1944 msgid "Default: entry_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1852 +#: sssd.conf.5.xml:1870 msgid "entry_cache_group_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1855 +#: sssd.conf.5.xml:1873 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1865 +#: sssd.conf.5.xml:1883 msgid "entry_cache_netgroup_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1868 +#: sssd.conf.5.xml:1886 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1878 +#: sssd.conf.5.xml:1896 msgid "entry_cache_service_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1881 +#: sssd.conf.5.xml:1899 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1891 +#: sssd.conf.5.xml:1909 msgid "entry_cache_sudo_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1894 +#: sssd.conf.5.xml:1912 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1904 +#: sssd.conf.5.xml:1922 msgid "entry_cache_autofs_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1907 +#: sssd.conf.5.xml:1925 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1918 +#: sssd.conf.5.xml:1936 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1921 +#: sssd.conf.5.xml:1939 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1932 +#: sssd.conf.5.xml:1950 msgid "refresh_expired_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1935 +#: sssd.conf.5.xml:1953 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1940 +#: sssd.conf.5.xml:1958 msgid "" "The background refresh will process users, groups and netgroups in the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1944 +#: sssd.conf.5.xml:1962 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1948 sssd-ldap.5.xml:746 sssd-ipa.5.xml:248 +#: sssd.conf.5.xml:1966 sssd-ldap.5.xml:746 sssd-ipa.5.xml:254 msgid "Default: 0 (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1954 +#: sssd.conf.5.xml:1972 msgid "cache_credentials (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1957 +#: sssd.conf.5.xml:1975 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1961 +#: sssd.conf.5.xml:1979 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1971 +#: sssd.conf.5.xml:1989 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1974 +#: sssd.conf.5.xml:1992 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " @@ -2497,24 +2516,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1981 +#: sssd.conf.5.xml:1999 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1986 +#: sssd.conf.5.xml:2004 msgid "Default: 8" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1992 +#: sssd.conf.5.xml:2010 msgid "account_cache_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1995 +#: sssd.conf.5.xml:2013 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -2523,17 +2542,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2002 +#: sssd.conf.5.xml:2020 msgid "Default: 0 (unlimited)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2007 +#: sssd.conf.5.xml:2025 msgid "pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2018 +#: sssd.conf.5.xml:2036 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -2542,33 +2561,33 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2025 +#: sssd.conf.5.xml:2043 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2031 +#: sssd.conf.5.xml:2049 msgid "id_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2034 +#: sssd.conf.5.xml:2052 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2038 +#: sssd.conf.5.xml:2056 msgid "<quote>proxy</quote>: Support a legacy NSS provider" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2041 sssd.conf.5.xml:2178 +#: sssd.conf.5.xml:2059 sssd.conf.5.xml:2196 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2045 +#: sssd.conf.5.xml:2063 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -2576,8 +2595,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2053 sssd.conf.5.xml:2158 sssd.conf.5.xml:2213 -#: sssd.conf.5.xml:2276 +#: sssd.conf.5.xml:2071 sssd.conf.5.xml:2176 sssd.conf.5.xml:2231 +#: sssd.conf.5.xml:2294 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -2586,8 +2605,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2062 sssd.conf.5.xml:2167 sssd.conf.5.xml:2222 -#: sssd.conf.5.xml:2285 +#: sssd.conf.5.xml:2080 sssd.conf.5.xml:2185 sssd.conf.5.xml:2240 +#: sssd.conf.5.xml:2303 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2595,19 +2614,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2073 +#: sssd.conf.5.xml:2091 msgid "use_fully_qualified_names (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2076 +#: sssd.conf.5.xml:2094 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2081 +#: sssd.conf.5.xml:2099 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -2616,7 +2635,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2089 +#: sssd.conf.5.xml:2107 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -2624,22 +2643,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2096 +#: sssd.conf.5.xml:2114 msgid "Default: FALSE (TRUE if default_domain_suffix is used)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2102 +#: sssd.conf.5.xml:2120 msgid "ignore_group_members (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2105 +#: sssd.conf.5.xml:2123 msgid "Do not return group members for group lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2108 +#: sssd.conf.5.xml:2126 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -2651,7 +2670,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2126 +#: sssd.conf.5.xml:2144 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " @@ -2659,19 +2678,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2137 +#: sssd.conf.5.xml:2155 msgid "auth_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2140 +#: sssd.conf.5.xml:2158 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2144 sssd.conf.5.xml:2206 +#: sssd.conf.5.xml:2162 sssd.conf.5.xml:2224 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2679,7 +2698,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2151 +#: sssd.conf.5.xml:2169 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2687,30 +2706,30 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2175 +#: sssd.conf.5.xml:2193 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2182 +#: sssd.conf.5.xml:2200 msgid "<quote>none</quote> disables authentication explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2185 +#: sssd.conf.5.xml:2203 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2191 +#: sssd.conf.5.xml:2209 msgid "access_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2194 +#: sssd.conf.5.xml:2212 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -2718,19 +2737,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2200 +#: sssd.conf.5.xml:2218 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2203 +#: sssd.conf.5.xml:2221 msgid "<quote>deny</quote> always deny access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2230 +#: sssd.conf.5.xml:2248 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -2739,7 +2758,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2237 +#: sssd.conf.5.xml:2255 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum></" @@ -2747,29 +2766,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2244 +#: sssd.conf.5.xml:2262 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2247 +#: sssd.conf.5.xml:2265 msgid "Default: <quote>permit</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2252 +#: sssd.conf.5.xml:2270 msgid "chpass_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2255 +#: sssd.conf.5.xml:2273 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2260 +#: sssd.conf.5.xml:2278 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -2777,7 +2796,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2268 +#: sssd.conf.5.xml:2286 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2785,35 +2804,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2293 +#: sssd.conf.5.xml:2311 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2297 +#: sssd.conf.5.xml:2315 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2300 +#: sssd.conf.5.xml:2318 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2307 +#: sssd.conf.5.xml:2325 msgid "sudo_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2310 +#: sssd.conf.5.xml:2328 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2314 +#: sssd.conf.5.xml:2332 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2821,32 +2840,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2322 +#: sssd.conf.5.xml:2340 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2326 +#: sssd.conf.5.xml:2344 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2330 +#: sssd.conf.5.xml:2348 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2333 sssd.conf.5.xml:2411 sssd.conf.5.xml:2476 -#: sssd.conf.5.xml:2501 +#: sssd.conf.5.xml:2351 sssd.conf.5.xml:2437 sssd.conf.5.xml:2507 +#: sssd.conf.5.xml:2532 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2337 +#: sssd.conf.5.xml:2355 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -2856,13 +2875,22 @@ msgid "" "<manvolnum>5</manvolnum> </citerefentry>." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2370 +msgid "" +"<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " +"background unless the sudo provider is explicitly disabled. Set " +"<emphasis>sudo_provider = None</emphasis> to disable all sudo-related " +"activity in SSSD if you do not want to use sudo with SSSD at all." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2354 +#: sssd.conf.5.xml:2380 msgid "selinux_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2357 +#: sssd.conf.5.xml:2383 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -2870,7 +2898,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2363 +#: sssd.conf.5.xml:2389 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -2878,31 +2906,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2371 +#: sssd.conf.5.xml:2397 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2374 +#: sssd.conf.5.xml:2400 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2380 +#: sssd.conf.5.xml:2406 msgid "subdomains_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2383 +#: sssd.conf.5.xml:2409 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2389 +#: sssd.conf.5.xml:2415 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -2910,7 +2938,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2398 +#: sssd.conf.5.xml:2424 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -2919,19 +2947,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2407 +#: sssd.conf.5.xml:2433 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2417 +#: sssd.conf.5.xml:2443 #, fuzzy #| msgid "re_expression (string)" msgid "session_provider (string)" msgstr "re_expression (tekst)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2420 +#: sssd.conf.5.xml:2446 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " @@ -2939,36 +2967,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2427 +#: sssd.conf.5.xml:2453 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2431 +#: sssd.conf.5.xml:2457 msgid "" "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2435 +#: sssd.conf.5.xml:2461 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can perform " "session related tasks." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2465 +msgid "" +"<emphasis>NOTE:</emphasis> In order to have this feature working as expected " +"SSSD must be running as \"root\" and not as the unprivileged user." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2442 +#: sssd.conf.5.xml:2473 msgid "autofs_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2445 +#: sssd.conf.5.xml:2476 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2449 +#: sssd.conf.5.xml:2480 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2976,7 +3011,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2456 +#: sssd.conf.5.xml:2487 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2984,7 +3019,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2464 +#: sssd.conf.5.xml:2495 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2992,24 +3027,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2473 +#: sssd.conf.5.xml:2504 msgid "<quote>none</quote> disables autofs explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2483 +#: sssd.conf.5.xml:2514 msgid "hostid_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2486 +#: sssd.conf.5.xml:2517 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2490 +#: sssd.conf.5.xml:2521 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3017,12 +3052,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2498 +#: sssd.conf.5.xml:2529 msgid "<quote>none</quote> disables hostid explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2511 +#: sssd.conf.5.xml:2542 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -3032,7 +3067,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2520 +#: sssd.conf.5.xml:2551 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -3041,29 +3076,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2525 +#: sssd.conf.5.xml:2556 msgid "username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2528 +#: sssd.conf.5.xml:2559 msgid "username@domain.name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2531 +#: sssd.conf.5.xml:2562 msgid "domain\\username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2534 +#: sssd.conf.5.xml:2565 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2539 +#: sssd.conf.5.xml:2570 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -3074,7 +3109,7 @@ msgstr "" "het domein alles daarna\"" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2545 +#: sssd.conf.5.xml:2576 msgid "" "PLEASE NOTE: the support for non-unique named subpatterns is not available " "on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre " @@ -3082,7 +3117,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2552 +#: sssd.conf.5.xml:2583 msgid "" "PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?" "P<name>) to label subpatterns." @@ -3091,59 +3126,59 @@ msgstr "" "(?P<name>) om subpatronen aan te geven." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2599 +#: sssd.conf.5.xml:2630 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "Standaard: <quote>%1$s@%2$s</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2605 +#: sssd.conf.5.xml:2636 msgid "lookup_family_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2608 +#: sssd.conf.5.xml:2639 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2612 +#: sssd.conf.5.xml:2643 msgid "Supported values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2615 +#: sssd.conf.5.xml:2646 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2618 +#: sssd.conf.5.xml:2649 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2621 +#: sssd.conf.5.xml:2652 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2624 +#: sssd.conf.5.xml:2655 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2627 +#: sssd.conf.5.xml:2658 msgid "Default: ipv4_first" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2633 +#: sssd.conf.5.xml:2664 msgid "dns_resolver_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2636 +#: sssd.conf.5.xml:2667 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the " "internal fail over service before assuming that the service is unreachable. " @@ -3152,77 +3187,77 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2643 +#: sssd.conf.5.xml:2674 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2648 sssd-ldap.5.xml:1278 sssd-ldap.5.xml:1320 -#: sssd-ldap.5.xml:1338 sssd-krb5.5.xml:248 +#: sssd.conf.5.xml:2679 sssd-ldap.5.xml:1396 sssd-ldap.5.xml:1438 +#: sssd-ldap.5.xml:1456 sssd-krb5.5.xml:248 msgid "Default: 6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2654 +#: sssd.conf.5.xml:2685 msgid "dns_discovery_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2657 +#: sssd.conf.5.xml:2688 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2661 +#: sssd.conf.5.xml:2692 msgid "Default: Use the domain part of machine's hostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2667 +#: sssd.conf.5.xml:2698 msgid "override_gid (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2670 +#: sssd.conf.5.xml:2701 msgid "Override the primary GID value with the one specified." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2676 +#: sssd.conf.5.xml:2707 msgid "case_sensitive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2684 +#: sssd.conf.5.xml:2715 msgid "True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2687 +#: sssd.conf.5.xml:2718 msgid "Case sensitive. This value is invalid for AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2693 +#: sssd.conf.5.xml:2724 msgid "False" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2695 +#: sssd.conf.5.xml:2726 msgid "Case insensitive." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2699 +#: sssd.conf.5.xml:2730 msgid "Preserving" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2702 +#: sssd.conf.5.xml:2733 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " @@ -3230,7 +3265,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2679 +#: sssd.conf.5.xml:2710 msgid "" "Treat user and group names as case sensitive. At the moment, this option is " "not supported in the local provider. Possible option values are: " @@ -3238,17 +3273,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2714 +#: sssd.conf.5.xml:2745 msgid "Default: True (False for AD provider)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2720 +#: sssd.conf.5.xml:2751 msgid "subdomain_inherit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2723 +#: sssd.conf.5.xml:2754 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " @@ -3256,34 +3291,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2729 +#: sssd.conf.5.xml:2760 msgid "ignore_group_members" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2732 +#: sssd.conf.5.xml:2763 msgid "ldap_purge_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2735 sssd-ldap.5.xml:1111 +#: sssd.conf.5.xml:2766 sssd-ldap.5.xml:1120 msgid "ldap_use_tokengroups" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2738 +#: sssd.conf.5.xml:2769 msgid "ldap_user_principal" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2741 +#: sssd.conf.5.xml:2772 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:2747 +#: sssd.conf.5.xml:2778 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" @@ -3291,32 +3326,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2745 sssd-secrets.5.xml:448 +#: sssd.conf.5.xml:2776 sssd-secrets.5.xml:448 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2754 +#: sssd.conf.5.xml:2785 msgid "Note: This option only works with the IPA and AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2761 +#: sssd.conf.5.xml:2792 msgid "subdomain_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2772 +#: sssd.conf.5.xml:2803 msgid "%F" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2773 +#: sssd.conf.5.xml:2804 msgid "flat (NetBIOS) name of a subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2764 +#: sssd.conf.5.xml:2795 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -3326,34 +3361,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2778 +#: sssd.conf.5.xml:2809 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2782 +#: sssd.conf.5.xml:2813 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2787 +#: sssd.conf.5.xml:2818 msgid "realmd_tags (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2790 +#: sssd.conf.5.xml:2821 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2796 +#: sssd.conf.5.xml:2827 msgid "cached_auth_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2799 +#: sssd.conf.5.xml:2830 msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " @@ -3361,20 +3396,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2805 +#: sssd.conf.5.xml:2836 msgid "Special value 0 implies that this feature is disabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2809 +#: sssd.conf.5.xml:2840 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " "<quote>initgroups.</quote>" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2851 +msgid "auto_private_groups (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2854 +msgid "" +"If this option is enabled, SSSD will automatically create user private " +"groups based on user's UID number. The GID number is ignored in this case." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2859 +msgid "" +"For POSIX subdomains, setting the option in the main domain is inherited in " +"the subdomain." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2863 +msgid "" +"For ID-mapping subdomains, auto_private_groups is already enabled for the " +"subdomains and setting it to false will not have any effect for the " +"subdomain." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2868 +msgid "" +"NOTE: Because the GID number and the user private group are inferred from " +"the UID number, it is not supported to have multiple entries with the same " +"UID or GID number with this option. In other words, enabling this option " +"enforces uniqueness across the ID space." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1670 +#: sssd.conf.5.xml:1677 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -3382,29 +3453,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2827 +#: sssd.conf.5.xml:2887 msgid "proxy_pam_target (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2830 +#: sssd.conf.5.xml:2890 msgid "The proxy target PAM proxies to." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2833 +#: sssd.conf.5.xml:2893 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2841 +#: sssd.conf.5.xml:2901 msgid "proxy_lib_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2844 +#: sssd.conf.5.xml:2904 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -3412,12 +3483,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2854 +#: sssd.conf.5.xml:2914 msgid "proxy_fast_alias (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2857 +#: sssd.conf.5.xml:2917 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -3426,12 +3497,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2871 +#: sssd.conf.5.xml:2931 msgid "proxy_max_children (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2874 +#: sssd.conf.5.xml:2934 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " @@ -3439,19 +3510,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:2823 +#: sssd.conf.5.xml:2883 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2890 +#: sssd.conf.5.xml:2950 msgid "Application domains" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2892 +#: sssd.conf.5.xml:2952 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> <refentrytitle>sssd-ifp</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) is appealing to " @@ -3468,7 +3539,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2912 +#: sssd.conf.5.xml:2972 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " @@ -3476,17 +3547,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:2918 +#: sssd.conf.5.xml:2978 msgid "Application domain parameters" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2920 +#: sssd.conf.5.xml:2980 msgid "inherit_from (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2923 +#: sssd.conf.5.xml:2983 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " @@ -3495,7 +3566,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2937 +#: sssd.conf.5.xml:2997 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " @@ -3505,7 +3576,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:2945 +#: sssd.conf.5.xml:3005 #, no-wrap msgid "" "[sssd]\n" @@ -3525,12 +3596,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2963 +#: sssd.conf.5.xml:3023 msgid "The local domain section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2965 +#: sssd.conf.5.xml:3025 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -3538,73 +3609,73 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2972 +#: sssd.conf.5.xml:3032 msgid "default_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2975 +#: sssd.conf.5.xml:3035 msgid "The default shell for users created with SSSD userspace tools." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2979 +#: sssd.conf.5.xml:3039 msgid "Default: <filename>/bin/bash</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2984 +#: sssd.conf.5.xml:3044 msgid "base_directory (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2987 +#: sssd.conf.5.xml:3047 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2992 +#: sssd.conf.5.xml:3052 msgid "Default: <filename>/home</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2997 +#: sssd.conf.5.xml:3057 msgid "create_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3000 +#: sssd.conf.5.xml:3060 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3004 sssd.conf.5.xml:3016 +#: sssd.conf.5.xml:3064 sssd.conf.5.xml:3076 msgid "Default: TRUE" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3009 +#: sssd.conf.5.xml:3069 msgid "remove_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3012 +#: sssd.conf.5.xml:3072 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3021 +#: sssd.conf.5.xml:3081 msgid "homedir_umask (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3024 +#: sssd.conf.5.xml:3084 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -3612,17 +3683,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3032 +#: sssd.conf.5.xml:3092 msgid "Default: 077" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3037 +#: sssd.conf.5.xml:3097 msgid "skel_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3040 +#: sssd.conf.5.xml:3100 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -3631,17 +3702,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3050 +#: sssd.conf.5.xml:3110 msgid "Default: <filename>/etc/skel</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3055 +#: sssd.conf.5.xml:3115 msgid "mail_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3058 +#: sssd.conf.5.xml:3118 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -3649,17 +3720,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3065 +#: sssd.conf.5.xml:3125 msgid "Default: <filename>/var/mail</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3070 +#: sssd.conf.5.xml:3130 msgid "userdel_cmd (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3073 +#: sssd.conf.5.xml:3133 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -3667,17 +3738,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3079 +#: sssd.conf.5.xml:3139 msgid "Default: None, no command is run" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3089 +#: sssd.conf.5.xml:3149 msgid "TRUSTED DOMAIN SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3091 +#: sssd.conf.5.xml:3151 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called <quote>[domain/" @@ -3688,64 +3759,64 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3098 +#: sssd.conf.5.xml:3158 msgid "ldap_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3099 +#: sssd.conf.5.xml:3159 msgid "ldap_user_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3100 +#: sssd.conf.5.xml:3160 msgid "ldap_group_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3101 +#: sssd.conf.5.xml:3161 msgid "ldap_netgroup_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3102 +#: sssd.conf.5.xml:3162 msgid "ldap_service_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3103 +#: sssd.conf.5.xml:3163 msgid "ad_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3104 +#: sssd.conf.5.xml:3164 msgid "ad_backup_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3105 +#: sssd.conf.5.xml:3165 msgid "ad_site," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3106 +#: sssd.conf.5.xml:3166 msgid "use_fully_qualified_names" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3108 +#: sssd.conf.5.xml:3168 msgid "" "For more details about these options see their individual description in the " "manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3114 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:3174 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3120 +#: sssd.conf.5.xml:3180 #, no-wrap msgid "" "[sssd]\n" @@ -3775,7 +3846,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3116 +#: sssd.conf.5.xml:3176 msgid "" "1. The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -3784,7 +3855,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3153 +#: sssd.conf.5.xml:3213 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" @@ -3792,7 +3863,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3147 +#: sssd.conf.5.xml:3207 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -3840,7 +3911,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:75 sssd-ad.5.xml:99 +#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:81 sssd-ad.5.xml:112 #: sssd-krb5.5.xml:63 sssd-ifp.5.xml:44 sssd-files.5.xml:57 #: sssd-secrets.5.xml:120 sssd-session-recording.5.xml:58 sssd-kcm.8.xml:139 msgid "CONFIGURATION OPTIONS" @@ -3941,7 +4012,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:662 sssd-ad.5.xml:270 +#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:662 sssd-ad.5.xml:283 #: sss_override.8.xml:137 sss_override.8.xml:234 msgid "Examples:" msgstr "" @@ -4142,7 +4213,7 @@ msgid "The LDAP attribute that corresponds to the user's primary group id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:297 sssd-ldap.5.xml:920 +#: sssd-ldap.5.xml:297 sssd-ldap.5.xml:929 msgid "Default: gidNumber" msgstr "" @@ -4220,7 +4291,7 @@ msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:364 sssd-ldap.5.xml:946 +#: sssd-ldap.5.xml:364 sssd-ldap.5.xml:955 msgid "" "Default: not set in the general case, objectGUID for AD and ipaUniqueID for " "IPA" @@ -4239,7 +4310,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:379 sssd-ldap.5.xml:961 +#: sssd-ldap.5.xml:379 sssd-ldap.5.xml:970 msgid "Default: objectSid for ActiveDirectory, not set for other servers." msgstr "" @@ -4249,14 +4320,14 @@ msgid "ldap_user_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:389 sssd-ldap.5.xml:971 sssd-ldap.5.xml:1194 +#: sssd-ldap.5.xml:389 sssd-ldap.5.xml:980 sssd-ldap.5.xml:1203 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:393 sssd-ldap.5.xml:975 sssd-ldap.5.xml:1201 +#: sssd-ldap.5.xml:393 sssd-ldap.5.xml:984 sssd-ldap.5.xml:1210 msgid "Default: modifyTimestamp" msgstr "" @@ -4588,7 +4659,7 @@ msgid "The LDAP attribute that contains the user's SSH public keys." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:692 +#: sssd-ldap.5.xml:692 sssd-ldap.5.xml:1306 msgid "Default: sshPublicKey" msgstr "" @@ -4651,8 +4722,8 @@ msgid "The LDAP attribute that corresponds to the user's full name." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:759 sssd-ldap.5.xml:1152 sssd-ldap.5.xml:1226 -#: sssd-ldap.5.xml:2276 sssd-ipa.5.xml:588 +#: sssd-ldap.5.xml:759 sssd-ldap.5.xml:1161 sssd-ldap.5.xml:1235 +#: sssd-ldap.5.xml:1344 sssd-ldap.5.xml:2394 sssd-ipa.5.xml:607 msgid "Default: cn" msgstr "" @@ -4667,7 +4738,7 @@ msgid "The LDAP attribute that lists the user's group memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:772 +#: sssd-ldap.5.xml:772 sssd-ldap.5.xml:1274 msgid "Default: memberOf" msgstr "" @@ -4799,105 +4870,115 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:881 +msgid "" +"Note: If an email address of a user conflicts with an email address or fully " +"qualified name of another user, then SSSD will not be able to serve those " +"users properly. If for some reason several users need to share the same " +"email address then set this option to a nonexistent attribute name in order " +"to disable user lookup/login by email." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:890 msgid "Default: mail" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:887 +#: sssd-ldap.5.xml:896 msgid "ldap_group_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:890 +#: sssd-ldap.5.xml:899 msgid "The object class of a group entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:893 +#: sssd-ldap.5.xml:902 msgid "Default: posixGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:899 +#: sssd-ldap.5.xml:908 msgid "ldap_group_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:902 +#: sssd-ldap.5.xml:911 msgid "The LDAP attribute that corresponds to the group name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:906 +#: sssd-ldap.5.xml:915 msgid "Default: cn (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:913 +#: sssd-ldap.5.xml:922 msgid "ldap_group_gid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:916 +#: sssd-ldap.5.xml:925 msgid "The LDAP attribute that corresponds to the group's id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:926 +#: sssd-ldap.5.xml:935 msgid "ldap_group_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:929 +#: sssd-ldap.5.xml:938 msgid "The LDAP attribute that contains the names of the group's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:933 +#: sssd-ldap.5.xml:942 msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:939 +#: sssd-ldap.5.xml:948 msgid "ldap_group_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:942 +#: sssd-ldap.5.xml:951 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:953 +#: sssd-ldap.5.xml:962 msgid "ldap_group_objectsid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:956 +#: sssd-ldap.5.xml:965 msgid "" "The LDAP attribute that contains the objectSID of an LDAP group object. This " "is usually only necessary for ActiveDirectory servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:968 +#: sssd-ldap.5.xml:977 msgid "ldap_group_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:981 +#: sssd-ldap.5.xml:990 msgid "ldap_group_type (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:984 +#: sssd-ldap.5.xml:993 msgid "" "The LDAP attribute that contains an integer value indicating the type of the " "group and maybe other flags." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:989 +#: sssd-ldap.5.xml:998 msgid "" "This attribute is currently only used by the AD provider to determine if a " "group is a domain local groups and has to be filtered out for trusted " @@ -4905,34 +4986,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:995 +#: sssd-ldap.5.xml:1004 msgid "Default: groupType in the AD provider, otherwise not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1002 +#: sssd-ldap.5.xml:1011 msgid "ldap_group_external_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1005 +#: sssd-ldap.5.xml:1014 msgid "" "The LDAP attribute that references group members that are defined in an " "external domain. At the moment, only IPA's external members are supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1011 +#: sssd-ldap.5.xml:1020 msgid "Default: ipaExternalMember in the IPA provider, otherwise unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1018 +#: sssd-ldap.5.xml:1027 msgid "ldap_group_nesting_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1021 +#: sssd-ldap.5.xml:1030 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -4940,7 +5021,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1028 +#: sssd-ldap.5.xml:1037 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -4950,7 +5031,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1037 +#: sssd-ldap.5.xml:1046 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " @@ -4960,17 +5041,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1046 +#: sssd-ldap.5.xml:1055 msgid "Default: 2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1052 +#: sssd-ldap.5.xml:1061 msgid "ldap_groups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1055 +#: sssd-ldap.5.xml:1064 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which may speed up group lookup operations on deployments with " @@ -4978,14 +5059,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1061 +#: sssd-ldap.5.xml:1070 msgid "" "In most common cases, it is best to leave this option disabled. It generally " "only provides a performance increase on very complex nestings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1066 sssd-ldap.5.xml:1093 +#: sssd-ldap.5.xml:1075 sssd-ldap.5.xml:1102 msgid "" "If this option is enabled, SSSD will use it if it detects that the server " "supports it during initial connection. So \"True\" here essentially means " @@ -4993,7 +5074,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1072 sssd-ldap.5.xml:1099 +#: sssd-ldap.5.xml:1081 sssd-ldap.5.xml:1108 msgid "" "Note: This feature is currently known to work only with Active Directory " "2008 R1 and later. See <ulink url=\"http://msdn.microsoft.com/en-us/library/" @@ -5002,12 +5083,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1084 +#: sssd-ldap.5.xml:1093 msgid "ldap_initgroups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1087 +#: sssd-ldap.5.xml:1096 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which might speed up initgroups operations (most notably when " @@ -5015,168 +5096,274 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1114 +#: sssd-ldap.5.xml:1123 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1119 +#: sssd-ldap.5.xml:1128 msgid "Default: True for AD and IPA otherwise False." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1125 +#: sssd-ldap.5.xml:1134 msgid "ldap_netgroup_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1128 +#: sssd-ldap.5.xml:1137 msgid "The object class of a netgroup entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1131 +#: sssd-ldap.5.xml:1140 msgid "In IPA provider, ipa_netgroup_object_class should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1135 +#: sssd-ldap.5.xml:1144 msgid "Default: nisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1141 +#: sssd-ldap.5.xml:1150 msgid "ldap_netgroup_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1144 +#: sssd-ldap.5.xml:1153 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1148 +#: sssd-ldap.5.xml:1157 msgid "In IPA provider, ipa_netgroup_name should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1158 +#: sssd-ldap.5.xml:1167 msgid "ldap_netgroup_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1161 +#: sssd-ldap.5.xml:1170 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1165 +#: sssd-ldap.5.xml:1174 msgid "In IPA provider, ipa_netgroup_member should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1169 +#: sssd-ldap.5.xml:1178 msgid "Default: memberNisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1175 +#: sssd-ldap.5.xml:1184 msgid "ldap_netgroup_triple (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1178 +#: sssd-ldap.5.xml:1187 msgid "" "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1182 sssd-ldap.5.xml:1198 +#: sssd-ldap.5.xml:1191 sssd-ldap.5.xml:1207 msgid "This option is not available in IPA provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1185 +#: sssd-ldap.5.xml:1194 msgid "Default: nisNetgroupTriple" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1191 +#: sssd-ldap.5.xml:1200 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1207 -msgid "ldap_service_object_class (string)" +#: sssd-ldap.5.xml:1216 +msgid "ldap_host_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1210 -msgid "The object class of a service entry in LDAP." +#: sssd-ldap.5.xml:1219 +msgid "The object class of a host entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1213 +#: sssd-ldap.5.xml:1222 sssd-ldap.5.xml:1331 msgid "Default: ipService" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1219 +#: sssd-ldap.5.xml:1228 +#, fuzzy +#| msgid "full_name_format (string)" +msgid "ldap_host_name (string)" +msgstr "full_name_format (tekst)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1231 sssd-ldap.5.xml:1257 +msgid "The LDAP attribute that corresponds to the host's name." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1241 +msgid "ldap_host_fqdn (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1244 +msgid "" +"The LDAP attribute that corresponds to the host's fully-qualified domain " +"name." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1248 +#, fuzzy +#| msgid "Default: 3" +msgid "Default: fqdn" +msgstr "Standaard: 3" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1254 +msgid "ldap_host_serverhostname (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1261 +#, fuzzy +#| msgid "Default: true" +msgid "Default: serverHostname" +msgstr "Standaard: true" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1267 +msgid "ldap_host_member_of (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1270 +msgid "The LDAP attribute that lists the host's group memberships." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1280 +msgid "ldap_host_search_base (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1283 +msgid "Optional. Use the given string as search base for host objects." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1287 sssd-ipa.5.xml:359 sssd-ipa.5.xml:378 +#: sssd-ipa.5.xml:397 sssd-ipa.5.xml:416 +msgid "" +"See <quote>ldap_search_base</quote> for information about configuring " +"multiple search bases." +msgstr "" + +#. type: Content of: <listitem><para> +#: sssd-ldap.5.xml:1292 sssd-ipa.5.xml:364 include/ldap_search_bases.xml:27 +msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1299 +msgid "ldap_host_ssh_public_key (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1302 +msgid "The LDAP attribute that contains the host's SSH public keys." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1312 +msgid "ldap_host_uuid (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1315 +msgid "The LDAP attribute that contains the UUID/GUID of an LDAP host object." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1325 +msgid "ldap_service_object_class (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1328 +msgid "The object class of a service entry in LDAP." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1337 msgid "ldap_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1222 +#: sssd-ldap.5.xml:1340 msgid "" "The LDAP attribute that contains the name of service attributes and their " "aliases." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1232 +#: sssd-ldap.5.xml:1350 msgid "ldap_service_port (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1235 +#: sssd-ldap.5.xml:1353 msgid "The LDAP attribute that contains the port managed by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1239 +#: sssd-ldap.5.xml:1357 msgid "Default: ipServicePort" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1245 +#: sssd-ldap.5.xml:1363 msgid "ldap_service_proto (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1248 +#: sssd-ldap.5.xml:1366 msgid "" "The LDAP attribute that contains the protocols understood by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1252 +#: sssd-ldap.5.xml:1370 msgid "Default: ipServiceProtocol" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1258 +#: sssd-ldap.5.xml:1376 msgid "ldap_service_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1263 +#: sssd-ldap.5.xml:1381 msgid "ldap_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1266 +#: sssd-ldap.5.xml:1384 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -5184,7 +5371,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1272 +#: sssd-ldap.5.xml:1390 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -5192,12 +5379,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1284 +#: sssd-ldap.5.xml:1402 msgid "ldap_enumeration_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1287 +#: sssd-ldap.5.xml:1405 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -5205,12 +5392,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1300 +#: sssd-ldap.5.xml:1418 msgid "ldap_network_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1303 +#: sssd-ldap.5.xml:1421 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -5221,12 +5408,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1326 +#: sssd-ldap.5.xml:1444 msgid "ldap_opt_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1329 +#: sssd-ldap.5.xml:1447 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -5235,12 +5422,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1344 +#: sssd-ldap.5.xml:1462 msgid "ldap_connection_expire_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1347 +#: sssd-ldap.5.xml:1465 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -5249,34 +5436,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1355 sssd-ldap.5.xml:2433 +#: sssd-ldap.5.xml:1473 sssd-ldap.5.xml:2551 msgid "Default: 900 (15 minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1361 +#: sssd-ldap.5.xml:1479 msgid "ldap_page_size (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1364 +#: sssd-ldap.5.xml:1482 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1369 +#: sssd-ldap.5.xml:1487 msgid "Default: 1000" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1375 +#: sssd-ldap.5.xml:1493 msgid "ldap_disable_paging (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1378 +#: sssd-ldap.5.xml:1496 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -5284,14 +5471,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1384 +#: sssd-ldap.5.xml:1502 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1390 +#: sssd-ldap.5.xml:1508 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -5299,17 +5486,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1402 +#: sssd-ldap.5.xml:1520 msgid "ldap_disable_range_retrieval (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1405 +#: sssd-ldap.5.xml:1523 msgid "Disable Active Directory range retrieval." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1408 +#: sssd-ldap.5.xml:1526 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -5319,12 +5506,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1423 +#: sssd-ldap.5.xml:1541 msgid "ldap_sasl_minssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1426 +#: sssd-ldap.5.xml:1544 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -5332,17 +5519,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1432 +#: sssd-ldap.5.xml:1550 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1439 +#: sssd-ldap.5.xml:1557 msgid "ldap_deref_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1442 +#: sssd-ldap.5.xml:1560 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -5350,13 +5537,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1448 +#: sssd-ldap.5.xml:1566 msgid "" "You can turn off dereference lookups completely by setting the value to 0." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1452 +#: sssd-ldap.5.xml:1570 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -5365,7 +5552,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1460 +#: sssd-ldap.5.xml:1578 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -5373,26 +5560,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1473 +#: sssd-ldap.5.xml:1591 msgid "ldap_tls_reqcert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1476 +#: sssd-ldap.5.xml:1594 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1482 +#: sssd-ldap.5.xml:1600 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1486 +#: sssd-ldap.5.xml:1604 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5400,7 +5587,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1493 +#: sssd-ldap.5.xml:1611 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5408,7 +5595,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1499 +#: sssd-ldap.5.xml:1617 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -5416,41 +5603,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1505 +#: sssd-ldap.5.xml:1623 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1509 +#: sssd-ldap.5.xml:1627 msgid "Default: hard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1515 +#: sssd-ldap.5.xml:1633 msgid "ldap_tls_cacert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1518 +#: sssd-ldap.5.xml:1636 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1523 sssd-ldap.5.xml:1541 sssd-ldap.5.xml:1582 +#: sssd-ldap.5.xml:1641 sssd-ldap.5.xml:1659 sssd-ldap.5.xml:1700 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1530 +#: sssd-ldap.5.xml:1648 msgid "ldap_tls_cacertdir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1533 +#: sssd-ldap.5.xml:1651 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -5459,32 +5646,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1548 +#: sssd-ldap.5.xml:1666 msgid "ldap_tls_cert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1551 +#: sssd-ldap.5.xml:1669 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1561 +#: sssd-ldap.5.xml:1679 msgid "ldap_tls_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1564 +#: sssd-ldap.5.xml:1682 msgid "Specifies the file that contains the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1573 +#: sssd-ldap.5.xml:1691 msgid "ldap_tls_cipher_suite (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1576 +#: sssd-ldap.5.xml:1694 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -5492,24 +5679,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1589 +#: sssd-ldap.5.xml:1707 msgid "ldap_id_use_start_tls (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1592 +#: sssd-ldap.5.xml:1710 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1602 +#: sssd-ldap.5.xml:1720 msgid "ldap_id_mapping (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1605 +#: sssd-ldap.5.xml:1723 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -5517,17 +5704,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1611 +#: sssd-ldap.5.xml:1729 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1621 +#: sssd-ldap.5.xml:1739 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1624 +#: sssd-ldap.5.xml:1742 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -5538,29 +5725,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1636 +#: sssd-ldap.5.xml:1754 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1642 +#: sssd-ldap.5.xml:1760 msgid "ldap_sasl_mech (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1645 +#: sssd-ldap.5.xml:1763 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI is tested and " "supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1655 +#: sssd-ldap.5.xml:1773 msgid "ldap_sasl_authid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1658 +#: sssd-ldap.5.xml:1776 msgid "" "Specify the SASL authorization id to use. When GSSAPI is used, this " "represents the Kerberos principal used for authentication to the directory. " @@ -5569,17 +5756,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1666 +#: sssd-ldap.5.xml:1784 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1672 +#: sssd-ldap.5.xml:1790 msgid "ldap_sasl_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1675 +#: sssd-ldap.5.xml:1793 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -5587,49 +5774,49 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1681 +#: sssd-ldap.5.xml:1799 msgid "Default: the value of krb5_realm." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1687 +#: sssd-ldap.5.xml:1805 msgid "ldap_sasl_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1690 +#: sssd-ldap.5.xml:1808 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1695 +#: sssd-ldap.5.xml:1813 msgid "Default: false;" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1701 +#: sssd-ldap.5.xml:1819 msgid "ldap_krb5_keytab (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1704 +#: sssd-ldap.5.xml:1822 msgid "Specify the keytab to use when using SASL/GSSAPI." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1707 +#: sssd-ldap.5.xml:1825 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1713 +#: sssd-ldap.5.xml:1831 msgid "ldap_krb5_init_creds (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1716 +#: sssd-ldap.5.xml:1834 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -5637,27 +5824,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1728 +#: sssd-ldap.5.xml:1846 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1731 +#: sssd-ldap.5.xml:1849 msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1735 sssd-ad.5.xml:914 +#: sssd-ldap.5.xml:1853 sssd-ad.5.xml:934 msgid "Default: 86400 (24 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1741 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1859 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1744 +#: sssd-ldap.5.xml:1862 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -5669,7 +5856,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1756 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1874 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -5677,7 +5864,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1761 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1879 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -5685,39 +5872,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1770 sssd-ipa.5.xml:432 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1888 sssd-ipa.5.xml:428 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1773 +#: sssd-ldap.5.xml:1891 msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1776 +#: sssd-ldap.5.xml:1894 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1782 sssd-krb5.5.xml:462 +#: sssd-ldap.5.xml:1900 sssd-krb5.5.xml:462 msgid "krb5_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1785 +#: sssd-ldap.5.xml:1903 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1797 sssd-krb5.5.xml:477 +#: sssd-ldap.5.xml:1915 sssd-krb5.5.xml:477 msgid "krb5_use_kdcinfo (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1800 sssd-krb5.5.xml:480 +#: sssd-ldap.5.xml:1918 sssd-krb5.5.xml:480 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -5727,7 +5914,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1811 sssd-krb5.5.xml:491 +#: sssd-ldap.5.xml:1929 sssd-krb5.5.xml:491 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -5735,26 +5922,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1825 +#: sssd-ldap.5.xml:1943 msgid "ldap_pwd_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1828 +#: sssd-ldap.5.xml:1946 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1833 +#: sssd-ldap.5.xml:1951 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1838 +#: sssd-ldap.5.xml:1956 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -5762,7 +5949,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1844 +#: sssd-ldap.5.xml:1962 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -5770,31 +5957,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1853 +#: sssd-ldap.5.xml:1971 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1861 +#: sssd-ldap.5.xml:1979 msgid "ldap_referrals (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1864 +#: sssd-ldap.5.xml:1982 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1868 +#: sssd-ldap.5.xml:1986 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1873 +#: sssd-ldap.5.xml:1991 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -5803,56 +5990,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1887 +#: sssd-ldap.5.xml:2005 msgid "ldap_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1890 +#: sssd-ldap.5.xml:2008 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1894 +#: sssd-ldap.5.xml:2012 msgid "Default: ldap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1900 +#: sssd-ldap.5.xml:2018 msgid "ldap_chpass_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1903 +#: sssd-ldap.5.xml:2021 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1908 +#: sssd-ldap.5.xml:2026 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1914 +#: sssd-ldap.5.xml:2032 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1917 +#: sssd-ldap.5.xml:2035 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1929 +#: sssd-ldap.5.xml:2047 msgid "ldap_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1932 +#: sssd-ldap.5.xml:2050 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -5868,12 +6055,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1952 +#: sssd-ldap.5.xml:2070 msgid "Example:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1955 +#: sssd-ldap.5.xml:2073 #, no-wrap msgid "" "access_provider = ldap\n" @@ -5882,14 +6069,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1959 +#: sssd-ldap.5.xml:2077 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1964 +#: sssd-ldap.5.xml:2082 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -5898,24 +6085,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1972 sssd-ldap.5.xml:2029 +#: sssd-ldap.5.xml:2090 sssd-ldap.5.xml:2147 msgid "Default: Empty" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1978 +#: sssd-ldap.5.xml:2096 msgid "ldap_account_expire_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1981 +#: sssd-ldap.5.xml:2099 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1985 +#: sssd-ldap.5.xml:2103 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -5923,19 +6110,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1992 +#: sssd-ldap.5.xml:2110 msgid "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1995 +#: sssd-ldap.5.xml:2113 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2000 +#: sssd-ldap.5.xml:2118 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -5944,7 +6131,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2007 +#: sssd-ldap.5.xml:2125 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -5952,7 +6139,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2013 +#: sssd-ldap.5.xml:2131 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -5961,7 +6148,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2022 +#: sssd-ldap.5.xml:2140 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -5969,22 +6156,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2035 +#: sssd-ldap.5.xml:2153 msgid "ldap_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2038 +#: sssd-ldap.5.xml:2156 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2042 +#: sssd-ldap.5.xml:2160 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2045 +#: sssd-ldap.5.xml:2163 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -5994,14 +6181,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2055 +#: sssd-ldap.5.xml:2173 msgid "" "<emphasis> Please note that this option is superseded by the <quote>ppolicy</" "quote> option and might be removed in a future release. </emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2062 +#: sssd-ldap.5.xml:2180 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6014,12 +6201,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2079 +#: sssd-ldap.5.xml:2197 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2083 +#: sssd-ldap.5.xml:2201 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " @@ -6029,7 +6216,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2093 +#: sssd-ldap.5.xml:2211 msgid "" "The difference between these options is the action taken if user password is " "expired: pwd_expire_policy_reject - user is denied to log in, " @@ -6039,63 +6226,63 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2101 +#: sssd-ldap.5.xml:2219 msgid "" "Note If user password is expired no explicit message is prompted by SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2105 +#: sssd-ldap.5.xml:2223 msgid "" "Please note that 'access_provider = ldap' must be set for this feature to " "work. Also 'ldap_pwd_policy' must be set to an appropriate password policy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2110 +#: sssd-ldap.5.xml:2228 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2115 +#: sssd-ldap.5.xml:2233 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2119 +#: sssd-ldap.5.xml:2237 msgid "" "<emphasis>rhost</emphasis>: use the rhost attribute to determine whether " "remote host can access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2123 +#: sssd-ldap.5.xml:2241 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control option" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2128 +#: sssd-ldap.5.xml:2246 msgid "Default: filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2131 +#: sssd-ldap.5.xml:2249 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2138 +#: sssd-ldap.5.xml:2256 msgid "ldap_pwdlockout_dn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2141 +#: sssd-ldap.5.xml:2259 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " @@ -6104,74 +6291,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2149 +#: sssd-ldap.5.xml:2267 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2152 +#: sssd-ldap.5.xml:2270 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2158 +#: sssd-ldap.5.xml:2276 msgid "ldap_deref (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2161 +#: sssd-ldap.5.xml:2279 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2166 +#: sssd-ldap.5.xml:2284 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2170 +#: sssd-ldap.5.xml:2288 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2175 +#: sssd-ldap.5.xml:2293 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2180 +#: sssd-ldap.5.xml:2298 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2185 +#: sssd-ldap.5.xml:2303 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2193 +#: sssd-ldap.5.xml:2311 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2196 +#: sssd-ldap.5.xml:2314 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2200 +#: sssd-ldap.5.xml:2318 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -6182,7 +6369,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2211 +#: sssd-ldap.5.xml:2329 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -6190,26 +6377,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2223 sssd-ifp.5.xml:136 +#: sssd-ldap.5.xml:2341 sssd-ifp.5.xml:136 #, fuzzy #| msgid "enum_cache_timeout (integer)" msgid "wildcard_limit (integer)" msgstr "enum_cache_timeout (numeriek)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2226 +#: sssd-ldap.5.xml:2344 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2230 +#: sssd-ldap.5.xml:2348 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2234 +#: sssd-ldap.5.xml:2352 msgid "Default: 1000 (often the size of one page)" msgstr "" @@ -6224,12 +6411,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2244 +#: sssd-ldap.5.xml:2362 msgid "SUDO OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2246 +#: sssd-ldap.5.xml:2364 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -6237,208 +6424,208 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2257 +#: sssd-ldap.5.xml:2375 msgid "ldap_sudorule_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2260 +#: sssd-ldap.5.xml:2378 msgid "The object class of a sudo rule entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2263 +#: sssd-ldap.5.xml:2381 msgid "Default: sudoRole" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2269 +#: sssd-ldap.5.xml:2387 msgid "ldap_sudorule_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2272 +#: sssd-ldap.5.xml:2390 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2282 +#: sssd-ldap.5.xml:2400 msgid "ldap_sudorule_command (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2285 +#: sssd-ldap.5.xml:2403 msgid "The LDAP attribute that corresponds to the command name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2289 +#: sssd-ldap.5.xml:2407 msgid "Default: sudoCommand" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2295 +#: sssd-ldap.5.xml:2413 msgid "ldap_sudorule_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2298 +#: sssd-ldap.5.xml:2416 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2303 +#: sssd-ldap.5.xml:2421 msgid "Default: sudoHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2309 +#: sssd-ldap.5.xml:2427 msgid "ldap_sudorule_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2312 +#: sssd-ldap.5.xml:2430 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2316 +#: sssd-ldap.5.xml:2434 msgid "Default: sudoUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2322 +#: sssd-ldap.5.xml:2440 msgid "ldap_sudorule_option (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2325 +#: sssd-ldap.5.xml:2443 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2329 +#: sssd-ldap.5.xml:2447 msgid "Default: sudoOption" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2335 +#: sssd-ldap.5.xml:2453 msgid "ldap_sudorule_runasuser (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2338 +#: sssd-ldap.5.xml:2456 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2342 +#: sssd-ldap.5.xml:2460 msgid "Default: sudoRunAsUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2348 +#: sssd-ldap.5.xml:2466 msgid "ldap_sudorule_runasgroup (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2351 +#: sssd-ldap.5.xml:2469 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2355 +#: sssd-ldap.5.xml:2473 msgid "Default: sudoRunAsGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2361 +#: sssd-ldap.5.xml:2479 msgid "ldap_sudorule_notbefore (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2364 +#: sssd-ldap.5.xml:2482 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2368 +#: sssd-ldap.5.xml:2486 msgid "Default: sudoNotBefore" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2374 +#: sssd-ldap.5.xml:2492 msgid "ldap_sudorule_notafter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2377 +#: sssd-ldap.5.xml:2495 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2382 +#: sssd-ldap.5.xml:2500 msgid "Default: sudoNotAfter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2388 +#: sssd-ldap.5.xml:2506 msgid "ldap_sudorule_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2391 +#: sssd-ldap.5.xml:2509 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2395 +#: sssd-ldap.5.xml:2513 msgid "Default: sudoOrder" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2401 +#: sssd-ldap.5.xml:2519 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2404 +#: sssd-ldap.5.xml:2522 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2409 +#: sssd-ldap.5.xml:2527 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2414 +#: sssd-ldap.5.xml:2532 msgid "Default: 21600 (6 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2420 +#: sssd-ldap.5.xml:2538 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2423 +#: sssd-ldap.5.xml:2541 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest USN " @@ -6446,101 +6633,101 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2429 +#: sssd-ldap.5.xml:2547 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2439 +#: sssd-ldap.5.xml:2557 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2442 +#: sssd-ldap.5.xml:2560 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2453 +#: sssd-ldap.5.xml:2571 msgid "ldap_sudo_hostnames (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2456 +#: sssd-ldap.5.xml:2574 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2461 +#: sssd-ldap.5.xml:2579 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2466 sssd-ldap.5.xml:2489 sssd-ldap.5.xml:2507 -#: sssd-ldap.5.xml:2525 +#: sssd-ldap.5.xml:2584 sssd-ldap.5.xml:2607 sssd-ldap.5.xml:2625 +#: sssd-ldap.5.xml:2643 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2471 sssd-ldap.5.xml:2494 +#: sssd-ldap.5.xml:2589 sssd-ldap.5.xml:2612 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2477 +#: sssd-ldap.5.xml:2595 msgid "ldap_sudo_ip (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2480 +#: sssd-ldap.5.xml:2598 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2485 +#: sssd-ldap.5.xml:2603 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2500 +#: sssd-ldap.5.xml:2618 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2503 +#: sssd-ldap.5.xml:2621 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2518 +#: sssd-ldap.5.xml:2636 msgid "ldap_sudo_include_regexp (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2521 +#: sssd-ldap.5.xml:2639 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2537 +#: sssd-ldap.5.xml:2655 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -6549,111 +6736,111 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2547 +#: sssd-ldap.5.xml:2665 msgid "AUTOFS OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2549 +#: sssd-ldap.5.xml:2667 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2555 +#: sssd-ldap.5.xml:2673 msgid "ldap_autofs_map_master_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2558 +#: sssd-ldap.5.xml:2676 msgid "The name of the automount master map in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2561 +#: sssd-ldap.5.xml:2679 msgid "Default: auto.master" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2568 +#: sssd-ldap.5.xml:2686 msgid "ldap_autofs_map_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2571 +#: sssd-ldap.5.xml:2689 msgid "The object class of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2574 +#: sssd-ldap.5.xml:2692 msgid "Default: nisMap (rfc2307, autofs_provider=ad), otherwise automountMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2582 +#: sssd-ldap.5.xml:2700 msgid "ldap_autofs_map_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2585 +#: sssd-ldap.5.xml:2703 msgid "The name of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2588 +#: sssd-ldap.5.xml:2706 msgid "" "Default: nisMapName (rfc2307, autofs_provider=ad), otherwise automountMapName" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2596 +#: sssd-ldap.5.xml:2714 msgid "ldap_autofs_entry_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2599 +#: sssd-ldap.5.xml:2717 msgid "" "The object class of an automount entry in LDAP. The entry usually " "corresponds to a mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2604 +#: sssd-ldap.5.xml:2722 msgid "Default: nisObject (rfc2307, autofs_provider=ad), otherwise automount" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2612 +#: sssd-ldap.5.xml:2730 msgid "ldap_autofs_entry_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2615 sssd-ldap.5.xml:2630 +#: sssd-ldap.5.xml:2733 sssd-ldap.5.xml:2748 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2619 +#: sssd-ldap.5.xml:2737 msgid "Default: cn (rfc2307, autofs_provider=ad), otherwise automountKey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2627 +#: sssd-ldap.5.xml:2745 msgid "ldap_autofs_entry_value (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2634 +#: sssd-ldap.5.xml:2752 msgid "" "Default: nisMapEntry (rfc2307, autofs_provider=ad), otherwise " "automountInformation" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2553 +#: sssd-ldap.5.xml:2671 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " @@ -6662,32 +6849,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2645 +#: sssd-ldap.5.xml:2763 msgid "ADVANCED OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2652 +#: sssd-ldap.5.xml:2770 msgid "ldap_netgroup_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2657 +#: sssd-ldap.5.xml:2775 msgid "ldap_user_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2662 +#: sssd-ldap.5.xml:2780 msgid "ldap_group_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> -#: sssd-ldap.5.xml:2667 +#: sssd-ldap.5.xml:2785 msgid "<note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> -#: sssd-ldap.5.xml:2669 +#: sssd-ldap.5.xml:2787 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " @@ -6696,22 +6883,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist> -#: sssd-ldap.5.xml:2676 +#: sssd-ldap.5.xml:2794 msgid "</note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2678 +#: sssd-ldap.5.xml:2796 msgid "ldap_sudo_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2683 +#: sssd-ldap.5.xml:2801 msgid "ldap_autofs_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2647 +#: sssd-ldap.5.xml:2765 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -6720,14 +6907,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2698 sssd-simple.5.xml:131 sssd-ipa.5.xml:717 -#: sssd-ad.5.xml:1018 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 +#: sssd-ldap.5.xml:2816 sssd-simple.5.xml:131 sssd-ipa.5.xml:736 +#: sssd-ad.5.xml:1038 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 #: sssd-files.5.xml:71 sssd-session-recording.5.xml:144 msgid "EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2700 +#: sssd-ldap.5.xml:2818 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -6735,7 +6922,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2706 +#: sssd-ldap.5.xml:2824 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -6748,27 +6935,27 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2705 sssd-ldap.5.xml:2723 sssd-simple.5.xml:139 -#: sssd-ipa.5.xml:725 sssd-ad.5.xml:1026 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 +#: sssd-ldap.5.xml:2823 sssd-ldap.5.xml:2841 sssd-simple.5.xml:139 +#: sssd-ipa.5.xml:744 sssd-ad.5.xml:1046 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 #: sssd-files.5.xml:78 sssd-session-recording.5.xml:150 #: include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2717 +#: sssd-ldap.5.xml:2835 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2719 +#: sssd-ldap.5.xml:2837 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2724 +#: sssd-ldap.5.xml:2842 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -6784,13 +6971,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2739 sssd_krb5_locator_plugin.8.xml:61 sssd-simple.5.xml:148 -#: sssd-ad.5.xml:1041 sssd.8.xml:195 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2857 sssd_krb5_locator_plugin.8.xml:61 sssd-simple.5.xml:148 +#: sssd-ad.5.xml:1061 sssd.8.xml:230 sss_seed.8.xml:163 msgid "NOTES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2741 +#: sssd-ldap.5.xml:2859 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -7196,7 +7383,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:70 sssd-ipa.5.xml:76 sssd-ad.5.xml:100 +#: sssd-simple.5.xml:70 sssd-ipa.5.xml:82 sssd-ad.5.xml:113 msgid "" "Refer to the section <quote>DOMAIN SECTIONS</quote> of the <citerefentry> " "<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" @@ -8046,7 +8233,7 @@ msgstr "" #: sss-certmap.5.xml:577 msgid "" "This template will add the OID which is stored in the registeredID component " -"of the SAN as as dotted-decimal string." +"of the SAN as a dotted-decimal string." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> @@ -8137,30 +8324,38 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:67 msgid "" +"If <quote>auth_provider=ipa</quote> or <quote>access_provider=ipa</quote> is " +"configured in sssd.conf then the id_provider must also be set to <quote>ipa</" +"quote>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:73 +msgid "" "The IPA provider will use the PAC responder if the Kerberos tickets of users " "from trusted realms contain a PAC. To make configuration easier the PAC " "responder is started automatically if the IPA ID provider is configured." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:83 +#: sssd-ipa.5.xml:89 msgid "ipa_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:86 +#: sssd-ipa.5.xml:92 msgid "" "Specifies the name of the IPA domain. This is optional. If not provided, " "the configuration domain name is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:94 +#: sssd-ipa.5.xml:100 msgid "ipa_server, ipa_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:97 +#: sssd-ipa.5.xml:103 msgid "" "The comma-separated list of IP addresses or hostnames of the IPA servers to " "which SSSD should connect in the order of preference. For more information " @@ -8170,12 +8365,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:110 +#: sssd-ipa.5.xml:116 msgid "ipa_hostname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:113 +#: sssd-ipa.5.xml:119 msgid "" "Optional. May be set on machines where the hostname(5) does not reflect the " "fully qualified name used in the IPA domain to identify this host. The " @@ -8183,12 +8378,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:122 sssd-ad.5.xml:843 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:863 msgid "dyndns_update (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:125 +#: sssd-ipa.5.xml:131 msgid "" "Optional. This option tells SSSD to automatically update the DNS server " "built into FreeIPA with the IP address of this client. The update is secured " @@ -8198,14 +8393,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:134 sssd-ad.5.xml:857 +#: sssd-ipa.5.xml:140 sssd-ad.5.xml:877 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:139 +#: sssd-ipa.5.xml:145 msgid "" "NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_update</" "emphasis> option, users should migrate to using <emphasis>dyndns_update</" @@ -8213,12 +8408,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:151 sssd-ad.5.xml:868 +#: sssd-ipa.5.xml:157 sssd-ad.5.xml:888 msgid "dyndns_ttl (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:154 sssd-ad.5.xml:871 +#: sssd-ipa.5.xml:160 sssd-ad.5.xml:891 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -8226,7 +8421,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:159 +#: sssd-ipa.5.xml:165 msgid "" "NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_ttl</" "emphasis> option, users should migrate to using <emphasis>dyndns_ttl</" @@ -8234,17 +8429,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:165 +#: sssd-ipa.5.xml:171 msgid "Default: 1200 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:171 sssd-ad.5.xml:882 +#: sssd-ipa.5.xml:177 sssd-ad.5.xml:902 msgid "dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:174 sssd-ad.5.xml:885 +#: sssd-ipa.5.xml:180 sssd-ad.5.xml:905 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " @@ -8253,7 +8448,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:181 +#: sssd-ipa.5.xml:187 msgid "" "NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_iface</" "emphasis> option, users should migrate to using <emphasis>dyndns_iface</" @@ -8261,24 +8456,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:187 +#: sssd-ipa.5.xml:193 msgid "" "Default: Use the IP addresses of the interface which is used for IPA LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:191 sssd-ad.5.xml:896 +#: sssd-ipa.5.xml:197 sssd-ad.5.xml:916 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:197 sssd-ad.5.xml:947 +#: sssd-ipa.5.xml:203 sssd-ad.5.xml:967 msgid "dyndns_auth (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:200 sssd-ad.5.xml:950 +#: sssd-ipa.5.xml:206 sssd-ad.5.xml:970 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " @@ -8286,22 +8481,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:206 sssd-ad.5.xml:956 +#: sssd-ipa.5.xml:212 sssd-ad.5.xml:976 msgid "Default: GSS-TSIG" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:212 +#: sssd-ipa.5.xml:218 msgid "ipa_enable_dns_sites (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:215 sssd-ad.5.xml:197 +#: sssd-ipa.5.xml:221 sssd-ad.5.xml:210 msgid "Enables DNS sites - location based service discovery." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:219 +#: sssd-ipa.5.xml:225 msgid "" "If true and service discovery (see Service Discovery paragraph at the bottom " "of the man page) is enabled, then the SSSD will first attempt location " @@ -8313,12 +8508,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:238 sssd-ad.5.xml:902 +#: sssd-ipa.5.xml:244 sssd-ad.5.xml:922 msgid "dyndns_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:241 +#: sssd-ipa.5.xml:247 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -8326,230 +8521,217 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:254 sssd-ad.5.xml:920 +#: sssd-ipa.5.xml:260 sssd-ad.5.xml:940 msgid "dyndns_update_ptr (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:257 sssd-ad.5.xml:923 +#: sssd-ipa.5.xml:263 sssd-ad.5.xml:943 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:262 +#: sssd-ipa.5.xml:268 msgid "" "This option should be False in most IPA deployments as the IPA server " "generates the PTR records automatically when forward records are changed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:268 +#: sssd-ipa.5.xml:274 msgid "Default: False (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:274 sssd-ad.5.xml:934 +#: sssd-ipa.5.xml:280 sssd-ad.5.xml:954 msgid "dyndns_force_tcp (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:277 sssd-ad.5.xml:937 +#: sssd-ipa.5.xml:283 sssd-ad.5.xml:957 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:281 sssd-ad.5.xml:941 +#: sssd-ipa.5.xml:287 sssd-ad.5.xml:961 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:287 sssd-ad.5.xml:962 +#: sssd-ipa.5.xml:293 sssd-ad.5.xml:982 msgid "dyndns_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:290 sssd-ad.5.xml:965 +#: sssd-ipa.5.xml:296 sssd-ad.5.xml:985 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:295 sssd-ad.5.xml:970 +#: sssd-ipa.5.xml:301 sssd-ad.5.xml:990 msgid "" "Setting this option makes sense for environments where the DNS server is " "different from the identity server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:300 sssd-ad.5.xml:975 +#: sssd-ipa.5.xml:306 sssd-ad.5.xml:995 msgid "" "Please note that this option will be only used in fallback attempt when " "previous attempt using autodetected settings failed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:305 sssd-ad.5.xml:980 +#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1000 msgid "Default: None (let nsupdate choose the server)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:311 +#: sssd-ipa.5.xml:317 msgid "ipa_deskprofile_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:314 +#: sssd-ipa.5.xml:320 msgid "" "Optional. Use the given string as search base for Desktop Profile related " "objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:318 sssd-ipa.5.xml:331 +#: sssd-ipa.5.xml:324 sssd-ipa.5.xml:337 msgid "Default: Use base DN" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:324 +#: sssd-ipa.5.xml:330 msgid "ipa_hbac_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:327 +#: sssd-ipa.5.xml:333 msgid "Optional. Use the given string as search base for HBAC related objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:337 +#: sssd-ipa.5.xml:343 msgid "ipa_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:340 -msgid "Optional. Use the given string as search base for host objects." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:344 sssd-ipa.5.xml:363 sssd-ipa.5.xml:382 sssd-ipa.5.xml:401 -#: sssd-ipa.5.xml:420 -msgid "" -"See <quote>ldap_search_base</quote> for information about configuring " -"multiple search bases." -msgstr "" - -#. type: Content of: <listitem><para> -#: sssd-ipa.5.xml:349 sssd-ipa.5.xml:368 include/ldap_search_bases.xml:27 -msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" +#: sssd-ipa.5.xml:346 +msgid "Deprecated. Use ldap_host_search_base instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:356 +#: sssd-ipa.5.xml:352 msgid "ipa_selinux_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:359 +#: sssd-ipa.5.xml:355 msgid "Optional. Use the given string as search base for SELinux user maps." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:375 +#: sssd-ipa.5.xml:371 msgid "ipa_subdomains_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:378 +#: sssd-ipa.5.xml:374 msgid "Optional. Use the given string as search base for trusted domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:387 +#: sssd-ipa.5.xml:383 msgid "Default: the value of <emphasis>cn=trusts,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:394 +#: sssd-ipa.5.xml:390 msgid "ipa_master_domain_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:397 +#: sssd-ipa.5.xml:393 msgid "Optional. Use the given string as search base for master domain object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:406 +#: sssd-ipa.5.xml:402 msgid "Default: the value of <emphasis>cn=ad,cn=etc,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:413 +#: sssd-ipa.5.xml:409 msgid "ipa_views_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:416 +#: sssd-ipa.5.xml:412 msgid "Optional. Use the given string as search base for views containers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:425 +#: sssd-ipa.5.xml:421 msgid "Default: the value of <emphasis>cn=views,cn=accounts,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:435 +#: sssd-ipa.5.xml:431 msgid "" "The name of the Kerberos realm. This is optional and defaults to the value " "of <quote>ipa_domain</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:439 +#: sssd-ipa.5.xml:435 msgid "" "The name of the Kerberos realm has a special meaning in IPA - it is " "converted into the base DN to use for performing LDAP operations." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:447 sssd-ad.5.xml:989 +#: sssd-ipa.5.xml:443 sssd-ad.5.xml:1009 msgid "krb5_confd_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:450 sssd-ad.5.xml:992 +#: sssd-ipa.5.xml:446 sssd-ad.5.xml:1012 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:454 sssd-ad.5.xml:996 +#: sssd-ipa.5.xml:450 sssd-ad.5.xml:1016 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:458 sssd-ad.5.xml:1000 +#: sssd-ipa.5.xml:454 sssd-ad.5.xml:1020 msgid "" "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:465 +#: sssd-ipa.5.xml:461 #, fuzzy #| msgid "config_file_version (integer)" msgid "ipa_deskprofile_refresh (integer)" msgstr "config_file_version (numeriek)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:468 +#: sssd-ipa.5.xml:464 msgid "" "The amount of time between lookups of the Desktop Profile rules against the " "IPA server. This will reduce the latency and load on the IPA server if there " @@ -8557,36 +8739,36 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:475 sssd-ipa.5.xml:505 sssd-ipa.5.xml:521 sssd-ad.5.xml:408 +#: sssd-ipa.5.xml:471 sssd-ipa.5.xml:501 sssd-ipa.5.xml:517 sssd-ad.5.xml:428 msgid "Default: 5 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:481 +#: sssd-ipa.5.xml:477 msgid "ipa_deskprofile_request_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:484 +#: sssd-ipa.5.xml:480 msgid "" "The amount of time between lookups of the Desktop Profile rules against the " "IPA server in case the last request did not return any rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:489 +#: sssd-ipa.5.xml:485 #, fuzzy #| msgid "Default: true" msgid "Default: 60 (minutes)" msgstr "Standaard: true" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:495 +#: sssd-ipa.5.xml:491 msgid "ipa_hbac_refresh (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:498 +#: sssd-ipa.5.xml:494 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server. " "This will reduce the latency and load on the IPA server if there are many " @@ -8594,12 +8776,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:511 +#: sssd-ipa.5.xml:507 msgid "ipa_hbac_selinux (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:514 +#: sssd-ipa.5.xml:510 msgid "" "The amount of time between lookups of the SELinux maps against the IPA " "server. This will reduce the latency and load on the IPA server if there are " @@ -8607,192 +8789,214 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:527 +#: sssd-ipa.5.xml:523 msgid "ipa_server_mode (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:530 +#: sssd-ipa.5.xml:526 msgid "" "This option will be set by the IPA installer (ipa-server-install) " "automatically and denotes if SSSD is running on an IPA server or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:535 +#: sssd-ipa.5.xml:531 msgid "" "On an IPA server SSSD will lookup users and groups from trusted domains " "directly while on a client it will ask an IPA server." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:536 +msgid "" +"NOTE: There are currently some assumptions that must be met when SSSD is " +"running on an IPA server." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ipa.5.xml:541 +msgid "" +"The <quote>ipa_server</quote> option must be configured to point to the IPA " +"server itself. This is already the default set by the IPA installer, so no " +"manual change is required." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ipa.5.xml:550 +msgid "" +"The <quote>full_name_format</quote> option must not be tweaked to only print " +"short names for users from trusted domains." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:546 +#: sssd-ipa.5.xml:565 msgid "ipa_automount_location (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:549 +#: sssd-ipa.5.xml:568 msgid "The automounter location this IPA client will be using" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:552 +#: sssd-ipa.5.xml:571 msgid "Default: The location named \"default\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:560 +#: sssd-ipa.5.xml:579 msgid "VIEWS AND OVERRIDES" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:569 +#: sssd-ipa.5.xml:588 msgid "ipa_view_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:572 +#: sssd-ipa.5.xml:591 msgid "Objectclass of the view container." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:575 +#: sssd-ipa.5.xml:594 msgid "Default: nsContainer" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:581 +#: sssd-ipa.5.xml:600 msgid "ipa_view_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:584 +#: sssd-ipa.5.xml:603 msgid "Name of the attribute holding the name of the view." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:594 +#: sssd-ipa.5.xml:613 msgid "ipa_override_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:597 +#: sssd-ipa.5.xml:616 msgid "Objectclass of the override objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:600 +#: sssd-ipa.5.xml:619 msgid "Default: ipaOverrideAnchor" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:606 +#: sssd-ipa.5.xml:625 msgid "ipa_anchor_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:609 +#: sssd-ipa.5.xml:628 msgid "" "Name of the attribute containing the reference to the original object in a " "remote domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:613 +#: sssd-ipa.5.xml:632 msgid "Default: ipaAnchorUUID" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:619 +#: sssd-ipa.5.xml:638 msgid "ipa_user_override_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:622 +#: sssd-ipa.5.xml:641 msgid "" "Name of the objectclass for user overrides. It is used to determine if the " "found override object is related to a user or a group." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:627 +#: sssd-ipa.5.xml:646 msgid "User overrides can contain attributes given by" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:630 +#: sssd-ipa.5.xml:649 msgid "ldap_user_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:633 +#: sssd-ipa.5.xml:652 msgid "ldap_user_uid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:636 +#: sssd-ipa.5.xml:655 msgid "ldap_user_gid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:639 +#: sssd-ipa.5.xml:658 msgid "ldap_user_gecos" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:642 +#: sssd-ipa.5.xml:661 msgid "ldap_user_home_directory" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:645 +#: sssd-ipa.5.xml:664 msgid "ldap_user_shell" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:648 +#: sssd-ipa.5.xml:667 msgid "ldap_user_ssh_public_key" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:653 +#: sssd-ipa.5.xml:672 msgid "Default: ipaUserOverride" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:659 +#: sssd-ipa.5.xml:678 msgid "ipa_group_override_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:662 +#: sssd-ipa.5.xml:681 msgid "" "Name of the objectclass for group overrides. It is used to determine if the " "found override object is related to a user or a group." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:667 +#: sssd-ipa.5.xml:686 msgid "Group overrides can contain attributes given by" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:670 +#: sssd-ipa.5.xml:689 msgid "ldap_group_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:673 +#: sssd-ipa.5.xml:692 msgid "ldap_group_gid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:678 +#: sssd-ipa.5.xml:697 msgid "Default: ipaGroupOverride" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:562 +#: sssd-ipa.5.xml:581 msgid "" "SSSD can handle views and overrides which are offered by FreeIPA 4.1 and " "later version. Since all paths and objectclasses are fixed on the server " @@ -8802,19 +9006,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ipa.5.xml:690 +#: sssd-ipa.5.xml:709 msgid "SUBDOMAINS PROVIDER" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:692 +#: sssd-ipa.5.xml:711 msgid "" "The IPA subdomains provider behaves slightly differently if it is configured " "explicitly or implicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:696 +#: sssd-ipa.5.xml:715 msgid "" "If the option 'subdomains_provider = ipa' is found in the domain section of " "sssd.conf, the IPA subdomains provider is configured explicitly, and all " @@ -8822,7 +9026,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:702 +#: sssd-ipa.5.xml:721 msgid "" "If the option 'subdomains_provider' is not set in the domain section of sssd." "conf but there is the option 'id_provider = ipa', the IPA subdomains " @@ -8834,7 +9038,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:719 +#: sssd-ipa.5.xml:738 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -8842,7 +9046,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:726 +#: sssd-ipa.5.xml:745 #, no-wrap msgid "" "[domain/example.com]\n" @@ -8878,7 +9082,7 @@ msgid "" "This provider requires that the machine be joined to the AD domain and a " "keytab is available. Back end communication occurs over a GSSAPI-encrypted " "channel, SSL/TLS options should not be used with the AD provider and will be " -"superceded by Kerberos usage." +"superseded by Kerberos usage." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> @@ -8926,8 +9130,16 @@ msgid "" "side." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ad.5.xml:79 +msgid "" +"If <quote>auth_provider=ad</quote> or <quote>access_provider=ad</quote> is " +"configured in sssd.conf then the id_provider must also be set to <quote>ad</" +"quote>." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:85 +#: sssd-ad.5.xml:91 #, no-wrap msgid "" "ldap_id_mapping = False\n" @@ -8935,20 +9147,25 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:79 +#: sssd-ad.5.xml:85 msgid "" "By default, the AD provider will map UID and GID values from the objectSID " "parameter in Active Directory. For details on this, see the <quote>ID " "MAPPING</quote> section below. If you want to disable ID mapping and instead " "rely on POSIX attributes defined in Active Directory, you should set " -"<placeholder type=\"programlisting\" id=\"0\"/> In order to retrieve users " -"and groups using POSIX attributes from trusted domains, the AD administrator " -"must make sure that the POSIX attributes are replicated to the Global " -"Catalog." +"<placeholder type=\"programlisting\" id=\"0\"/> If POSIX attributes should " +"be used, it is recommended for performance reasons that the attributes are " +"also replicated to the Global Catalog. If POSIX attributes are replicated, " +"SSSD will attempt to locate the domain of a requested numerical ID with the " +"help of the Global Catalog and only search that domain. In contrast, if " +"POSIX attributes are not replicated to the Global Catalog, SSSD must search " +"all the domains in the forest sequentially. Please note that the " +"<quote>cache_first</quote> option might be also helpful in speeding up " +"domainless searches." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:92 +#: sssd-ad.5.xml:105 msgid "" "Users, groups and other entities served by SSSD are always treated as case-" "insensitive in the AD provider for compatibility with Active Directory's " @@ -8956,38 +9173,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:107 +#: sssd-ad.5.xml:120 msgid "ad_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:110 +#: sssd-ad.5.xml:123 msgid "" "Specifies the name of the Active Directory domain. This is optional. If not " "provided, the configuration domain name is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:115 +#: sssd-ad.5.xml:128 msgid "" "For proper operation, this option should be specified as the lower-case " "version of the long version of the Active Directory domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:120 +#: sssd-ad.5.xml:133 msgid "" "The short domain name (also known as the NetBIOS or the flat name) is " "autodetected by the SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:127 +#: sssd-ad.5.xml:140 msgid "ad_enabled_domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:130 +#: sssd-ad.5.xml:143 msgid "" "A comma-separated list of enabled Active Directory domains. If provided, " "SSSD will ignore any domains not listed in this option. If left unset, all " @@ -8995,7 +9212,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:140 +#: sssd-ad.5.xml:153 #, no-wrap msgid "" "ad_enabled_domains = sales.example.com, eng.example.com\n" @@ -9003,7 +9220,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:136 +#: sssd-ad.5.xml:149 msgid "" "For proper operation, this option must be specified in all lower-case and as " "the fully qualified domain name of the Active Directory domain. For example: " @@ -9011,19 +9228,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:144 +#: sssd-ad.5.xml:157 msgid "" "The short domain name (also known as the NetBIOS or the flat name) will be " "autodetected by SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:154 +#: sssd-ad.5.xml:167 msgid "ad_server, ad_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:157 +#: sssd-ad.5.xml:170 msgid "" "The comma-separated list of hostnames of the AD servers to which SSSD should " "connect in order of preference. For more information on failover and server " @@ -9031,26 +9248,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:164 +#: sssd-ad.5.xml:177 msgid "" "This is optional if autodiscovery is enabled. For more information on " "service discovery, refer to the <quote>SERVICE DISCOVERY</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:169 +#: sssd-ad.5.xml:182 msgid "" "Note: Trusted domains will always auto-discover servers even if the primary " "server is explicitly defined in the ad_server option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:177 +#: sssd-ad.5.xml:190 msgid "ad_hostname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:180 +#: sssd-ad.5.xml:193 msgid "" "Optional. May be set on machines where the hostname(5) does not reflect the " "fully qualified name used in the Active Directory domain to identify this " @@ -9058,19 +9275,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:186 +#: sssd-ad.5.xml:199 msgid "" "This field is used to determine the host principal in use in the keytab. It " "must match the hostname for which the keytab was issued." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:194 +#: sssd-ad.5.xml:207 msgid "ad_enable_dns_sites (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:201 +#: sssd-ad.5.xml:214 msgid "" "If true and service discovery (see Service Discovery paragraph at the bottom " "of the man page) is enabled, the SSSD will first attempt to discover the " @@ -9081,12 +9298,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:217 +#: sssd-ad.5.xml:230 msgid "ad_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:220 +#: sssd-ad.5.xml:233 msgid "" "This option specifies LDAP access control filter that the user must match in " "order to be allowed access. Please note that the <quote>access_provider</" @@ -9095,7 +9312,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:228 +#: sssd-ad.5.xml:241 msgid "" "The option also supports specifying different filters per domain or forest. " "This extended filter would consist of: <quote>KEYWORD:NAME:FILTER</quote>. " @@ -9104,7 +9321,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:236 +#: sssd-ad.5.xml:249 msgid "" "If the keyword equals to <quote>DOM</quote> or is missing, then <quote>NAME</" "quote> specifies the domain or subdomain the filter applies to. If the " @@ -9113,14 +9330,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:244 +#: sssd-ad.5.xml:257 msgid "" "Multiple filters can be separated with the <quote>?</quote> character, " "similarly to how search bases work." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:249 +#: sssd-ad.5.xml:262 msgid "" "Nested group membership must be searched for using a special OID " "<quote>:1.2.840.113556.1.4.1941:</quote> in addition to the full DOM:domain." @@ -9133,7 +9350,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:262 +#: sssd-ad.5.xml:275 msgid "" "The most specific match is always used. For example, if the option specified " "filter for a domain the user is a member of and a global filter, the per-" @@ -9142,7 +9359,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ad.5.xml:273 +#: sssd-ad.5.xml:286 #, no-wrap msgid "" "# apply filter on domain called dom1 only:\n" @@ -9160,24 +9377,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:292 +#: sssd-ad.5.xml:305 msgid "ad_site (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:295 +#: sssd-ad.5.xml:308 msgid "" "Specify AD site to which client should try to connect. If this option is " "not provided, the AD site will be auto-discovered." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:306 +#: sssd-ad.5.xml:319 msgid "ad_enable_gc (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:309 +#: sssd-ad.5.xml:322 msgid "" "By default, the SSSD connects to the Global Catalog first to retrieve users " "from trusted domains and uses the LDAP port to retrieve group memberships or " @@ -9186,7 +9403,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:317 +#: sssd-ad.5.xml:330 msgid "" "Please note that disabling Global Catalog support does not disable " "retrieving users from trusted domains. The SSSD would connect to the LDAP " @@ -9195,12 +9412,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:331 +#: sssd-ad.5.xml:344 msgid "ad_gpo_access_control (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:334 +#: sssd-ad.5.xml:347 msgid "" "This option specifies the operation mode for GPO-based access control " "functionality: whether it operates in disabled mode, enforcing mode, or " @@ -9210,14 +9427,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:343 +#: sssd-ad.5.xml:356 msgid "" "GPO-based access control functionality uses GPO policy settings to determine " "whether or not a particular user is allowed to logon to a particular host." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:349 +#: sssd-ad.5.xml:362 +msgid "" +"NOTE: The current version of SSSD does not support host (computer) entries " +"in the GPO 'Security Filtering' list. Only user and group entries are " +"supported. Host entries in the list have no effect." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:369 msgid "" "NOTE: If the operation mode is set to enforcing, it is possible that users " "that were previously allowed logon access will now be denied logon access " @@ -9230,23 +9455,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:362 +#: sssd-ad.5.xml:382 msgid "There are three supported values for this option:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:366 +#: sssd-ad.5.xml:386 msgid "" "disabled: GPO-based access control rules are neither evaluated nor enforced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:372 +#: sssd-ad.5.xml:392 msgid "enforcing: GPO-based access control rules are evaluated and enforced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:378 +#: sssd-ad.5.xml:398 msgid "" "permissive: GPO-based access control rules are evaluated, but not enforced. " "Instead, a syslog message will be emitted indicating that the user would " @@ -9254,22 +9479,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:389 +#: sssd-ad.5.xml:409 msgid "Default: permissive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:392 +#: sssd-ad.5.xml:412 msgid "Default: enforcing" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:398 +#: sssd-ad.5.xml:418 msgid "ad_gpo_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:401 +#: sssd-ad.5.xml:421 msgid "" "The amount of time between lookups of GPO policy files against the AD " "server. This will reduce the latency and load on the AD server if there are " @@ -9277,12 +9502,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:414 +#: sssd-ad.5.xml:434 msgid "ad_gpo_map_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:417 +#: sssd-ad.5.xml:437 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the InteractiveLogonRight and " @@ -9290,14 +9515,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:423 +#: sssd-ad.5.xml:443 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on locally\" and \"Deny log on locally\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:437 +#: sssd-ad.5.xml:457 #, no-wrap msgid "" "ad_gpo_map_interactive = +my_pam_service, -login\n" @@ -9305,7 +9530,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:428 +#: sssd-ad.5.xml:448 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9317,78 +9542,78 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:441 sssd-ad.5.xml:537 sssd-ad.5.xml:583 sssd-ad.5.xml:628 -#: sssd-ad.5.xml:694 +#: sssd-ad.5.xml:461 sssd-ad.5.xml:557 sssd-ad.5.xml:603 sssd-ad.5.xml:648 +#: sssd-ad.5.xml:714 msgid "Default: the default set of PAM service names includes:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:445 +#: sssd-ad.5.xml:465 msgid "login" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:450 +#: sssd-ad.5.xml:470 msgid "su" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:455 +#: sssd-ad.5.xml:475 msgid "su-l" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:460 +#: sssd-ad.5.xml:480 msgid "gdm-fingerprint" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:465 +#: sssd-ad.5.xml:485 msgid "gdm-password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:470 +#: sssd-ad.5.xml:490 msgid "gdm-smartcard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:475 +#: sssd-ad.5.xml:495 msgid "kdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:480 +#: sssd-ad.5.xml:500 msgid "lightdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:485 +#: sssd-ad.5.xml:505 msgid "lxdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:490 +#: sssd-ad.5.xml:510 msgid "sddm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:495 +#: sssd-ad.5.xml:515 msgid "unity" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:500 +#: sssd-ad.5.xml:520 msgid "xdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:509 +#: sssd-ad.5.xml:529 msgid "ad_gpo_map_remote_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:512 +#: sssd-ad.5.xml:532 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the RemoteInteractiveLogonRight and " @@ -9396,7 +9621,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:518 +#: sssd-ad.5.xml:538 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on through Remote Desktop Services\" and \"Deny log on through Remote " @@ -9404,7 +9629,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:533 +#: sssd-ad.5.xml:553 #, no-wrap msgid "" "ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n" @@ -9412,7 +9637,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:524 +#: sssd-ad.5.xml:544 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9424,22 +9649,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:541 +#: sssd-ad.5.xml:561 msgid "sshd" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:546 +#: sssd-ad.5.xml:566 msgid "cockpit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:555 +#: sssd-ad.5.xml:575 msgid "ad_gpo_map_network (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:558 +#: sssd-ad.5.xml:578 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the NetworkLogonRight and " @@ -9447,7 +9672,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:564 +#: sssd-ad.5.xml:584 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Access " "this computer from the network\" and \"Deny access to this computer from the " @@ -9455,7 +9680,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:579 +#: sssd-ad.5.xml:599 #, no-wrap msgid "" "ad_gpo_map_network = +my_pam_service, -ftp\n" @@ -9463,7 +9688,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:570 +#: sssd-ad.5.xml:590 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9475,22 +9700,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:587 +#: sssd-ad.5.xml:607 msgid "ftp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:592 +#: sssd-ad.5.xml:612 msgid "samba" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:601 +#: sssd-ad.5.xml:621 msgid "ad_gpo_map_batch (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:604 +#: sssd-ad.5.xml:624 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " @@ -9498,14 +9723,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:610 +#: sssd-ad.5.xml:630 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a batch job\" and \"Deny log on as a batch job\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:624 +#: sssd-ad.5.xml:644 #, no-wrap msgid "" "ad_gpo_map_batch = +my_pam_service, -crond\n" @@ -9513,7 +9738,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:615 +#: sssd-ad.5.xml:635 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9525,17 +9750,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:632 +#: sssd-ad.5.xml:652 msgid "crond" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:641 +#: sssd-ad.5.xml:661 msgid "ad_gpo_map_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:644 +#: sssd-ad.5.xml:664 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the ServiceLogonRight and " @@ -9543,14 +9768,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:650 +#: sssd-ad.5.xml:670 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a service\" and \"Deny log on as a service\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:663 +#: sssd-ad.5.xml:683 #, no-wrap msgid "" "ad_gpo_map_service = +my_pam_service\n" @@ -9558,7 +9783,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:655 sssd-ad.5.xml:730 +#: sssd-ad.5.xml:675 sssd-ad.5.xml:750 msgid "" "It is possible to add a PAM service name to the default set by using <quote>" "+service_name</quote>. Since the default set is empty, it is not possible " @@ -9569,19 +9794,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:673 +#: sssd-ad.5.xml:693 msgid "ad_gpo_map_permit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:676 +#: sssd-ad.5.xml:696 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always granted, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:690 +#: sssd-ad.5.xml:710 #, no-wrap msgid "" "ad_gpo_map_permit = +my_pam_service, -sudo\n" @@ -9589,7 +9814,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:681 +#: sssd-ad.5.xml:701 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9601,39 +9826,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:698 +#: sssd-ad.5.xml:718 msgid "polkit-1" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:703 +#: sssd-ad.5.xml:723 msgid "sudo" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:708 +#: sssd-ad.5.xml:728 msgid "sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:713 +#: sssd-ad.5.xml:733 msgid "systemd-user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:722 +#: sssd-ad.5.xml:742 msgid "ad_gpo_map_deny (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:725 +#: sssd-ad.5.xml:745 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always denied, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:738 +#: sssd-ad.5.xml:758 #, no-wrap msgid "" "ad_gpo_map_deny = +my_pam_service\n" @@ -9641,12 +9866,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:748 +#: sssd-ad.5.xml:768 msgid "ad_gpo_default_right (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:751 +#: sssd-ad.5.xml:771 msgid "" "This option defines how access control is evaluated for PAM service names " "that are not explicitly listed in one of the ad_gpo_map_* options. This " @@ -9659,57 +9884,57 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:764 +#: sssd-ad.5.xml:784 msgid "Supported values for this option include:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:768 +#: sssd-ad.5.xml:788 msgid "interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:773 +#: sssd-ad.5.xml:793 msgid "remote_interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:778 +#: sssd-ad.5.xml:798 msgid "network" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:783 +#: sssd-ad.5.xml:803 msgid "batch" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:788 +#: sssd-ad.5.xml:808 msgid "service" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:793 +#: sssd-ad.5.xml:813 msgid "permit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:798 +#: sssd-ad.5.xml:818 msgid "deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:804 +#: sssd-ad.5.xml:824 msgid "Default: deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:810 +#: sssd-ad.5.xml:830 msgid "ad_maximum_machine_account_password_age (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:813 +#: sssd-ad.5.xml:833 msgid "" "SSSD will check once a day if the machine account password is older than the " "given age in days and try to renew it. A value of 0 will disable the renewal " @@ -9717,17 +9942,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:819 +#: sssd-ad.5.xml:839 msgid "Default: 30 days" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:825 +#: sssd-ad.5.xml:845 msgid "ad_machine_account_password_renewal_opts (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:828 +#: sssd-ad.5.xml:848 msgid "" "This option should only be used to test the machine account renewal task. " "The option expects 2 integers separated by a colon (':'). The first integer " @@ -9737,12 +9962,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:837 +#: sssd-ad.5.xml:857 msgid "Default: 86400:750 (24h and 15m)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:846 +#: sssd-ad.5.xml:866 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -9753,19 +9978,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:876 +#: sssd-ad.5.xml:896 msgid "Default: 3600 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:892 +#: sssd-ad.5.xml:912 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:905 +#: sssd-ad.5.xml:925 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -9775,12 +10000,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:928 sss_rpcidmapd.5.xml:76 +#: sssd-ad.5.xml:948 sss_rpcidmapd.5.xml:76 msgid "Default: True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1020 +#: sssd-ad.5.xml:1040 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -9788,7 +10013,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1027 +#: sssd-ad.5.xml:1047 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -9803,7 +10028,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1047 +#: sssd-ad.5.xml:1067 #, no-wrap msgid "" "access_provider = ldap\n" @@ -9812,7 +10037,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1043 +#: sssd-ad.5.xml:1063 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -9820,7 +10045,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1053 +#: sssd-ad.5.xml:1073 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -9830,7 +10055,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1061 +#: sssd-ad.5.xml:1081 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " @@ -10140,33 +10365,79 @@ msgid "" "files for every SSSD service and domain." msgstr "" +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:94 +msgid "" +"This option is deprecated. It is replaced by <option>--logger=files</option>." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:97 +#: sssd.8.xml:101 +#, fuzzy +#| msgid "" +#| "<option>-r</option>,<option>--remove-group</option> <replaceable>GROUPS</" +#| "replaceable>" +msgid "<option>--logger=</option><replaceable>value</replaceable>" +msgstr "" +"<option>-r</option>,<option>--remove-group</option> <replaceable>GROEPEN</" +"replaceable>" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:105 +msgid "" +"Location where SSSD will send log messages. This option overrides the value " +"of the deprecated option <option>--debug-to-files</option>. The deprecated " +"option will still work if the <option>--logger</option> is not used." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:112 +msgid "" +"<emphasis>stderr</emphasis>: Redirect debug messages to standard error " +"output." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:116 +msgid "" +"<emphasis>files</emphasis>: Redirect debug messages to the log files. By " +"default, the log files are stored in <filename>/var/log/sssd</filename> and " +"there are separate log files for every SSSD service and domain." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:122 +msgid "" +"<emphasis>journald</emphasis>: Redirect debug messages to systemd-journald" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sssd.8.xml:132 msgid "<option>-D</option>,<option>--daemon</option>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:101 +#: sssd.8.xml:136 msgid "Become a daemon after starting up." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:107 sss_seed.8.xml:136 +#: sssd.8.xml:142 sss_seed.8.xml:136 msgid "<option>-i</option>,<option>--interactive</option>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:111 +#: sssd.8.xml:146 msgid "Run in the foreground, don't become a daemon." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:117 +#: sssd.8.xml:152 msgid "<option>-c</option>,<option>--config</option>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:121 +#: sssd.8.xml:156 msgid "" "Specify a non-default config file. The default is <filename>/etc/sssd/sssd." "conf</filename>. For reference on the config file syntax and options, " @@ -10175,39 +10446,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:135 +#: sssd.8.xml:170 msgid "<option>--version</option>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:139 +#: sssd.8.xml:174 msgid "Print version number and exit." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.8.xml:147 +#: sssd.8.xml:182 msgid "Signals" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:150 +#: sssd.8.xml:185 msgid "SIGTERM/SIGINT" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:153 +#: sssd.8.xml:188 msgid "" "Informs the SSSD to gracefully terminate all of its child processes and then " "shut down the monitor." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:159 +#: sssd.8.xml:194 msgid "SIGHUP" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:162 +#: sssd.8.xml:197 msgid "" "Tells the SSSD to stop writing to its current debug file descriptors and to " "close and reopen them. This is meant to facilitate log rolling with programs " @@ -10215,12 +10486,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:170 +#: sssd.8.xml:205 msgid "SIGUSR1" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:173 +#: sssd.8.xml:208 msgid "" "Tells the SSSD to simulate offline operation for the duration of the " "<quote>offline_timeout</quote> parameter. This is useful for testing. The " @@ -10229,12 +10500,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:182 +#: sssd.8.xml:217 msgid "SIGUSR2" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:185 +#: sssd.8.xml:220 msgid "" "Tells the SSSD to go online immediately. This is useful for testing. The " "signal can be sent to either the sssd process or any sssd_be process " @@ -10242,7 +10513,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.8.xml:197 +#: sssd.8.xml:232 msgid "" "If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", client " "applications will not use the fast in memory cache." @@ -12600,7 +12871,7 @@ msgid "" "project was born to deal with this problem in cloud like environments, but " "we found the idea compelling even at a single system level. As a security " "service, SSSD is ideal to host this capability while offering the same API " -"via a Unix Socket. This will make it possible to use local calls and have " +"via a UNIX Socket. This will make it possible to use local calls and have " "them transparently routed to a local or a remote key management store like " "IPA Vault for storage, escrow and recovery." msgstr "" diff --git a/src/man/po/pt.po b/src/man/po/pt.po index ef9bfdba638..41f2e528942 100644 --- a/src/man/po/pt.po +++ b/src/man/po/pt.po @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: sssd-docs 1.15.3\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2017-10-20 16:15+0200\n" +"POT-Creation-Date: 2018-03-09 12:30+0100\n" "PO-Revision-Date: 2014-12-15 12:05-0500\n" "Last-Translator: Copied by Zanata <copied-by-zanata@zanata.org>\n" "Language-Team: Portuguese (http://www.transifex.com/projects/p/sssd/language/" @@ -314,9 +314,9 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:133 sssd.conf.5.xml:543 sssd.conf.5.xml:837 -#: sssd.conf.5.xml:1467 sssd-ldap.5.xml:1722 sssd-ldap.5.xml:1819 -#: sssd-ldap.5.xml:1881 sssd-ldap.5.xml:2447 sssd-ldap.5.xml:2512 -#: sssd-ldap.5.xml:2530 sssd-ad.5.xml:211 sssd-ad.5.xml:325 sssd-ad.5.xml:862 +#: sssd.conf.5.xml:1474 sssd-ldap.5.xml:1840 sssd-ldap.5.xml:1937 +#: sssd-ldap.5.xml:1999 sssd-ldap.5.xml:2565 sssd-ldap.5.xml:2630 +#: sssd-ldap.5.xml:2648 sssd-ad.5.xml:224 sssd-ad.5.xml:338 sssd-ad.5.xml:882 #: sssd-krb5.5.xml:499 sssd-secrets.5.xml:351 sssd-secrets.5.xml:364 msgid "Default: true" msgstr "" @@ -335,16 +335,16 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:146 sssd.conf.5.xml:540 sssd.conf.5.xml:721 -#: sssd.conf.5.xml:1400 sssd.conf.5.xml:2865 sssd-ldap.5.xml:708 -#: sssd-ldap.5.xml:1596 sssd-ldap.5.xml:1615 sssd-ldap.5.xml:1791 -#: sssd-ldap.5.xml:2217 sssd-ipa.5.xml:145 sssd-ipa.5.xml:232 -#: sssd-ipa.5.xml:540 sssd-krb5.5.xml:266 sssd-krb5.5.xml:300 +#: sssd.conf.5.xml:1407 sssd.conf.5.xml:2925 sssd-ldap.5.xml:708 +#: sssd-ldap.5.xml:1714 sssd-ldap.5.xml:1733 sssd-ldap.5.xml:1909 +#: sssd-ldap.5.xml:2335 sssd-ipa.5.xml:151 sssd-ipa.5.xml:238 +#: sssd-ipa.5.xml:559 sssd-krb5.5.xml:266 sssd-krb5.5.xml:300 #: sssd-krb5.5.xml:471 msgid "Default: false" msgstr "Padrão: false" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2255 +#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2373 #: sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 sssd-systemtap.5.xml:210 #: sssd-systemtap.5.xml:248 sssd-systemtap.5.xml:304 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" @@ -369,8 +369,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:169 sssd.conf.5.xml:1352 sssd.conf.5.xml:2881 -#: sssd-ldap.5.xml:1467 include/ldap_id_mapping.xml:264 +#: sssd.conf.5.xml:169 sssd.conf.5.xml:1359 sssd.conf.5.xml:2941 +#: sssd-ldap.5.xml:1585 include/ldap_id_mapping.xml:264 msgid "Default: 10" msgstr "Padrão: 10" @@ -385,7 +385,7 @@ msgid "The [sssd] section" msgstr "A seção [SSSD]" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:191 sssd.conf.5.xml:2970 +#: sssd.conf.5.xml:191 sssd.conf.5.xml:3030 msgid "Section parameters" msgstr "Parâmetros de secção" @@ -413,7 +413,7 @@ msgstr "serviços" msgid "" "Comma separated list of services that are started when sssd itself starts. " "<phrase condition=\"have_systemd\"> The services' list is optional on " -"platforms where systemd is supported, as they will either be socket or dbus " +"platforms where systemd is supported, as they will either be socket or D-Bus " "activated when needed. </phrase>" msgstr "" @@ -469,7 +469,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:259 sssd.conf.5.xml:2508 +#: sssd.conf.5.xml:259 sssd.conf.5.xml:2539 msgid "re_expression (string)" msgstr "re_expression (string)" @@ -489,12 +489,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:276 sssd.conf.5.xml:2559 +#: sssd.conf.5.xml:276 sssd.conf.5.xml:2590 msgid "full_name_format (string)" msgstr "full_name_format (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:279 sssd.conf.5.xml:2562 +#: sssd.conf.5.xml:279 sssd.conf.5.xml:2593 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -502,39 +502,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:290 sssd.conf.5.xml:2573 +#: sssd.conf.5.xml:290 sssd.conf.5.xml:2604 msgid "%1$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:291 sssd.conf.5.xml:2574 +#: sssd.conf.5.xml:291 sssd.conf.5.xml:2605 msgid "user name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:294 sssd.conf.5.xml:2577 +#: sssd.conf.5.xml:294 sssd.conf.5.xml:2608 msgid "%2$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:297 sssd.conf.5.xml:2580 +#: sssd.conf.5.xml:297 sssd.conf.5.xml:2611 msgid "domain name as specified in the SSSD config file." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:303 sssd.conf.5.xml:2586 +#: sssd.conf.5.xml:303 sssd.conf.5.xml:2617 msgid "%3$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:306 sssd.conf.5.xml:2589 +#: sssd.conf.5.xml:306 sssd.conf.5.xml:2620 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:287 sssd.conf.5.xml:2570 +#: sssd.conf.5.xml:287 sssd.conf.5.xml:2601 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -658,12 +658,13 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:418 sssd.conf.5.xml:1156 sssd-ldap.5.xml:679 -#: sssd-ldap.5.xml:1555 sssd-ldap.5.xml:1567 sssd-ldap.5.xml:1649 -#: sssd-ad.5.xml:667 sssd-ad.5.xml:742 sssd-krb5.5.xml:410 sssd-krb5.5.xml:556 -#: sssd-secrets.5.xml:339 sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 -#: sssd-secrets.5.xml:404 sssd-secrets.5.xml:415 -#: include/ldap_id_mapping.xml:205 include/ldap_id_mapping.xml:216 +#: sssd.conf.5.xml:418 sssd.conf.5.xml:1163 sssd-ldap.5.xml:679 +#: sssd-ldap.5.xml:1319 sssd-ldap.5.xml:1673 sssd-ldap.5.xml:1685 +#: sssd-ldap.5.xml:1767 sssd-ad.5.xml:687 sssd-ad.5.xml:762 sssd.8.xml:126 +#: sssd-krb5.5.xml:410 sssd-krb5.5.xml:556 sssd-secrets.5.xml:339 +#: sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 sssd-secrets.5.xml:404 +#: sssd-secrets.5.xml:415 include/ldap_id_mapping.xml:205 +#: include/ldap_id_mapping.xml:216 msgid "Default: not set" msgstr "" @@ -850,8 +851,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:587 sssd.conf.5.xml:1364 sssd.conf.5.xml:2931 -#: sssd-ad.5.xml:148 sssd-ad.5.xml:286 sssd-ad.5.xml:300 +#: sssd.conf.5.xml:587 sssd.conf.5.xml:1371 sssd.conf.5.xml:2991 +#: sssd-ad.5.xml:161 sssd-ad.5.xml:299 sssd-ad.5.xml:313 msgid "Default: Not set" msgstr "" @@ -927,7 +928,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:655 sssd.conf.5.xml:687 sssd.conf.5.xml:968 -#: sssd.conf.5.xml:1222 sssd-ldap.5.xml:1294 +#: sssd.conf.5.xml:1229 sssd-ldap.5.xml:1412 msgid "Default: 60" msgstr "Padrão: 60" @@ -982,12 +983,12 @@ msgid "" "resource exhaustion on the system. The minimum acceptable value for this " "option is 60 seconds. Setting this option to 0 (zero) means that no timeout " "will be set up to the responder. This option only has effect when SSSD is " -"built with systemd support and when services are either socket or dbus " +"built with systemd support and when services are either socket or D-Bus " "activated." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:709 sssd.conf.5.xml:980 sssd.conf.5.xml:1559 +#: sssd.conf.5.xml:709 sssd.conf.5.xml:981 sssd.conf.5.xml:1566 #: sssd-ldap.5.xml:722 msgid "Default: 300" msgstr "Padrão: 300" @@ -1065,7 +1066,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:775 sssd.conf.5.xml:1421 +#: sssd.conf.5.xml:775 sssd.conf.5.xml:1428 msgid "Default: 50" msgstr "Padrão: 50" @@ -1083,7 +1084,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:789 sssd.conf.5.xml:1445 +#: sssd.conf.5.xml:789 sssd.conf.5.xml:1452 msgid "Default: 15" msgstr "" @@ -1100,7 +1101,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:802 sssd.conf.5.xml:1210 sssd.conf.5.xml:2815 sssd.8.xml:79 +#: sssd.conf.5.xml:802 sssd.conf.5.xml:1217 sssd.conf.5.xml:2846 sssd.8.xml:79 msgid "Default: 0" msgstr "" @@ -1170,7 +1171,7 @@ msgid "" msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:856 sssd.conf.5.xml:1289 sssd.conf.5.xml:1308 +#: sssd.conf.5.xml:856 sssd.conf.5.xml:1296 sssd.conf.5.xml:1315 #: sssd-krb5.5.xml:539 include/override_homedir.xml:59 msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" @@ -1304,12 +1305,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:961 sssd.conf.5.xml:1215 +#: sssd.conf.5.xml:961 sssd.conf.5.xml:1222 msgid "get_domains_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:964 sssd.conf.5.xml:1218 +#: sssd.conf.5.xml:964 sssd.conf.5.xml:1225 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." @@ -1324,23 +1325,30 @@ msgstr "" #: sssd.conf.5.xml:976 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " -"valid." +"valid. Setting this option to zero will disable the in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:983 +#: sssd.conf.5.xml:984 +msgid "" +"WARNING: Disabling the in-memory cache will have significant negative impact " +"on SSSD's performance and should only be used for testing." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:990 msgid "" "NOTE: If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", " "client applications will not use the fast in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:991 sssd-ifp.5.xml:74 +#: sssd.conf.5.xml:998 sssd-ifp.5.xml:74 msgid "user_attributes (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:994 +#: sssd.conf.5.xml:1001 msgid "" "Some of the additional NSS responder requests can return more attributes " "than just the POSIX ones defined by the NSS interface. The list of " @@ -1351,96 +1359,96 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1007 +#: sssd.conf.5.xml:1014 msgid "" "To make configuration more easy the NSS responder will check the InfoPipe " "option if it is not set for the NSS responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1012 +#: sssd.conf.5.xml:1019 msgid "Default: not set, fallback to InfoPipe option" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1017 +#: sssd.conf.5.xml:1024 msgid "pwfield (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1020 +#: sssd.conf.5.xml:1027 msgid "" "The value that NSS operations that return users or groups will return for " "the <quote>password</quote> field." msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:1025 include/override_homedir.xml:56 +#: sssd.conf.5.xml:1032 include/override_homedir.xml:56 msgid "This option can also be set per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1028 +#: sssd.conf.5.xml:1035 msgid "" "Default: <quote>*</quote> (remote domains) or <quote>x</quote> (the files " "domain)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1036 +#: sssd.conf.5.xml:1043 msgid "PAM configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1038 +#: sssd.conf.5.xml:1045 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1043 +#: sssd.conf.5.xml:1050 msgid "offline_credentials_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1046 +#: sssd.conf.5.xml:1053 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1051 sssd.conf.5.xml:1064 +#: sssd.conf.5.xml:1058 sssd.conf.5.xml:1071 msgid "Default: 0 (No limit)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1057 +#: sssd.conf.5.xml:1064 msgid "offline_failed_login_attempts (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1060 +#: sssd.conf.5.xml:1067 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1070 +#: sssd.conf.5.xml:1077 msgid "offline_failed_login_delay (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1073 +#: sssd.conf.5.xml:1080 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1078 +#: sssd.conf.5.xml:1085 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -1448,59 +1456,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1084 sssd.conf.5.xml:1182 +#: sssd.conf.5.xml:1091 sssd.conf.5.xml:1189 msgid "Default: 5" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1090 +#: sssd.conf.5.xml:1097 msgid "pam_verbosity (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1093 +#: sssd.conf.5.xml:1100 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1098 +#: sssd.conf.5.xml:1105 msgid "Currently sssd supports the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1101 +#: sssd.conf.5.xml:1108 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1104 +#: sssd.conf.5.xml:1111 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1108 +#: sssd.conf.5.xml:1115 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1111 +#: sssd.conf.5.xml:1118 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1115 sssd.8.xml:63 +#: sssd.conf.5.xml:1122 sssd.8.xml:63 msgid "Default: 1" msgstr "Padrão: 1" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1121 +#: sssd.conf.5.xml:1128 msgid "pam_response_filter (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1124 +#: sssd.conf.5.xml:1131 msgid "" "A comma separated list of strings which allows to remove (filter) data sent " "by the PAM responder to pam_sss PAM module. There are different kind of " @@ -1509,61 +1517,61 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1132 +#: sssd.conf.5.xml:1139 msgid "" "While messages already can be controlled with the help of the pam_verbosity " "option this option allows to filter out other kind of responses as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1139 +#: sssd.conf.5.xml:1146 msgid "ENV" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1140 +#: sssd.conf.5.xml:1147 msgid "Do not send any environment variables to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1143 +#: sssd.conf.5.xml:1150 msgid "ENV:var_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1144 +#: sssd.conf.5.xml:1151 msgid "Do not send environment variable var_name to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1148 +#: sssd.conf.5.xml:1155 msgid "ENV:var_name:service" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1149 +#: sssd.conf.5.xml:1156 msgid "Do not send environment variable var_name to service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1137 +#: sssd.conf.5.xml:1144 msgid "" "Currently the following filters are supported: <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1159 +#: sssd.conf.5.xml:1166 msgid "Example: ENV:KRB5CCNAME:sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1165 +#: sssd.conf.5.xml:1172 msgid "pam_id_timeout (integer)" msgstr "pam_id_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1168 +#: sssd.conf.5.xml:1175 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1571,7 +1579,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1174 +#: sssd.conf.5.xml:1181 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -1580,17 +1588,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1188 +#: sssd.conf.5.xml:1195 msgid "pam_pwd_expiration_warning (integer)" msgstr "pam_pwd_expiration_warning (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1191 sssd.conf.5.xml:2010 +#: sssd.conf.5.xml:1198 sssd.conf.5.xml:2028 msgid "Display a warning N days before the password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1194 +#: sssd.conf.5.xml:1201 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1598,26 +1606,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1200 sssd.conf.5.xml:2013 +#: sssd.conf.5.xml:1207 sssd.conf.5.xml:2031 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1205 +#: sssd.conf.5.xml:1212 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:1234 msgid "pam_trusted_users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1230 +#: sssd.conf.5.xml:1237 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to run PAM conversations against trusted domains. Users not " @@ -1627,74 +1635,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1240 +#: sssd.conf.5.xml:1247 msgid "Default: All users are considered trusted by default" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1244 +#: sssd.conf.5.xml:1251 msgid "" "Please note that UID 0 is always allowed to access the PAM responder even in " "case it is not in the pam_trusted_users list." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1251 +#: sssd.conf.5.xml:1258 msgid "pam_public_domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1254 +#: sssd.conf.5.xml:1261 msgid "" "Specifies the comma-separated list of domain names that are accessible even " "to untrusted users." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1258 +#: sssd.conf.5.xml:1265 msgid "Two special values for pam_public_domains option are defined:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1262 +#: sssd.conf.5.xml:1269 msgid "" "all (Untrusted users are allowed to access all domains in PAM responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1266 +#: sssd.conf.5.xml:1273 msgid "" "none (Untrusted users are not allowed to access any domains PAM in " "responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1270 sssd.conf.5.xml:1295 sssd.conf.5.xml:1314 -#: sssd.conf.5.xml:1807 sssd.conf.5.xml:2751 sssd-ldap.5.xml:1850 +#: sssd.conf.5.xml:1277 sssd.conf.5.xml:1302 sssd.conf.5.xml:1321 +#: sssd.conf.5.xml:1825 sssd.conf.5.xml:2782 sssd-ldap.5.xml:1968 msgid "Default: none" msgstr "Padrão: none" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1275 +#: sssd.conf.5.xml:1282 msgid "pam_account_expired_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1278 +#: sssd.conf.5.xml:1285 msgid "" "Allows a custom expiration message to be set, replacing the default " "'Permission denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1283 +#: sssd.conf.5.xml:1290 msgid "" "Note: Please be aware that message is only printed for the SSH service " "unless pam_verbosity is set to 3 (show all messages and debug information)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1291 +#: sssd.conf.5.xml:1298 #, no-wrap msgid "" "pam_account_expired_message = Account expired, please contact help desk.\n" @@ -1702,19 +1710,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1300 +#: sssd.conf.5.xml:1307 msgid "pam_account_locked_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1303 +#: sssd.conf.5.xml:1310 msgid "" "Allows a custom lockout message to be set, replacing the default 'Permission " "denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1310 +#: sssd.conf.5.xml:1317 #, no-wrap msgid "" "pam_account_locked_message = Account locked, please contact help desk.\n" @@ -1722,12 +1730,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1319 +#: sssd.conf.5.xml:1326 msgid "pam_cert_auth (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1322 +#: sssd.conf.5.xml:1329 msgid "" "Enable certificate based Smartcard authentication. Since this requires " "additional communication with the Smartcard which will delay the " @@ -1735,58 +1743,58 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1328 sssd-ldap.5.xml:1078 sssd-ldap.5.xml:1105 -#: sssd-ldap.5.xml:1396 sssd-ldap.5.xml:1417 sssd-ldap.5.xml:1923 -#: include/ldap_id_mapping.xml:244 +#: sssd.conf.5.xml:1335 sssd.conf.5.xml:2875 sssd-ldap.5.xml:1087 +#: sssd-ldap.5.xml:1114 sssd-ldap.5.xml:1514 sssd-ldap.5.xml:1535 +#: sssd-ldap.5.xml:2041 include/ldap_id_mapping.xml:244 msgid "Default: False" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1333 +#: sssd.conf.5.xml:1340 msgid "pam_cert_db_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1336 +#: sssd.conf.5.xml:1343 msgid "" "The path to the certificate database which contain the PKCS#11 modules to " "access the Smartcard." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1340 +#: sssd.conf.5.xml:1347 msgid "Default: /etc/pki/nssdb (NSS version)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1345 +#: sssd.conf.5.xml:1352 msgid "p11_child_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1348 +#: sssd.conf.5.xml:1355 msgid "How many seconds will pam_sss wait for p11_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1357 +#: sssd.conf.5.xml:1364 msgid "pam_app_services (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1360 +#: sssd.conf.5.xml:1367 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1373 +#: sssd.conf.5.xml:1380 msgid "SUDO configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1375 +#: sssd.conf.5.xml:1382 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -1797,26 +1805,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1392 +#: sssd.conf.5.xml:1399 msgid "sudo_timed (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1395 +#: sssd.conf.5.xml:1402 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1407 +#: sssd.conf.5.xml:1414 #, fuzzy #| msgid "ldap_opt_timeout (integer)" msgid "sudo_threshold (integer)" msgstr "ldap_opt_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1410 +#: sssd.conf.5.xml:1417 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -1826,22 +1834,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1429 +#: sssd.conf.5.xml:1436 msgid "AUTOFS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1431 +#: sssd.conf.5.xml:1438 msgid "These options can be used to configure the autofs service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1435 +#: sssd.conf.5.xml:1442 msgid "autofs_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1438 +#: sssd.conf.5.xml:1445 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -1849,68 +1857,68 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1454 +#: sssd.conf.5.xml:1461 msgid "SSH configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1456 +#: sssd.conf.5.xml:1463 msgid "These options can be used to configure the SSH service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1460 +#: sssd.conf.5.xml:1467 msgid "ssh_hash_known_hosts (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1463 +#: sssd.conf.5.xml:1470 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1472 +#: sssd.conf.5.xml:1479 msgid "ssh_known_hosts_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1475 +#: sssd.conf.5.xml:1482 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1479 +#: sssd.conf.5.xml:1486 msgid "Default: 180" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1484 +#: sssd.conf.5.xml:1491 msgid "ca_db (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1487 +#: sssd.conf.5.xml:1494 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1492 +#: sssd.conf.5.xml:1499 msgid "Default: /etc/pki/nssdb" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1500 +#: sssd.conf.5.xml:1507 msgid "PAC responder configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1502 +#: sssd.conf.5.xml:1509 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -1921,7 +1929,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1511 +#: sssd.conf.5.xml:1518 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -1932,24 +1940,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1519 +#: sssd.conf.5.xml:1526 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1525 +#: sssd.conf.5.xml:1532 msgid "These options can be used to configure the PAC responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1529 sssd-ifp.5.xml:50 +#: sssd.conf.5.xml:1536 sssd-ifp.5.xml:50 msgid "allowed_uids (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1532 +#: sssd.conf.5.xml:1539 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -1957,12 +1965,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1538 +#: sssd.conf.5.xml:1545 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1542 +#: sssd.conf.5.xml:1549 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -1971,24 +1979,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1551 +#: sssd.conf.5.xml:1558 msgid "pac_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1554 +#: sssd.conf.5.xml:1561 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1567 +#: sssd.conf.5.xml:1574 msgid "Session recording configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1569 +#: sssd.conf.5.xml:1576 msgid "" "Session recording works in conjunction with <citerefentry> " "<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> </" @@ -1998,34 +2006,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1582 +#: sssd.conf.5.xml:1589 msgid "These options can be used to configure session recording." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1586 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:1593 sssd-session-recording.5.xml:64 #, fuzzy #| msgid "skel_dir (string)" msgid "scope (string)" msgstr "skel_dir (string)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1593 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:1600 sssd-session-recording.5.xml:71 msgid "\"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1596 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:1603 sssd-session-recording.5.xml:74 msgid "No users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1601 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:1608 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1604 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:1611 sssd-session-recording.5.xml:82 #, fuzzy #| msgid "" #| "Append this group to groups specified by the <replaceable>GROUPS</" @@ -2040,38 +2048,38 @@ msgstr "" "replaceable> é uma lista separada por vírgulas de nomes de grupo." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1613 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:1620 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1616 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:1623 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1589 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:1596 sssd-session-recording.5.xml:67 msgid "" "One of the following strings specifying the scope of session recording: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1623 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:1630 sssd-session-recording.5.xml:101 #, fuzzy #| msgid "Default: none" msgid "Default: \"none\"" msgstr "Padrão: none" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1628 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:1635 sssd-session-recording.5.xml:106 #, fuzzy #| msgid "skel_dir (string)" msgid "users (string)" msgstr "skel_dir (string)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1631 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:1638 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording enabled. " "Matches user names as returned by NSS. I.e. after the possible space " @@ -2079,21 +2087,21 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1637 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:1644 sssd-session-recording.5.xml:115 #, fuzzy #| msgid "Default: empty, i.e. ldap_uri is used." msgid "Default: Empty. Matches no users." msgstr "Padrão: empty, ou seja, ldap_uri é usado." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1642 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:1649 sssd-session-recording.5.xml:120 #, fuzzy #| msgid "ldap_group_search_base (string)" msgid "groups (string)" msgstr "ldap_group_search_base (string)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1645 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:1652 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " @@ -2101,7 +2109,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1651 sssd-session-recording.5.xml:129 +#: sssd.conf.5.xml:1658 sssd-session-recording.5.xml:129 msgid "" "NOTE: using this option (having it set to anything) has a considerable " "performance cost, because each uncached request for a user requires " @@ -2109,22 +2117,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1658 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:1665 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1668 +#: sssd.conf.5.xml:1675 msgid "DOMAIN SECTIONS" msgstr "SECÇÕES DE DOMÍNIO" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1675 +#: sssd.conf.5.xml:1682 msgid "domain_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1678 +#: sssd.conf.5.xml:1685 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " @@ -2133,14 +2141,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1686 +#: sssd.conf.5.xml:1693 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1690 +#: sssd.conf.5.xml:1697 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " @@ -2149,38 +2157,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1698 +#: sssd.conf.5.xml:1705 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1702 +#: sssd.conf.5.xml:1709 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1706 +#: sssd.conf.5.xml:1713 msgid "Default: posix" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1712 +#: sssd.conf.5.xml:1719 msgid "min_id,max_id (integer)" msgstr "min_id,max_id (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1715 +#: sssd.conf.5.xml:1722 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1720 +#: sssd.conf.5.xml:1727 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -2189,46 +2197,55 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1727 +#: sssd.conf.5.xml:1734 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1731 +#: sssd.conf.5.xml:1738 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "Padrão: 1 para min_id, 0 (sem limite) para max_id" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1737 +#: sssd.conf.5.xml:1744 msgid "enumerate (bool)" msgstr "enumerate (bool)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1740 +#: sssd.conf.5.xml:1747 msgid "" -"Determines if a domain can be enumerated. This parameter can have one of the " -"following values:" +"Determines if a domain can be enumerated, that is, whether the domain can " +"list all the users and group it contains. Note that it is not required to " +"enable enumeration in order for secondary groups to be displayed. This " +"parameter can have one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1744 +#: sssd.conf.5.xml:1755 msgid "TRUE = Users and groups are enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1747 +#: sssd.conf.5.xml:1758 msgid "FALSE = No enumerations for this domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1750 sssd.conf.5.xml:1965 sssd.conf.5.xml:2132 +#: sssd.conf.5.xml:1761 sssd.conf.5.xml:1983 sssd.conf.5.xml:2150 msgid "Default: FALSE" msgstr "Padrão: FALSE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1753 +#: sssd.conf.5.xml:1764 +msgid "" +"Enumerating a domain requires SSSD to download and store ALL user and group " +"entries from the remote server." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1769 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -2236,18 +2253,20 @@ msgid "" "information will go directly to LDAP, though it may be slow, due to the " "heavy enumeration processing. Saving a large number of entries to cache " "after the enumeration completes might also be CPU intensive as the " -"memberships have to be recomputed." +"memberships have to be recomputed. This can lead to the <quote>sssd_be</" +"quote> process becoming unresponsive or even restarted by the internal " +"watchdog." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1766 +#: sssd.conf.5.xml:1784 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1771 +#: sssd.conf.5.xml:1789 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -2256,39 +2275,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1779 +#: sssd.conf.5.xml:1797 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1787 +#: sssd.conf.5.xml:1805 msgid "subdomain_enumerate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1794 +#: sssd.conf.5.xml:1812 msgid "all" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1795 +#: sssd.conf.5.xml:1813 msgid "All discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1798 +#: sssd.conf.5.xml:1816 msgid "none" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1799 +#: sssd.conf.5.xml:1817 msgid "No discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1790 +#: sssd.conf.5.xml:1808 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -2297,19 +2316,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1813 +#: sssd.conf.5.xml:1831 msgid "entry_cache_timeout (integer)" msgstr "entry_cache_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1816 +#: sssd.conf.5.xml:1834 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1820 +#: sssd.conf.5.xml:1838 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -2320,151 +2339,151 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1833 +#: sssd.conf.5.xml:1851 msgid "Default: 5400" msgstr "Padrão: 5400" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1839 +#: sssd.conf.5.xml:1857 msgid "entry_cache_user_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1842 +#: sssd.conf.5.xml:1860 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1846 sssd.conf.5.xml:1859 sssd.conf.5.xml:1872 -#: sssd.conf.5.xml:1885 sssd.conf.5.xml:1898 sssd.conf.5.xml:1912 -#: sssd.conf.5.xml:1926 +#: sssd.conf.5.xml:1864 sssd.conf.5.xml:1877 sssd.conf.5.xml:1890 +#: sssd.conf.5.xml:1903 sssd.conf.5.xml:1916 sssd.conf.5.xml:1930 +#: sssd.conf.5.xml:1944 msgid "Default: entry_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1852 +#: sssd.conf.5.xml:1870 msgid "entry_cache_group_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1855 +#: sssd.conf.5.xml:1873 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1865 +#: sssd.conf.5.xml:1883 msgid "entry_cache_netgroup_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1868 +#: sssd.conf.5.xml:1886 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1878 +#: sssd.conf.5.xml:1896 msgid "entry_cache_service_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1881 +#: sssd.conf.5.xml:1899 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1891 +#: sssd.conf.5.xml:1909 msgid "entry_cache_sudo_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1894 +#: sssd.conf.5.xml:1912 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1904 +#: sssd.conf.5.xml:1922 msgid "entry_cache_autofs_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1907 +#: sssd.conf.5.xml:1925 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1918 +#: sssd.conf.5.xml:1936 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1921 +#: sssd.conf.5.xml:1939 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1932 +#: sssd.conf.5.xml:1950 msgid "refresh_expired_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1935 +#: sssd.conf.5.xml:1953 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1940 +#: sssd.conf.5.xml:1958 msgid "" "The background refresh will process users, groups and netgroups in the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1944 +#: sssd.conf.5.xml:1962 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1948 sssd-ldap.5.xml:746 sssd-ipa.5.xml:248 +#: sssd.conf.5.xml:1966 sssd-ldap.5.xml:746 sssd-ipa.5.xml:254 msgid "Default: 0 (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1954 +#: sssd.conf.5.xml:1972 msgid "cache_credentials (bool)" msgstr "cache_credentials (bool)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1957 +#: sssd.conf.5.xml:1975 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1961 +#: sssd.conf.5.xml:1979 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1971 +#: sssd.conf.5.xml:1989 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1974 +#: sssd.conf.5.xml:1992 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " @@ -2472,24 +2491,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1981 +#: sssd.conf.5.xml:1999 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1986 +#: sssd.conf.5.xml:2004 msgid "Default: 8" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1992 +#: sssd.conf.5.xml:2010 msgid "account_cache_expiration (integer)" msgstr "account_cache_expiration (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1995 +#: sssd.conf.5.xml:2013 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -2498,17 +2517,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2002 +#: sssd.conf.5.xml:2020 msgid "Default: 0 (unlimited)" msgstr "Padrão: 0 (ilimitado)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2007 +#: sssd.conf.5.xml:2025 msgid "pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2018 +#: sssd.conf.5.xml:2036 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -2517,33 +2536,33 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2025 +#: sssd.conf.5.xml:2043 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2031 +#: sssd.conf.5.xml:2049 msgid "id_provider (string)" msgstr "id_provider (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2034 +#: sssd.conf.5.xml:2052 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2038 +#: sssd.conf.5.xml:2056 msgid "<quote>proxy</quote>: Support a legacy NSS provider" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2041 sssd.conf.5.xml:2178 +#: sssd.conf.5.xml:2059 sssd.conf.5.xml:2196 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2045 +#: sssd.conf.5.xml:2063 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -2551,8 +2570,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2053 sssd.conf.5.xml:2158 sssd.conf.5.xml:2213 -#: sssd.conf.5.xml:2276 +#: sssd.conf.5.xml:2071 sssd.conf.5.xml:2176 sssd.conf.5.xml:2231 +#: sssd.conf.5.xml:2294 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -2561,8 +2580,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2062 sssd.conf.5.xml:2167 sssd.conf.5.xml:2222 -#: sssd.conf.5.xml:2285 +#: sssd.conf.5.xml:2080 sssd.conf.5.xml:2185 sssd.conf.5.xml:2240 +#: sssd.conf.5.xml:2303 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2570,19 +2589,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2073 +#: sssd.conf.5.xml:2091 msgid "use_fully_qualified_names (bool)" msgstr "use_fully_qualified_names (bool)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2076 +#: sssd.conf.5.xml:2094 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2081 +#: sssd.conf.5.xml:2099 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -2591,7 +2610,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2089 +#: sssd.conf.5.xml:2107 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -2599,22 +2618,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2096 +#: sssd.conf.5.xml:2114 msgid "Default: FALSE (TRUE if default_domain_suffix is used)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2102 +#: sssd.conf.5.xml:2120 msgid "ignore_group_members (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2105 +#: sssd.conf.5.xml:2123 msgid "Do not return group members for group lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2108 +#: sssd.conf.5.xml:2126 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -2626,7 +2645,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2126 +#: sssd.conf.5.xml:2144 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " @@ -2634,19 +2653,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2137 +#: sssd.conf.5.xml:2155 msgid "auth_provider (string)" msgstr "auth_provider (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2140 +#: sssd.conf.5.xml:2158 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2144 sssd.conf.5.xml:2206 +#: sssd.conf.5.xml:2162 sssd.conf.5.xml:2224 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2654,7 +2673,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2151 +#: sssd.conf.5.xml:2169 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2662,30 +2681,30 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2175 +#: sssd.conf.5.xml:2193 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2182 +#: sssd.conf.5.xml:2200 msgid "<quote>none</quote> disables authentication explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2185 +#: sssd.conf.5.xml:2203 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2191 +#: sssd.conf.5.xml:2209 msgid "access_provider (string)" msgstr "access_provider (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2194 +#: sssd.conf.5.xml:2212 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -2693,19 +2712,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2200 +#: sssd.conf.5.xml:2218 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2203 +#: sssd.conf.5.xml:2221 msgid "<quote>deny</quote> always deny access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2230 +#: sssd.conf.5.xml:2248 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -2714,7 +2733,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2237 +#: sssd.conf.5.xml:2255 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum></" @@ -2722,29 +2741,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2244 +#: sssd.conf.5.xml:2262 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2247 +#: sssd.conf.5.xml:2265 msgid "Default: <quote>permit</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2252 +#: sssd.conf.5.xml:2270 msgid "chpass_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2255 +#: sssd.conf.5.xml:2273 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2260 +#: sssd.conf.5.xml:2278 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -2752,7 +2771,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2268 +#: sssd.conf.5.xml:2286 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2760,35 +2779,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2293 +#: sssd.conf.5.xml:2311 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2297 +#: sssd.conf.5.xml:2315 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2300 +#: sssd.conf.5.xml:2318 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2307 +#: sssd.conf.5.xml:2325 msgid "sudo_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2310 +#: sssd.conf.5.xml:2328 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2314 +#: sssd.conf.5.xml:2332 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2796,32 +2815,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2322 +#: sssd.conf.5.xml:2340 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2326 +#: sssd.conf.5.xml:2344 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2330 +#: sssd.conf.5.xml:2348 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2333 sssd.conf.5.xml:2411 sssd.conf.5.xml:2476 -#: sssd.conf.5.xml:2501 +#: sssd.conf.5.xml:2351 sssd.conf.5.xml:2437 sssd.conf.5.xml:2507 +#: sssd.conf.5.xml:2532 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2337 +#: sssd.conf.5.xml:2355 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -2831,13 +2850,22 @@ msgid "" "<manvolnum>5</manvolnum> </citerefentry>." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2370 +msgid "" +"<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " +"background unless the sudo provider is explicitly disabled. Set " +"<emphasis>sudo_provider = None</emphasis> to disable all sudo-related " +"activity in SSSD if you do not want to use sudo with SSSD at all." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2354 +#: sssd.conf.5.xml:2380 msgid "selinux_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2357 +#: sssd.conf.5.xml:2383 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -2845,7 +2873,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2363 +#: sssd.conf.5.xml:2389 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -2853,31 +2881,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2371 +#: sssd.conf.5.xml:2397 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2374 +#: sssd.conf.5.xml:2400 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2380 +#: sssd.conf.5.xml:2406 msgid "subdomains_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2383 +#: sssd.conf.5.xml:2409 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2389 +#: sssd.conf.5.xml:2415 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -2885,7 +2913,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2398 +#: sssd.conf.5.xml:2424 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -2894,19 +2922,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2407 +#: sssd.conf.5.xml:2433 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2417 +#: sssd.conf.5.xml:2443 #, fuzzy #| msgid "access_provider (string)" msgid "session_provider (string)" msgstr "access_provider (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2420 +#: sssd.conf.5.xml:2446 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " @@ -2914,36 +2942,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2427 +#: sssd.conf.5.xml:2453 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2431 +#: sssd.conf.5.xml:2457 msgid "" "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2435 +#: sssd.conf.5.xml:2461 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can perform " "session related tasks." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2465 +msgid "" +"<emphasis>NOTE:</emphasis> In order to have this feature working as expected " +"SSSD must be running as \"root\" and not as the unprivileged user." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2442 +#: sssd.conf.5.xml:2473 msgid "autofs_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2445 +#: sssd.conf.5.xml:2476 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2449 +#: sssd.conf.5.xml:2480 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2951,7 +2986,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2456 +#: sssd.conf.5.xml:2487 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2959,7 +2994,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2464 +#: sssd.conf.5.xml:2495 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2967,24 +3002,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2473 +#: sssd.conf.5.xml:2504 msgid "<quote>none</quote> disables autofs explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2483 +#: sssd.conf.5.xml:2514 msgid "hostid_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2486 +#: sssd.conf.5.xml:2517 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2490 +#: sssd.conf.5.xml:2521 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -2992,12 +3027,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2498 +#: sssd.conf.5.xml:2529 msgid "<quote>none</quote> disables hostid explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2511 +#: sssd.conf.5.xml:2542 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -3007,7 +3042,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2520 +#: sssd.conf.5.xml:2551 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -3016,29 +3051,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2525 +#: sssd.conf.5.xml:2556 msgid "username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2528 +#: sssd.conf.5.xml:2559 msgid "username@domain.name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2531 +#: sssd.conf.5.xml:2562 msgid "domain\\username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2534 +#: sssd.conf.5.xml:2565 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2539 +#: sssd.conf.5.xml:2570 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -3046,7 +3081,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2545 +#: sssd.conf.5.xml:2576 msgid "" "PLEASE NOTE: the support for non-unique named subpatterns is not available " "on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre " @@ -3054,66 +3089,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2552 +#: sssd.conf.5.xml:2583 msgid "" "PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?" "P<name>) to label subpatterns." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2599 +#: sssd.conf.5.xml:2630 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "Default: <quote>%1$s@%2$s</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2605 +#: sssd.conf.5.xml:2636 msgid "lookup_family_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2608 +#: sssd.conf.5.xml:2639 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2612 +#: sssd.conf.5.xml:2643 msgid "Supported values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2615 +#: sssd.conf.5.xml:2646 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2618 +#: sssd.conf.5.xml:2649 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2621 +#: sssd.conf.5.xml:2652 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2624 +#: sssd.conf.5.xml:2655 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2627 +#: sssd.conf.5.xml:2658 msgid "Default: ipv4_first" msgstr "Default: ipv4_first" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2633 +#: sssd.conf.5.xml:2664 msgid "dns_resolver_timeout (integer)" msgstr "dns_resolver_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2636 +#: sssd.conf.5.xml:2667 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the " "internal fail over service before assuming that the service is unreachable. " @@ -3122,77 +3157,77 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2643 +#: sssd.conf.5.xml:2674 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2648 sssd-ldap.5.xml:1278 sssd-ldap.5.xml:1320 -#: sssd-ldap.5.xml:1338 sssd-krb5.5.xml:248 +#: sssd.conf.5.xml:2679 sssd-ldap.5.xml:1396 sssd-ldap.5.xml:1438 +#: sssd-ldap.5.xml:1456 sssd-krb5.5.xml:248 msgid "Default: 6" msgstr "Padrão: 6" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2654 +#: sssd.conf.5.xml:2685 msgid "dns_discovery_domain (string)" msgstr "dns_discovery_domain (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2657 +#: sssd.conf.5.xml:2688 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2661 +#: sssd.conf.5.xml:2692 msgid "Default: Use the domain part of machine's hostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2667 +#: sssd.conf.5.xml:2698 msgid "override_gid (integer)" msgstr "override_gid (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2670 +#: sssd.conf.5.xml:2701 msgid "Override the primary GID value with the one specified." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2676 +#: sssd.conf.5.xml:2707 msgid "case_sensitive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2684 +#: sssd.conf.5.xml:2715 msgid "True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2687 +#: sssd.conf.5.xml:2718 msgid "Case sensitive. This value is invalid for AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2693 +#: sssd.conf.5.xml:2724 msgid "False" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2695 +#: sssd.conf.5.xml:2726 msgid "Case insensitive." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2699 +#: sssd.conf.5.xml:2730 msgid "Preserving" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2702 +#: sssd.conf.5.xml:2733 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " @@ -3200,7 +3235,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2679 +#: sssd.conf.5.xml:2710 msgid "" "Treat user and group names as case sensitive. At the moment, this option is " "not supported in the local provider. Possible option values are: " @@ -3208,17 +3243,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2714 +#: sssd.conf.5.xml:2745 msgid "Default: True (False for AD provider)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2720 +#: sssd.conf.5.xml:2751 msgid "subdomain_inherit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2723 +#: sssd.conf.5.xml:2754 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " @@ -3226,34 +3261,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2729 +#: sssd.conf.5.xml:2760 msgid "ignore_group_members" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2732 +#: sssd.conf.5.xml:2763 msgid "ldap_purge_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2735 sssd-ldap.5.xml:1111 +#: sssd.conf.5.xml:2766 sssd-ldap.5.xml:1120 msgid "ldap_use_tokengroups" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2738 +#: sssd.conf.5.xml:2769 msgid "ldap_user_principal" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2741 +#: sssd.conf.5.xml:2772 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:2747 +#: sssd.conf.5.xml:2778 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" @@ -3261,32 +3296,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2745 sssd-secrets.5.xml:448 +#: sssd.conf.5.xml:2776 sssd-secrets.5.xml:448 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2754 +#: sssd.conf.5.xml:2785 msgid "Note: This option only works with the IPA and AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2761 +#: sssd.conf.5.xml:2792 msgid "subdomain_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2772 +#: sssd.conf.5.xml:2803 msgid "%F" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2773 +#: sssd.conf.5.xml:2804 msgid "flat (NetBIOS) name of a subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2764 +#: sssd.conf.5.xml:2795 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -3296,34 +3331,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2778 +#: sssd.conf.5.xml:2809 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2782 +#: sssd.conf.5.xml:2813 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2787 +#: sssd.conf.5.xml:2818 msgid "realmd_tags (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2790 +#: sssd.conf.5.xml:2821 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2796 +#: sssd.conf.5.xml:2827 msgid "cached_auth_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2799 +#: sssd.conf.5.xml:2830 msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " @@ -3331,20 +3366,58 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2805 +#: sssd.conf.5.xml:2836 msgid "Special value 0 implies that this feature is disabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2809 +#: sssd.conf.5.xml:2840 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " "<quote>initgroups.</quote>" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2851 +#, fuzzy +#| msgid "auth_provider (string)" +msgid "auto_private_groups (string)" +msgstr "auth_provider (string)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2854 +msgid "" +"If this option is enabled, SSSD will automatically create user private " +"groups based on user's UID number. The GID number is ignored in this case." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2859 +msgid "" +"For POSIX subdomains, setting the option in the main domain is inherited in " +"the subdomain." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2863 +msgid "" +"For ID-mapping subdomains, auto_private_groups is already enabled for the " +"subdomains and setting it to false will not have any effect for the " +"subdomain." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2868 +msgid "" +"NOTE: Because the GID number and the user private group are inferred from " +"the UID number, it is not supported to have multiple entries with the same " +"UID or GID number with this option. In other words, enabling this option " +"enforces uniqueness across the ID space." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1670 +#: sssd.conf.5.xml:1677 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -3352,29 +3425,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2827 +#: sssd.conf.5.xml:2887 msgid "proxy_pam_target (string)" msgstr "proxy_pam_target (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2830 +#: sssd.conf.5.xml:2890 msgid "The proxy target PAM proxies to." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2833 +#: sssd.conf.5.xml:2893 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2841 +#: sssd.conf.5.xml:2901 msgid "proxy_lib_name (string)" msgstr "proxy_lib_name (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2844 +#: sssd.conf.5.xml:2904 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -3382,12 +3455,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2854 +#: sssd.conf.5.xml:2914 msgid "proxy_fast_alias (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2857 +#: sssd.conf.5.xml:2917 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -3396,12 +3469,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2871 +#: sssd.conf.5.xml:2931 msgid "proxy_max_children (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2874 +#: sssd.conf.5.xml:2934 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " @@ -3409,19 +3482,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:2823 +#: sssd.conf.5.xml:2883 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2890 +#: sssd.conf.5.xml:2950 msgid "Application domains" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2892 +#: sssd.conf.5.xml:2952 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> <refentrytitle>sssd-ifp</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) is appealing to " @@ -3438,7 +3511,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2912 +#: sssd.conf.5.xml:2972 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " @@ -3446,17 +3519,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:2918 +#: sssd.conf.5.xml:2978 msgid "Application domain parameters" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2920 +#: sssd.conf.5.xml:2980 msgid "inherit_from (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2923 +#: sssd.conf.5.xml:2983 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " @@ -3465,7 +3538,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2937 +#: sssd.conf.5.xml:2997 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " @@ -3475,7 +3548,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:2945 +#: sssd.conf.5.xml:3005 #, no-wrap msgid "" "[sssd]\n" @@ -3495,12 +3568,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2963 +#: sssd.conf.5.xml:3023 msgid "The local domain section" msgstr "A secção de domínio local" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2965 +#: sssd.conf.5.xml:3025 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -3508,73 +3581,73 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2972 +#: sssd.conf.5.xml:3032 msgid "default_shell (string)" msgstr "default_shell (string)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2975 +#: sssd.conf.5.xml:3035 msgid "The default shell for users created with SSSD userspace tools." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2979 +#: sssd.conf.5.xml:3039 msgid "Default: <filename>/bin/bash</filename>" msgstr "Padrão: <filename>bash/bin/bash</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2984 +#: sssd.conf.5.xml:3044 msgid "base_directory (string)" msgstr "base_directory (string)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2987 +#: sssd.conf.5.xml:3047 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2992 +#: sssd.conf.5.xml:3052 msgid "Default: <filename>/home</filename>" msgstr "Padrão: <filename>/ home</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2997 +#: sssd.conf.5.xml:3057 msgid "create_homedir (bool)" msgstr "create_homedir (bool)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3000 +#: sssd.conf.5.xml:3060 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3004 sssd.conf.5.xml:3016 +#: sssd.conf.5.xml:3064 sssd.conf.5.xml:3076 msgid "Default: TRUE" msgstr "Padrão: TRUE" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3009 +#: sssd.conf.5.xml:3069 msgid "remove_homedir (bool)" msgstr "remove_homedir (bool)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3012 +#: sssd.conf.5.xml:3072 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3021 +#: sssd.conf.5.xml:3081 msgid "homedir_umask (integer)" msgstr "homedir_umask (integer)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3024 +#: sssd.conf.5.xml:3084 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -3582,17 +3655,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3032 +#: sssd.conf.5.xml:3092 msgid "Default: 077" msgstr "Padrão: 077" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3037 +#: sssd.conf.5.xml:3097 msgid "skel_dir (string)" msgstr "skel_dir (string)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3040 +#: sssd.conf.5.xml:3100 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -3601,17 +3674,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3050 +#: sssd.conf.5.xml:3110 msgid "Default: <filename>/etc/skel</filename>" msgstr "Padrão: <filename>skel/etc/skel</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3055 +#: sssd.conf.5.xml:3115 msgid "mail_dir (string)" msgstr "mail_dir (string)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3058 +#: sssd.conf.5.xml:3118 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -3619,17 +3692,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3065 +#: sssd.conf.5.xml:3125 msgid "Default: <filename>/var/mail</filename>" msgstr "Padrão: <filename>mail/var/mail</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3070 +#: sssd.conf.5.xml:3130 msgid "userdel_cmd (string)" msgstr "userdel_cmd (string)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3073 +#: sssd.conf.5.xml:3133 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -3637,17 +3710,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3079 +#: sssd.conf.5.xml:3139 msgid "Default: None, no command is run" msgstr "Padrão: None, nenhum comando é executado" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3089 +#: sssd.conf.5.xml:3149 msgid "TRUSTED DOMAIN SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3091 +#: sssd.conf.5.xml:3151 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called <quote>[domain/" @@ -3658,64 +3731,64 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3098 +#: sssd.conf.5.xml:3158 msgid "ldap_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3099 +#: sssd.conf.5.xml:3159 msgid "ldap_user_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3100 +#: sssd.conf.5.xml:3160 msgid "ldap_group_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3101 +#: sssd.conf.5.xml:3161 msgid "ldap_netgroup_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3102 +#: sssd.conf.5.xml:3162 msgid "ldap_service_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3103 +#: sssd.conf.5.xml:3163 msgid "ad_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3104 +#: sssd.conf.5.xml:3164 msgid "ad_backup_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3105 +#: sssd.conf.5.xml:3165 msgid "ad_site," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3106 +#: sssd.conf.5.xml:3166 msgid "use_fully_qualified_names" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3108 +#: sssd.conf.5.xml:3168 msgid "" "For more details about these options see their individual description in the " "manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3114 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:3174 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3120 +#: sssd.conf.5.xml:3180 #, no-wrap msgid "" "[sssd]\n" @@ -3769,7 +3842,7 @@ msgstr "" "enumerate = False\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3116 +#: sssd.conf.5.xml:3176 msgid "" "1. The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -3778,7 +3851,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3153 +#: sssd.conf.5.xml:3213 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" @@ -3786,7 +3859,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3147 +#: sssd.conf.5.xml:3207 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -3834,7 +3907,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:75 sssd-ad.5.xml:99 +#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:81 sssd-ad.5.xml:112 #: sssd-krb5.5.xml:63 sssd-ifp.5.xml:44 sssd-files.5.xml:57 #: sssd-secrets.5.xml:120 sssd-session-recording.5.xml:58 sssd-kcm.8.xml:139 msgid "CONFIGURATION OPTIONS" @@ -3935,7 +4008,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:662 sssd-ad.5.xml:270 +#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:662 sssd-ad.5.xml:283 #: sss_override.8.xml:137 sss_override.8.xml:234 msgid "Examples:" msgstr "Exemplos:" @@ -4140,7 +4213,7 @@ msgid "The LDAP attribute that corresponds to the user's primary group id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:297 sssd-ldap.5.xml:920 +#: sssd-ldap.5.xml:297 sssd-ldap.5.xml:929 msgid "Default: gidNumber" msgstr "" @@ -4218,7 +4291,7 @@ msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:364 sssd-ldap.5.xml:946 +#: sssd-ldap.5.xml:364 sssd-ldap.5.xml:955 msgid "" "Default: not set in the general case, objectGUID for AD and ipaUniqueID for " "IPA" @@ -4237,7 +4310,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:379 sssd-ldap.5.xml:961 +#: sssd-ldap.5.xml:379 sssd-ldap.5.xml:970 msgid "Default: objectSid for ActiveDirectory, not set for other servers." msgstr "" @@ -4247,14 +4320,14 @@ msgid "ldap_user_modify_timestamp (string)" msgstr "ldap_user_modify_timestamp (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:389 sssd-ldap.5.xml:971 sssd-ldap.5.xml:1194 +#: sssd-ldap.5.xml:389 sssd-ldap.5.xml:980 sssd-ldap.5.xml:1203 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:393 sssd-ldap.5.xml:975 sssd-ldap.5.xml:1201 +#: sssd-ldap.5.xml:393 sssd-ldap.5.xml:984 sssd-ldap.5.xml:1210 msgid "Default: modifyTimestamp" msgstr "Padrão: modifyTimestamp" @@ -4586,7 +4659,7 @@ msgid "The LDAP attribute that contains the user's SSH public keys." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:692 +#: sssd-ldap.5.xml:692 sssd-ldap.5.xml:1306 msgid "Default: sshPublicKey" msgstr "" @@ -4649,8 +4722,8 @@ msgid "The LDAP attribute that corresponds to the user's full name." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:759 sssd-ldap.5.xml:1152 sssd-ldap.5.xml:1226 -#: sssd-ldap.5.xml:2276 sssd-ipa.5.xml:588 +#: sssd-ldap.5.xml:759 sssd-ldap.5.xml:1161 sssd-ldap.5.xml:1235 +#: sssd-ldap.5.xml:1344 sssd-ldap.5.xml:2394 sssd-ipa.5.xml:607 msgid "Default: cn" msgstr "Padrão: NC" @@ -4665,7 +4738,7 @@ msgid "The LDAP attribute that lists the user's group memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:772 +#: sssd-ldap.5.xml:772 sssd-ldap.5.xml:1274 msgid "Default: memberOf" msgstr "" @@ -4801,105 +4874,115 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:881 +msgid "" +"Note: If an email address of a user conflicts with an email address or fully " +"qualified name of another user, then SSSD will not be able to serve those " +"users properly. If for some reason several users need to share the same " +"email address then set this option to a nonexistent attribute name in order " +"to disable user lookup/login by email." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:890 msgid "Default: mail" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:887 +#: sssd-ldap.5.xml:896 msgid "ldap_group_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:890 +#: sssd-ldap.5.xml:899 msgid "The object class of a group entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:893 +#: sssd-ldap.5.xml:902 msgid "Default: posixGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:899 +#: sssd-ldap.5.xml:908 msgid "ldap_group_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:902 +#: sssd-ldap.5.xml:911 msgid "The LDAP attribute that corresponds to the group name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:906 +#: sssd-ldap.5.xml:915 msgid "Default: cn (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:913 +#: sssd-ldap.5.xml:922 msgid "ldap_group_gid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:916 +#: sssd-ldap.5.xml:925 msgid "The LDAP attribute that corresponds to the group's id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:926 +#: sssd-ldap.5.xml:935 msgid "ldap_group_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:929 +#: sssd-ldap.5.xml:938 msgid "The LDAP attribute that contains the names of the group's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:933 +#: sssd-ldap.5.xml:942 msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:939 +#: sssd-ldap.5.xml:948 msgid "ldap_group_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:942 +#: sssd-ldap.5.xml:951 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:953 +#: sssd-ldap.5.xml:962 msgid "ldap_group_objectsid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:956 +#: sssd-ldap.5.xml:965 msgid "" "The LDAP attribute that contains the objectSID of an LDAP group object. This " "is usually only necessary for ActiveDirectory servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:968 +#: sssd-ldap.5.xml:977 msgid "ldap_group_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:981 +#: sssd-ldap.5.xml:990 msgid "ldap_group_type (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:984 +#: sssd-ldap.5.xml:993 msgid "" "The LDAP attribute that contains an integer value indicating the type of the " "group and maybe other flags." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:989 +#: sssd-ldap.5.xml:998 msgid "" "This attribute is currently only used by the AD provider to determine if a " "group is a domain local groups and has to be filtered out for trusted " @@ -4907,34 +4990,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:995 +#: sssd-ldap.5.xml:1004 msgid "Default: groupType in the AD provider, otherwise not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1002 +#: sssd-ldap.5.xml:1011 msgid "ldap_group_external_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1005 +#: sssd-ldap.5.xml:1014 msgid "" "The LDAP attribute that references group members that are defined in an " "external domain. At the moment, only IPA's external members are supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1011 +#: sssd-ldap.5.xml:1020 msgid "Default: ipaExternalMember in the IPA provider, otherwise unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1018 +#: sssd-ldap.5.xml:1027 msgid "ldap_group_nesting_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1021 +#: sssd-ldap.5.xml:1030 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -4942,7 +5025,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1028 +#: sssd-ldap.5.xml:1037 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -4952,7 +5035,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1037 +#: sssd-ldap.5.xml:1046 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " @@ -4962,17 +5045,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1046 +#: sssd-ldap.5.xml:1055 msgid "Default: 2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1052 +#: sssd-ldap.5.xml:1061 msgid "ldap_groups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1055 +#: sssd-ldap.5.xml:1064 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which may speed up group lookup operations on deployments with " @@ -4980,14 +5063,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1061 +#: sssd-ldap.5.xml:1070 msgid "" "In most common cases, it is best to leave this option disabled. It generally " "only provides a performance increase on very complex nestings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1066 sssd-ldap.5.xml:1093 +#: sssd-ldap.5.xml:1075 sssd-ldap.5.xml:1102 msgid "" "If this option is enabled, SSSD will use it if it detects that the server " "supports it during initial connection. So \"True\" here essentially means " @@ -4995,7 +5078,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1072 sssd-ldap.5.xml:1099 +#: sssd-ldap.5.xml:1081 sssd-ldap.5.xml:1108 msgid "" "Note: This feature is currently known to work only with Active Directory " "2008 R1 and later. See <ulink url=\"http://msdn.microsoft.com/en-us/library/" @@ -5004,12 +5087,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1084 +#: sssd-ldap.5.xml:1093 msgid "ldap_initgroups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1087 +#: sssd-ldap.5.xml:1096 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which might speed up initgroups operations (most notably when " @@ -5017,168 +5100,288 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1114 +#: sssd-ldap.5.xml:1123 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1119 +#: sssd-ldap.5.xml:1128 msgid "Default: True for AD and IPA otherwise False." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1125 +#: sssd-ldap.5.xml:1134 msgid "ldap_netgroup_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1128 +#: sssd-ldap.5.xml:1137 msgid "The object class of a netgroup entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1131 +#: sssd-ldap.5.xml:1140 msgid "In IPA provider, ipa_netgroup_object_class should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1135 +#: sssd-ldap.5.xml:1144 msgid "Default: nisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1141 +#: sssd-ldap.5.xml:1150 msgid "ldap_netgroup_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1144 +#: sssd-ldap.5.xml:1153 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1148 +#: sssd-ldap.5.xml:1157 msgid "In IPA provider, ipa_netgroup_name should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1158 +#: sssd-ldap.5.xml:1167 msgid "ldap_netgroup_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1161 +#: sssd-ldap.5.xml:1170 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1165 +#: sssd-ldap.5.xml:1174 msgid "In IPA provider, ipa_netgroup_member should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1169 +#: sssd-ldap.5.xml:1178 msgid "Default: memberNisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1175 +#: sssd-ldap.5.xml:1184 msgid "ldap_netgroup_triple (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1178 +#: sssd-ldap.5.xml:1187 msgid "" "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1182 sssd-ldap.5.xml:1198 +#: sssd-ldap.5.xml:1191 sssd-ldap.5.xml:1207 msgid "This option is not available in IPA provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1185 +#: sssd-ldap.5.xml:1194 msgid "Default: nisNetgroupTriple" msgstr "Padrão: nisNetgroupTriple" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1191 +#: sssd-ldap.5.xml:1200 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "ldap_netgroup_modify_timestamp (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1207 -msgid "ldap_service_object_class (string)" -msgstr "" +#: sssd-ldap.5.xml:1216 +#, fuzzy +#| msgid "ldap_search_base (string)" +msgid "ldap_host_object_class (string)" +msgstr "ldap_search_base (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1210 -msgid "The object class of a service entry in LDAP." +#: sssd-ldap.5.xml:1219 +msgid "The object class of a host entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1213 +#: sssd-ldap.5.xml:1222 sssd-ldap.5.xml:1331 msgid "Default: ipService" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1219 +#: sssd-ldap.5.xml:1228 +#, fuzzy +#| msgid "ipa_hostname (string)" +msgid "ldap_host_name (string)" +msgstr "ipa_hostname (string)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1231 sssd-ldap.5.xml:1257 +msgid "The LDAP attribute that corresponds to the host's name." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1241 +#, fuzzy +#| msgid "ipa_hostname (string)" +msgid "ldap_host_fqdn (string)" +msgstr "ipa_hostname (string)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1244 +msgid "" +"The LDAP attribute that corresponds to the host's fully-qualified domain " +"name." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1248 +#, fuzzy +#| msgid "Default: cn" +msgid "Default: fqdn" +msgstr "Padrão: NC" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1254 +#, fuzzy +#| msgid "ipa_hostname (string)" +msgid "ldap_host_serverhostname (string)" +msgstr "ipa_hostname (string)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1261 +#, fuzzy +#| msgid "Default: none" +msgid "Default: serverHostname" +msgstr "Padrão: none" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1267 +#, fuzzy +#| msgid "ldap_deref (string)" +msgid "ldap_host_member_of (string)" +msgstr "ldap_deref (string)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1270 +msgid "The LDAP attribute that lists the host's group memberships." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1280 +#, fuzzy +#| msgid "ldap_search_base (string)" +msgid "ldap_host_search_base (string)" +msgstr "ldap_search_base (string)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1283 +msgid "Optional. Use the given string as search base for host objects." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1287 sssd-ipa.5.xml:359 sssd-ipa.5.xml:378 +#: sssd-ipa.5.xml:397 sssd-ipa.5.xml:416 +msgid "" +"See <quote>ldap_search_base</quote> for information about configuring " +"multiple search bases." +msgstr "" + +#. type: Content of: <listitem><para> +#: sssd-ldap.5.xml:1292 sssd-ipa.5.xml:364 include/ldap_search_bases.xml:27 +msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1299 +#, fuzzy +#| msgid "ldap_pwd_policy (string)" +msgid "ldap_host_ssh_public_key (string)" +msgstr "ldap_pwd_policy (string)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1302 +msgid "The LDAP attribute that contains the host's SSH public keys." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1312 +#, fuzzy +#| msgid "ldap_sasl_authid (string)" +msgid "ldap_host_uuid (string)" +msgstr "ldap_sasl_authid (string)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1315 +msgid "The LDAP attribute that contains the UUID/GUID of an LDAP host object." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1325 +msgid "ldap_service_object_class (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1328 +msgid "The object class of a service entry in LDAP." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1337 msgid "ldap_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1222 +#: sssd-ldap.5.xml:1340 msgid "" "The LDAP attribute that contains the name of service attributes and their " "aliases." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1232 +#: sssd-ldap.5.xml:1350 msgid "ldap_service_port (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1235 +#: sssd-ldap.5.xml:1353 msgid "The LDAP attribute that contains the port managed by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1239 +#: sssd-ldap.5.xml:1357 msgid "Default: ipServicePort" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1245 +#: sssd-ldap.5.xml:1363 msgid "ldap_service_proto (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1248 +#: sssd-ldap.5.xml:1366 msgid "" "The LDAP attribute that contains the protocols understood by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1252 +#: sssd-ldap.5.xml:1370 msgid "Default: ipServiceProtocol" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1258 +#: sssd-ldap.5.xml:1376 msgid "ldap_service_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1263 +#: sssd-ldap.5.xml:1381 msgid "ldap_search_timeout (integer)" msgstr "ldap_search_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1266 +#: sssd-ldap.5.xml:1384 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -5186,7 +5389,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1272 +#: sssd-ldap.5.xml:1390 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -5194,12 +5397,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1284 +#: sssd-ldap.5.xml:1402 msgid "ldap_enumeration_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1287 +#: sssd-ldap.5.xml:1405 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -5207,12 +5410,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1300 +#: sssd-ldap.5.xml:1418 msgid "ldap_network_timeout (integer)" msgstr "ldap_network_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1303 +#: sssd-ldap.5.xml:1421 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -5223,12 +5426,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1326 +#: sssd-ldap.5.xml:1444 msgid "ldap_opt_timeout (integer)" msgstr "ldap_opt_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1329 +#: sssd-ldap.5.xml:1447 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -5237,12 +5440,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1344 +#: sssd-ldap.5.xml:1462 msgid "ldap_connection_expire_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1347 +#: sssd-ldap.5.xml:1465 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -5251,34 +5454,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1355 sssd-ldap.5.xml:2433 +#: sssd-ldap.5.xml:1473 sssd-ldap.5.xml:2551 msgid "Default: 900 (15 minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1361 +#: sssd-ldap.5.xml:1479 msgid "ldap_page_size (integer)" msgstr "ldap_page_size (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1364 +#: sssd-ldap.5.xml:1482 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1369 +#: sssd-ldap.5.xml:1487 msgid "Default: 1000" msgstr "Padrão: 1000" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1375 +#: sssd-ldap.5.xml:1493 msgid "ldap_disable_paging (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1378 +#: sssd-ldap.5.xml:1496 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -5286,14 +5489,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1384 +#: sssd-ldap.5.xml:1502 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1390 +#: sssd-ldap.5.xml:1508 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -5301,17 +5504,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1402 +#: sssd-ldap.5.xml:1520 msgid "ldap_disable_range_retrieval (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1405 +#: sssd-ldap.5.xml:1523 msgid "Disable Active Directory range retrieval." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1408 +#: sssd-ldap.5.xml:1526 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -5321,12 +5524,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1423 +#: sssd-ldap.5.xml:1541 msgid "ldap_sasl_minssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1426 +#: sssd-ldap.5.xml:1544 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -5334,17 +5537,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1432 +#: sssd-ldap.5.xml:1550 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1439 +#: sssd-ldap.5.xml:1557 msgid "ldap_deref_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1442 +#: sssd-ldap.5.xml:1560 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -5352,13 +5555,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1448 +#: sssd-ldap.5.xml:1566 msgid "" "You can turn off dereference lookups completely by setting the value to 0." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1452 +#: sssd-ldap.5.xml:1570 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -5367,7 +5570,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1460 +#: sssd-ldap.5.xml:1578 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -5375,19 +5578,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1473 +#: sssd-ldap.5.xml:1591 msgid "ldap_tls_reqcert (string)" msgstr "ldap_tls_reqcert (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1476 +#: sssd-ldap.5.xml:1594 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1482 +#: sssd-ldap.5.xml:1600 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." @@ -5396,7 +5599,7 @@ msgstr "" "qualquer certificado de servidor." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1486 +#: sssd-ldap.5.xml:1604 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5404,7 +5607,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1493 +#: sssd-ldap.5.xml:1611 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5412,7 +5615,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1499 +#: sssd-ldap.5.xml:1617 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -5420,41 +5623,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1505 +#: sssd-ldap.5.xml:1623 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1509 +#: sssd-ldap.5.xml:1627 msgid "Default: hard" msgstr "Padrão: hard" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1515 +#: sssd-ldap.5.xml:1633 msgid "ldap_tls_cacert (string)" msgstr "ldap_tls_cacert (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1518 +#: sssd-ldap.5.xml:1636 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1523 sssd-ldap.5.xml:1541 sssd-ldap.5.xml:1582 +#: sssd-ldap.5.xml:1641 sssd-ldap.5.xml:1659 sssd-ldap.5.xml:1700 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1530 +#: sssd-ldap.5.xml:1648 msgid "ldap_tls_cacertdir (string)" msgstr "ldap_tls_cacertdir (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1533 +#: sssd-ldap.5.xml:1651 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -5463,32 +5666,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1548 +#: sssd-ldap.5.xml:1666 msgid "ldap_tls_cert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1551 +#: sssd-ldap.5.xml:1669 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1561 +#: sssd-ldap.5.xml:1679 msgid "ldap_tls_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1564 +#: sssd-ldap.5.xml:1682 msgid "Specifies the file that contains the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1573 +#: sssd-ldap.5.xml:1691 msgid "ldap_tls_cipher_suite (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1576 +#: sssd-ldap.5.xml:1694 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -5496,24 +5699,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1589 +#: sssd-ldap.5.xml:1707 msgid "ldap_id_use_start_tls (boolean)" msgstr "ldap_id_use_start_tls (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1592 +#: sssd-ldap.5.xml:1710 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1602 +#: sssd-ldap.5.xml:1720 msgid "ldap_id_mapping (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1605 +#: sssd-ldap.5.xml:1723 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -5521,17 +5724,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1611 +#: sssd-ldap.5.xml:1729 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1621 +#: sssd-ldap.5.xml:1739 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1624 +#: sssd-ldap.5.xml:1742 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -5542,29 +5745,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1636 +#: sssd-ldap.5.xml:1754 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1642 +#: sssd-ldap.5.xml:1760 msgid "ldap_sasl_mech (string)" msgstr "ldap_sasl_mech (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1645 +#: sssd-ldap.5.xml:1763 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI is tested and " "supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1655 +#: sssd-ldap.5.xml:1773 msgid "ldap_sasl_authid (string)" msgstr "ldap_sasl_authid (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1658 +#: sssd-ldap.5.xml:1776 msgid "" "Specify the SASL authorization id to use. When GSSAPI is used, this " "represents the Kerberos principal used for authentication to the directory. " @@ -5573,17 +5776,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1666 +#: sssd-ldap.5.xml:1784 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1672 +#: sssd-ldap.5.xml:1790 msgid "ldap_sasl_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1675 +#: sssd-ldap.5.xml:1793 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -5591,50 +5794,50 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1681 +#: sssd-ldap.5.xml:1799 msgid "Default: the value of krb5_realm." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1687 +#: sssd-ldap.5.xml:1805 msgid "ldap_sasl_canonicalize (boolean)" msgstr "ldap_sasl_canonicalize (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1690 +#: sssd-ldap.5.xml:1808 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1695 +#: sssd-ldap.5.xml:1813 msgid "Default: false;" msgstr "Padrão: false;" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1701 +#: sssd-ldap.5.xml:1819 msgid "ldap_krb5_keytab (string)" msgstr "ldap_krb5_keytab (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1704 +#: sssd-ldap.5.xml:1822 msgid "Specify the keytab to use when using SASL/GSSAPI." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1707 +#: sssd-ldap.5.xml:1825 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" "Padrão: Sistema keytab, normalmente <filename>/etc/krb5.keytab</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1713 +#: sssd-ldap.5.xml:1831 msgid "ldap_krb5_init_creds (boolean)" msgstr "ldap_krb5_init_creds (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1716 +#: sssd-ldap.5.xml:1834 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -5642,27 +5845,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1728 +#: sssd-ldap.5.xml:1846 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "ldap_krb5_ticket_lifetime (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1731 +#: sssd-ldap.5.xml:1849 msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1735 sssd-ad.5.xml:914 +#: sssd-ldap.5.xml:1853 sssd-ad.5.xml:934 msgid "Default: 86400 (24 hours)" msgstr "Padrão: 86400 (24 horas)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1741 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1859 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1744 +#: sssd-ldap.5.xml:1862 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -5674,7 +5877,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1756 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1874 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -5682,7 +5885,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1761 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1879 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -5690,39 +5893,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1770 sssd-ipa.5.xml:432 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1888 sssd-ipa.5.xml:428 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "krb5_realm (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1773 +#: sssd-ldap.5.xml:1891 msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1776 +#: sssd-ldap.5.xml:1894 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1782 sssd-krb5.5.xml:462 +#: sssd-ldap.5.xml:1900 sssd-krb5.5.xml:462 msgid "krb5_canonicalize (boolean)" msgstr "krb5_canonicalize (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1785 +#: sssd-ldap.5.xml:1903 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1797 sssd-krb5.5.xml:477 +#: sssd-ldap.5.xml:1915 sssd-krb5.5.xml:477 msgid "krb5_use_kdcinfo (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1800 sssd-krb5.5.xml:480 +#: sssd-ldap.5.xml:1918 sssd-krb5.5.xml:480 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -5732,7 +5935,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1811 sssd-krb5.5.xml:491 +#: sssd-ldap.5.xml:1929 sssd-krb5.5.xml:491 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -5740,26 +5943,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1825 +#: sssd-ldap.5.xml:1943 msgid "ldap_pwd_policy (string)" msgstr "ldap_pwd_policy (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1828 +#: sssd-ldap.5.xml:1946 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1833 +#: sssd-ldap.5.xml:1951 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1838 +#: sssd-ldap.5.xml:1956 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -5767,7 +5970,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1844 +#: sssd-ldap.5.xml:1962 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -5775,31 +5978,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1853 +#: sssd-ldap.5.xml:1971 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1861 +#: sssd-ldap.5.xml:1979 msgid "ldap_referrals (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1864 +#: sssd-ldap.5.xml:1982 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1868 +#: sssd-ldap.5.xml:1986 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1873 +#: sssd-ldap.5.xml:1991 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -5808,56 +6011,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1887 +#: sssd-ldap.5.xml:2005 msgid "ldap_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1890 +#: sssd-ldap.5.xml:2008 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1894 +#: sssd-ldap.5.xml:2012 msgid "Default: ldap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1900 +#: sssd-ldap.5.xml:2018 msgid "ldap_chpass_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1903 +#: sssd-ldap.5.xml:2021 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1908 +#: sssd-ldap.5.xml:2026 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1914 +#: sssd-ldap.5.xml:2032 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1917 +#: sssd-ldap.5.xml:2035 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1929 +#: sssd-ldap.5.xml:2047 msgid "ldap_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1932 +#: sssd-ldap.5.xml:2050 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -5873,12 +6076,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1952 +#: sssd-ldap.5.xml:2070 msgid "Example:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1955 +#: sssd-ldap.5.xml:2073 #, no-wrap msgid "" "access_provider = ldap\n" @@ -5887,14 +6090,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1959 +#: sssd-ldap.5.xml:2077 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1964 +#: sssd-ldap.5.xml:2082 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -5903,24 +6106,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1972 sssd-ldap.5.xml:2029 +#: sssd-ldap.5.xml:2090 sssd-ldap.5.xml:2147 msgid "Default: Empty" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1978 +#: sssd-ldap.5.xml:2096 msgid "ldap_account_expire_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1981 +#: sssd-ldap.5.xml:2099 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1985 +#: sssd-ldap.5.xml:2103 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -5928,19 +6131,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1992 +#: sssd-ldap.5.xml:2110 msgid "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1995 +#: sssd-ldap.5.xml:2113 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2000 +#: sssd-ldap.5.xml:2118 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -5949,7 +6152,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2007 +#: sssd-ldap.5.xml:2125 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -5957,7 +6160,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2013 +#: sssd-ldap.5.xml:2131 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -5966,7 +6169,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2022 +#: sssd-ldap.5.xml:2140 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -5974,22 +6177,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2035 +#: sssd-ldap.5.xml:2153 msgid "ldap_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2038 +#: sssd-ldap.5.xml:2156 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2042 +#: sssd-ldap.5.xml:2160 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2045 +#: sssd-ldap.5.xml:2163 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -5999,14 +6202,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2055 +#: sssd-ldap.5.xml:2173 msgid "" "<emphasis> Please note that this option is superseded by the <quote>ppolicy</" "quote> option and might be removed in a future release. </emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2062 +#: sssd-ldap.5.xml:2180 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6019,12 +6222,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2079 +#: sssd-ldap.5.xml:2197 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2083 +#: sssd-ldap.5.xml:2201 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " @@ -6034,7 +6237,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2093 +#: sssd-ldap.5.xml:2211 msgid "" "The difference between these options is the action taken if user password is " "expired: pwd_expire_policy_reject - user is denied to log in, " @@ -6044,63 +6247,63 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2101 +#: sssd-ldap.5.xml:2219 msgid "" "Note If user password is expired no explicit message is prompted by SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2105 +#: sssd-ldap.5.xml:2223 msgid "" "Please note that 'access_provider = ldap' must be set for this feature to " "work. Also 'ldap_pwd_policy' must be set to an appropriate password policy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2110 +#: sssd-ldap.5.xml:2228 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2115 +#: sssd-ldap.5.xml:2233 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2119 +#: sssd-ldap.5.xml:2237 msgid "" "<emphasis>rhost</emphasis>: use the rhost attribute to determine whether " "remote host can access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2123 +#: sssd-ldap.5.xml:2241 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control option" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2128 +#: sssd-ldap.5.xml:2246 msgid "Default: filter" msgstr "Padrão: filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2131 +#: sssd-ldap.5.xml:2249 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2138 +#: sssd-ldap.5.xml:2256 msgid "ldap_pwdlockout_dn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2141 +#: sssd-ldap.5.xml:2259 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " @@ -6109,74 +6312,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2149 +#: sssd-ldap.5.xml:2267 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2152 +#: sssd-ldap.5.xml:2270 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2158 +#: sssd-ldap.5.xml:2276 msgid "ldap_deref (string)" msgstr "ldap_deref (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2161 +#: sssd-ldap.5.xml:2279 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2166 +#: sssd-ldap.5.xml:2284 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2170 +#: sssd-ldap.5.xml:2288 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2175 +#: sssd-ldap.5.xml:2293 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2180 +#: sssd-ldap.5.xml:2298 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2185 +#: sssd-ldap.5.xml:2303 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2193 +#: sssd-ldap.5.xml:2311 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2196 +#: sssd-ldap.5.xml:2314 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2200 +#: sssd-ldap.5.xml:2318 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -6187,7 +6390,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2211 +#: sssd-ldap.5.xml:2329 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -6195,26 +6398,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2223 sssd-ifp.5.xml:136 +#: sssd-ldap.5.xml:2341 sssd-ifp.5.xml:136 #, fuzzy #| msgid "ldap_opt_timeout (integer)" msgid "wildcard_limit (integer)" msgstr "ldap_opt_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2226 +#: sssd-ldap.5.xml:2344 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2230 +#: sssd-ldap.5.xml:2348 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2234 +#: sssd-ldap.5.xml:2352 msgid "Default: 1000 (often the size of one page)" msgstr "" @@ -6229,12 +6432,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2244 +#: sssd-ldap.5.xml:2362 msgid "SUDO OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2246 +#: sssd-ldap.5.xml:2364 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -6242,208 +6445,208 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2257 +#: sssd-ldap.5.xml:2375 msgid "ldap_sudorule_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2260 +#: sssd-ldap.5.xml:2378 msgid "The object class of a sudo rule entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2263 +#: sssd-ldap.5.xml:2381 msgid "Default: sudoRole" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2269 +#: sssd-ldap.5.xml:2387 msgid "ldap_sudorule_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2272 +#: sssd-ldap.5.xml:2390 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2282 +#: sssd-ldap.5.xml:2400 msgid "ldap_sudorule_command (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2285 +#: sssd-ldap.5.xml:2403 msgid "The LDAP attribute that corresponds to the command name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2289 +#: sssd-ldap.5.xml:2407 msgid "Default: sudoCommand" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2295 +#: sssd-ldap.5.xml:2413 msgid "ldap_sudorule_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2298 +#: sssd-ldap.5.xml:2416 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2303 +#: sssd-ldap.5.xml:2421 msgid "Default: sudoHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2309 +#: sssd-ldap.5.xml:2427 msgid "ldap_sudorule_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2312 +#: sssd-ldap.5.xml:2430 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2316 +#: sssd-ldap.5.xml:2434 msgid "Default: sudoUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2322 +#: sssd-ldap.5.xml:2440 msgid "ldap_sudorule_option (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2325 +#: sssd-ldap.5.xml:2443 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2329 +#: sssd-ldap.5.xml:2447 msgid "Default: sudoOption" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2335 +#: sssd-ldap.5.xml:2453 msgid "ldap_sudorule_runasuser (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2338 +#: sssd-ldap.5.xml:2456 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2342 +#: sssd-ldap.5.xml:2460 msgid "Default: sudoRunAsUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2348 +#: sssd-ldap.5.xml:2466 msgid "ldap_sudorule_runasgroup (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2351 +#: sssd-ldap.5.xml:2469 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2355 +#: sssd-ldap.5.xml:2473 msgid "Default: sudoRunAsGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2361 +#: sssd-ldap.5.xml:2479 msgid "ldap_sudorule_notbefore (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2364 +#: sssd-ldap.5.xml:2482 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2368 +#: sssd-ldap.5.xml:2486 msgid "Default: sudoNotBefore" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2374 +#: sssd-ldap.5.xml:2492 msgid "ldap_sudorule_notafter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2377 +#: sssd-ldap.5.xml:2495 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2382 +#: sssd-ldap.5.xml:2500 msgid "Default: sudoNotAfter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2388 +#: sssd-ldap.5.xml:2506 msgid "ldap_sudorule_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2391 +#: sssd-ldap.5.xml:2509 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2395 +#: sssd-ldap.5.xml:2513 msgid "Default: sudoOrder" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2401 +#: sssd-ldap.5.xml:2519 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2404 +#: sssd-ldap.5.xml:2522 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2409 +#: sssd-ldap.5.xml:2527 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2414 +#: sssd-ldap.5.xml:2532 msgid "Default: 21600 (6 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2420 +#: sssd-ldap.5.xml:2538 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2423 +#: sssd-ldap.5.xml:2541 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest USN " @@ -6451,101 +6654,101 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2429 +#: sssd-ldap.5.xml:2547 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2439 +#: sssd-ldap.5.xml:2557 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2442 +#: sssd-ldap.5.xml:2560 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2453 +#: sssd-ldap.5.xml:2571 msgid "ldap_sudo_hostnames (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2456 +#: sssd-ldap.5.xml:2574 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2461 +#: sssd-ldap.5.xml:2579 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2466 sssd-ldap.5.xml:2489 sssd-ldap.5.xml:2507 -#: sssd-ldap.5.xml:2525 +#: sssd-ldap.5.xml:2584 sssd-ldap.5.xml:2607 sssd-ldap.5.xml:2625 +#: sssd-ldap.5.xml:2643 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2471 sssd-ldap.5.xml:2494 +#: sssd-ldap.5.xml:2589 sssd-ldap.5.xml:2612 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2477 +#: sssd-ldap.5.xml:2595 msgid "ldap_sudo_ip (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2480 +#: sssd-ldap.5.xml:2598 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2485 +#: sssd-ldap.5.xml:2603 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2500 +#: sssd-ldap.5.xml:2618 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2503 +#: sssd-ldap.5.xml:2621 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2518 +#: sssd-ldap.5.xml:2636 msgid "ldap_sudo_include_regexp (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2521 +#: sssd-ldap.5.xml:2639 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2537 +#: sssd-ldap.5.xml:2655 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -6554,111 +6757,111 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2547 +#: sssd-ldap.5.xml:2665 msgid "AUTOFS OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2549 +#: sssd-ldap.5.xml:2667 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2555 +#: sssd-ldap.5.xml:2673 msgid "ldap_autofs_map_master_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2558 +#: sssd-ldap.5.xml:2676 msgid "The name of the automount master map in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2561 +#: sssd-ldap.5.xml:2679 msgid "Default: auto.master" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2568 +#: sssd-ldap.5.xml:2686 msgid "ldap_autofs_map_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2571 +#: sssd-ldap.5.xml:2689 msgid "The object class of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2574 +#: sssd-ldap.5.xml:2692 msgid "Default: nisMap (rfc2307, autofs_provider=ad), otherwise automountMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2582 +#: sssd-ldap.5.xml:2700 msgid "ldap_autofs_map_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2585 +#: sssd-ldap.5.xml:2703 msgid "The name of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2588 +#: sssd-ldap.5.xml:2706 msgid "" "Default: nisMapName (rfc2307, autofs_provider=ad), otherwise automountMapName" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2596 +#: sssd-ldap.5.xml:2714 msgid "ldap_autofs_entry_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2599 +#: sssd-ldap.5.xml:2717 msgid "" "The object class of an automount entry in LDAP. The entry usually " "corresponds to a mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2604 +#: sssd-ldap.5.xml:2722 msgid "Default: nisObject (rfc2307, autofs_provider=ad), otherwise automount" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2612 +#: sssd-ldap.5.xml:2730 msgid "ldap_autofs_entry_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2615 sssd-ldap.5.xml:2630 +#: sssd-ldap.5.xml:2733 sssd-ldap.5.xml:2748 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2619 +#: sssd-ldap.5.xml:2737 msgid "Default: cn (rfc2307, autofs_provider=ad), otherwise automountKey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2627 +#: sssd-ldap.5.xml:2745 msgid "ldap_autofs_entry_value (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2634 +#: sssd-ldap.5.xml:2752 msgid "" "Default: nisMapEntry (rfc2307, autofs_provider=ad), otherwise " "automountInformation" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2553 +#: sssd-ldap.5.xml:2671 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " @@ -6667,32 +6870,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2645 +#: sssd-ldap.5.xml:2763 msgid "ADVANCED OPTIONS" msgstr "OPÇÕES AVANÇADAS" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2652 +#: sssd-ldap.5.xml:2770 msgid "ldap_netgroup_search_base (string)" msgstr "ldap_netgroup_search_base (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2657 +#: sssd-ldap.5.xml:2775 msgid "ldap_user_search_base (string)" msgstr "ldap_user_search_base (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2662 +#: sssd-ldap.5.xml:2780 msgid "ldap_group_search_base (string)" msgstr "ldap_group_search_base (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> -#: sssd-ldap.5.xml:2667 +#: sssd-ldap.5.xml:2785 msgid "<note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> -#: sssd-ldap.5.xml:2669 +#: sssd-ldap.5.xml:2787 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " @@ -6701,22 +6904,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist> -#: sssd-ldap.5.xml:2676 +#: sssd-ldap.5.xml:2794 msgid "</note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2678 +#: sssd-ldap.5.xml:2796 msgid "ldap_sudo_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2683 +#: sssd-ldap.5.xml:2801 msgid "ldap_autofs_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2647 +#: sssd-ldap.5.xml:2765 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -6725,14 +6928,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2698 sssd-simple.5.xml:131 sssd-ipa.5.xml:717 -#: sssd-ad.5.xml:1018 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 +#: sssd-ldap.5.xml:2816 sssd-simple.5.xml:131 sssd-ipa.5.xml:736 +#: sssd-ad.5.xml:1038 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 #: sssd-files.5.xml:71 sssd-session-recording.5.xml:144 msgid "EXAMPLE" msgstr "EXEMPLO" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2700 +#: sssd-ldap.5.xml:2818 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -6740,7 +6943,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2706 +#: sssd-ldap.5.xml:2824 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -6753,27 +6956,27 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2705 sssd-ldap.5.xml:2723 sssd-simple.5.xml:139 -#: sssd-ipa.5.xml:725 sssd-ad.5.xml:1026 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 +#: sssd-ldap.5.xml:2823 sssd-ldap.5.xml:2841 sssd-simple.5.xml:139 +#: sssd-ipa.5.xml:744 sssd-ad.5.xml:1046 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 #: sssd-files.5.xml:78 sssd-session-recording.5.xml:150 #: include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "<placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2717 +#: sssd-ldap.5.xml:2835 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2719 +#: sssd-ldap.5.xml:2837 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2724 +#: sssd-ldap.5.xml:2842 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -6789,13 +6992,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2739 sssd_krb5_locator_plugin.8.xml:61 sssd-simple.5.xml:148 -#: sssd-ad.5.xml:1041 sssd.8.xml:195 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2857 sssd_krb5_locator_plugin.8.xml:61 sssd-simple.5.xml:148 +#: sssd-ad.5.xml:1061 sssd.8.xml:230 sss_seed.8.xml:163 msgid "NOTES" msgstr "NOTAS" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2741 +#: sssd-ldap.5.xml:2859 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -7201,7 +7404,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:70 sssd-ipa.5.xml:76 sssd-ad.5.xml:100 +#: sssd-simple.5.xml:70 sssd-ipa.5.xml:82 sssd-ad.5.xml:113 msgid "" "Refer to the section <quote>DOMAIN SECTIONS</quote> of the <citerefentry> " "<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" @@ -8051,7 +8254,7 @@ msgstr "" #: sss-certmap.5.xml:577 msgid "" "This template will add the OID which is stored in the registeredID component " -"of the SAN as as dotted-decimal string." +"of the SAN as a dotted-decimal string." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> @@ -8142,30 +8345,38 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:67 msgid "" +"If <quote>auth_provider=ipa</quote> or <quote>access_provider=ipa</quote> is " +"configured in sssd.conf then the id_provider must also be set to <quote>ipa</" +"quote>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:73 +msgid "" "The IPA provider will use the PAC responder if the Kerberos tickets of users " "from trusted realms contain a PAC. To make configuration easier the PAC " "responder is started automatically if the IPA ID provider is configured." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:83 +#: sssd-ipa.5.xml:89 msgid "ipa_domain (string)" msgstr "ipa_domain (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:86 +#: sssd-ipa.5.xml:92 msgid "" "Specifies the name of the IPA domain. This is optional. If not provided, " "the configuration domain name is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:94 +#: sssd-ipa.5.xml:100 msgid "ipa_server, ipa_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:97 +#: sssd-ipa.5.xml:103 msgid "" "The comma-separated list of IP addresses or hostnames of the IPA servers to " "which SSSD should connect in the order of preference. For more information " @@ -8175,12 +8386,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:110 +#: sssd-ipa.5.xml:116 msgid "ipa_hostname (string)" msgstr "ipa_hostname (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:113 +#: sssd-ipa.5.xml:119 msgid "" "Optional. May be set on machines where the hostname(5) does not reflect the " "fully qualified name used in the IPA domain to identify this host. The " @@ -8188,12 +8399,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:122 sssd-ad.5.xml:843 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:863 msgid "dyndns_update (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:125 +#: sssd-ipa.5.xml:131 msgid "" "Optional. This option tells SSSD to automatically update the DNS server " "built into FreeIPA with the IP address of this client. The update is secured " @@ -8203,14 +8414,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:134 sssd-ad.5.xml:857 +#: sssd-ipa.5.xml:140 sssd-ad.5.xml:877 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:139 +#: sssd-ipa.5.xml:145 msgid "" "NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_update</" "emphasis> option, users should migrate to using <emphasis>dyndns_update</" @@ -8218,12 +8429,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:151 sssd-ad.5.xml:868 +#: sssd-ipa.5.xml:157 sssd-ad.5.xml:888 msgid "dyndns_ttl (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:154 sssd-ad.5.xml:871 +#: sssd-ipa.5.xml:160 sssd-ad.5.xml:891 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -8231,7 +8442,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:159 +#: sssd-ipa.5.xml:165 msgid "" "NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_ttl</" "emphasis> option, users should migrate to using <emphasis>dyndns_ttl</" @@ -8239,17 +8450,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:165 +#: sssd-ipa.5.xml:171 msgid "Default: 1200 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:171 sssd-ad.5.xml:882 +#: sssd-ipa.5.xml:177 sssd-ad.5.xml:902 msgid "dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:174 sssd-ad.5.xml:885 +#: sssd-ipa.5.xml:180 sssd-ad.5.xml:905 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " @@ -8258,7 +8469,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:181 +#: sssd-ipa.5.xml:187 msgid "" "NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_iface</" "emphasis> option, users should migrate to using <emphasis>dyndns_iface</" @@ -8266,24 +8477,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:187 +#: sssd-ipa.5.xml:193 msgid "" "Default: Use the IP addresses of the interface which is used for IPA LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:191 sssd-ad.5.xml:896 +#: sssd-ipa.5.xml:197 sssd-ad.5.xml:916 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:197 sssd-ad.5.xml:947 +#: sssd-ipa.5.xml:203 sssd-ad.5.xml:967 msgid "dyndns_auth (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:200 sssd-ad.5.xml:950 +#: sssd-ipa.5.xml:206 sssd-ad.5.xml:970 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " @@ -8291,22 +8502,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:206 sssd-ad.5.xml:956 +#: sssd-ipa.5.xml:212 sssd-ad.5.xml:976 msgid "Default: GSS-TSIG" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:212 +#: sssd-ipa.5.xml:218 msgid "ipa_enable_dns_sites (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:215 sssd-ad.5.xml:197 +#: sssd-ipa.5.xml:221 sssd-ad.5.xml:210 msgid "Enables DNS sites - location based service discovery." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:219 +#: sssd-ipa.5.xml:225 msgid "" "If true and service discovery (see Service Discovery paragraph at the bottom " "of the man page) is enabled, then the SSSD will first attempt location " @@ -8318,12 +8529,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:238 sssd-ad.5.xml:902 +#: sssd-ipa.5.xml:244 sssd-ad.5.xml:922 msgid "dyndns_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:241 +#: sssd-ipa.5.xml:247 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -8331,232 +8542,219 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:254 sssd-ad.5.xml:920 +#: sssd-ipa.5.xml:260 sssd-ad.5.xml:940 msgid "dyndns_update_ptr (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:257 sssd-ad.5.xml:923 +#: sssd-ipa.5.xml:263 sssd-ad.5.xml:943 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:262 +#: sssd-ipa.5.xml:268 msgid "" "This option should be False in most IPA deployments as the IPA server " "generates the PTR records automatically when forward records are changed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:268 +#: sssd-ipa.5.xml:274 msgid "Default: False (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:274 sssd-ad.5.xml:934 +#: sssd-ipa.5.xml:280 sssd-ad.5.xml:954 msgid "dyndns_force_tcp (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:277 sssd-ad.5.xml:937 +#: sssd-ipa.5.xml:283 sssd-ad.5.xml:957 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:281 sssd-ad.5.xml:941 +#: sssd-ipa.5.xml:287 sssd-ad.5.xml:961 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:287 sssd-ad.5.xml:962 +#: sssd-ipa.5.xml:293 sssd-ad.5.xml:982 msgid "dyndns_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:290 sssd-ad.5.xml:965 +#: sssd-ipa.5.xml:296 sssd-ad.5.xml:985 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:295 sssd-ad.5.xml:970 +#: sssd-ipa.5.xml:301 sssd-ad.5.xml:990 msgid "" "Setting this option makes sense for environments where the DNS server is " "different from the identity server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:300 sssd-ad.5.xml:975 +#: sssd-ipa.5.xml:306 sssd-ad.5.xml:995 msgid "" "Please note that this option will be only used in fallback attempt when " "previous attempt using autodetected settings failed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:305 sssd-ad.5.xml:980 +#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1000 msgid "Default: None (let nsupdate choose the server)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:311 +#: sssd-ipa.5.xml:317 #, fuzzy #| msgid "ipa_hbac_search_base (string)" msgid "ipa_deskprofile_search_base (string)" msgstr "ipa_hbac_search_base (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:314 +#: sssd-ipa.5.xml:320 msgid "" "Optional. Use the given string as search base for Desktop Profile related " "objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:318 sssd-ipa.5.xml:331 +#: sssd-ipa.5.xml:324 sssd-ipa.5.xml:337 msgid "Default: Use base DN" msgstr "Default: Use base DN" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:324 +#: sssd-ipa.5.xml:330 msgid "ipa_hbac_search_base (string)" msgstr "ipa_hbac_search_base (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:327 +#: sssd-ipa.5.xml:333 msgid "Optional. Use the given string as search base for HBAC related objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:337 +#: sssd-ipa.5.xml:343 msgid "ipa_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:340 -msgid "Optional. Use the given string as search base for host objects." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:344 sssd-ipa.5.xml:363 sssd-ipa.5.xml:382 sssd-ipa.5.xml:401 -#: sssd-ipa.5.xml:420 -msgid "" -"See <quote>ldap_search_base</quote> for information about configuring " -"multiple search bases." -msgstr "" - -#. type: Content of: <listitem><para> -#: sssd-ipa.5.xml:349 sssd-ipa.5.xml:368 include/ldap_search_bases.xml:27 -msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" +#: sssd-ipa.5.xml:346 +msgid "Deprecated. Use ldap_host_search_base instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:356 +#: sssd-ipa.5.xml:352 msgid "ipa_selinux_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:359 +#: sssd-ipa.5.xml:355 msgid "Optional. Use the given string as search base for SELinux user maps." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:375 +#: sssd-ipa.5.xml:371 msgid "ipa_subdomains_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:378 +#: sssd-ipa.5.xml:374 msgid "Optional. Use the given string as search base for trusted domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:387 +#: sssd-ipa.5.xml:383 msgid "Default: the value of <emphasis>cn=trusts,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:394 +#: sssd-ipa.5.xml:390 msgid "ipa_master_domain_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:397 +#: sssd-ipa.5.xml:393 msgid "Optional. Use the given string as search base for master domain object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:406 +#: sssd-ipa.5.xml:402 msgid "Default: the value of <emphasis>cn=ad,cn=etc,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:413 +#: sssd-ipa.5.xml:409 msgid "ipa_views_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:416 +#: sssd-ipa.5.xml:412 msgid "Optional. Use the given string as search base for views containers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:425 +#: sssd-ipa.5.xml:421 msgid "Default: the value of <emphasis>cn=views,cn=accounts,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:435 +#: sssd-ipa.5.xml:431 msgid "" "The name of the Kerberos realm. This is optional and defaults to the value " "of <quote>ipa_domain</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:439 +#: sssd-ipa.5.xml:435 msgid "" "The name of the Kerberos realm has a special meaning in IPA - it is " "converted into the base DN to use for performing LDAP operations." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:447 sssd-ad.5.xml:989 +#: sssd-ipa.5.xml:443 sssd-ad.5.xml:1009 msgid "krb5_confd_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:450 sssd-ad.5.xml:992 +#: sssd-ipa.5.xml:446 sssd-ad.5.xml:1012 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:454 sssd-ad.5.xml:996 +#: sssd-ipa.5.xml:450 sssd-ad.5.xml:1016 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:458 sssd-ad.5.xml:1000 +#: sssd-ipa.5.xml:454 sssd-ad.5.xml:1020 msgid "" "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:465 +#: sssd-ipa.5.xml:461 #, fuzzy #| msgid "config_file_version (integer)" msgid "ipa_deskprofile_refresh (integer)" msgstr "config_file_version (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:468 +#: sssd-ipa.5.xml:464 msgid "" "The amount of time between lookups of the Desktop Profile rules against the " "IPA server. This will reduce the latency and load on the IPA server if there " @@ -8564,36 +8762,36 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:475 sssd-ipa.5.xml:505 sssd-ipa.5.xml:521 sssd-ad.5.xml:408 +#: sssd-ipa.5.xml:471 sssd-ipa.5.xml:501 sssd-ipa.5.xml:517 sssd-ad.5.xml:428 msgid "Default: 5 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:481 +#: sssd-ipa.5.xml:477 msgid "ipa_deskprofile_request_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:484 +#: sssd-ipa.5.xml:480 msgid "" "The amount of time between lookups of the Desktop Profile rules against the " "IPA server in case the last request did not return any rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:489 +#: sssd-ipa.5.xml:485 #, fuzzy #| msgid "Default: 0 (unlimited)" msgid "Default: 60 (minutes)" msgstr "Padrão: 0 (ilimitado)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:495 +#: sssd-ipa.5.xml:491 msgid "ipa_hbac_refresh (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:498 +#: sssd-ipa.5.xml:494 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server. " "This will reduce the latency and load on the IPA server if there are many " @@ -8601,12 +8799,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:511 +#: sssd-ipa.5.xml:507 msgid "ipa_hbac_selinux (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:514 +#: sssd-ipa.5.xml:510 msgid "" "The amount of time between lookups of the SELinux maps against the IPA " "server. This will reduce the latency and load on the IPA server if there are " @@ -8614,192 +8812,214 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:527 +#: sssd-ipa.5.xml:523 msgid "ipa_server_mode (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:530 +#: sssd-ipa.5.xml:526 msgid "" "This option will be set by the IPA installer (ipa-server-install) " "automatically and denotes if SSSD is running on an IPA server or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:535 +#: sssd-ipa.5.xml:531 msgid "" "On an IPA server SSSD will lookup users and groups from trusted domains " "directly while on a client it will ask an IPA server." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:536 +msgid "" +"NOTE: There are currently some assumptions that must be met when SSSD is " +"running on an IPA server." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ipa.5.xml:541 +msgid "" +"The <quote>ipa_server</quote> option must be configured to point to the IPA " +"server itself. This is already the default set by the IPA installer, so no " +"manual change is required." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ipa.5.xml:550 +msgid "" +"The <quote>full_name_format</quote> option must not be tweaked to only print " +"short names for users from trusted domains." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:546 +#: sssd-ipa.5.xml:565 msgid "ipa_automount_location (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:549 +#: sssd-ipa.5.xml:568 msgid "The automounter location this IPA client will be using" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:552 +#: sssd-ipa.5.xml:571 msgid "Default: The location named \"default\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:560 +#: sssd-ipa.5.xml:579 msgid "VIEWS AND OVERRIDES" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:569 +#: sssd-ipa.5.xml:588 msgid "ipa_view_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:572 +#: sssd-ipa.5.xml:591 msgid "Objectclass of the view container." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:575 +#: sssd-ipa.5.xml:594 msgid "Default: nsContainer" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:581 +#: sssd-ipa.5.xml:600 msgid "ipa_view_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:584 +#: sssd-ipa.5.xml:603 msgid "Name of the attribute holding the name of the view." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:594 +#: sssd-ipa.5.xml:613 msgid "ipa_override_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:597 +#: sssd-ipa.5.xml:616 msgid "Objectclass of the override objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:600 +#: sssd-ipa.5.xml:619 msgid "Default: ipaOverrideAnchor" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:606 +#: sssd-ipa.5.xml:625 msgid "ipa_anchor_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:609 +#: sssd-ipa.5.xml:628 msgid "" "Name of the attribute containing the reference to the original object in a " "remote domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:613 +#: sssd-ipa.5.xml:632 msgid "Default: ipaAnchorUUID" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:619 +#: sssd-ipa.5.xml:638 msgid "ipa_user_override_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:622 +#: sssd-ipa.5.xml:641 msgid "" "Name of the objectclass for user overrides. It is used to determine if the " "found override object is related to a user or a group." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:627 +#: sssd-ipa.5.xml:646 msgid "User overrides can contain attributes given by" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:630 +#: sssd-ipa.5.xml:649 msgid "ldap_user_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:633 +#: sssd-ipa.5.xml:652 msgid "ldap_user_uid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:636 +#: sssd-ipa.5.xml:655 msgid "ldap_user_gid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:639 +#: sssd-ipa.5.xml:658 msgid "ldap_user_gecos" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:642 +#: sssd-ipa.5.xml:661 msgid "ldap_user_home_directory" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:645 +#: sssd-ipa.5.xml:664 msgid "ldap_user_shell" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:648 +#: sssd-ipa.5.xml:667 msgid "ldap_user_ssh_public_key" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:653 +#: sssd-ipa.5.xml:672 msgid "Default: ipaUserOverride" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:659 +#: sssd-ipa.5.xml:678 msgid "ipa_group_override_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:662 +#: sssd-ipa.5.xml:681 msgid "" "Name of the objectclass for group overrides. It is used to determine if the " "found override object is related to a user or a group." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:667 +#: sssd-ipa.5.xml:686 msgid "Group overrides can contain attributes given by" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:670 +#: sssd-ipa.5.xml:689 msgid "ldap_group_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:673 +#: sssd-ipa.5.xml:692 msgid "ldap_group_gid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:678 +#: sssd-ipa.5.xml:697 msgid "Default: ipaGroupOverride" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:562 +#: sssd-ipa.5.xml:581 msgid "" "SSSD can handle views and overrides which are offered by FreeIPA 4.1 and " "later version. Since all paths and objectclasses are fixed on the server " @@ -8809,19 +9029,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ipa.5.xml:690 +#: sssd-ipa.5.xml:709 msgid "SUBDOMAINS PROVIDER" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:692 +#: sssd-ipa.5.xml:711 msgid "" "The IPA subdomains provider behaves slightly differently if it is configured " "explicitly or implicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:696 +#: sssd-ipa.5.xml:715 msgid "" "If the option 'subdomains_provider = ipa' is found in the domain section of " "sssd.conf, the IPA subdomains provider is configured explicitly, and all " @@ -8829,7 +9049,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:702 +#: sssd-ipa.5.xml:721 msgid "" "If the option 'subdomains_provider' is not set in the domain section of sssd." "conf but there is the option 'id_provider = ipa', the IPA subdomains " @@ -8841,7 +9061,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:719 +#: sssd-ipa.5.xml:738 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -8849,7 +9069,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:726 +#: sssd-ipa.5.xml:745 #, no-wrap msgid "" "[domain/example.com]\n" @@ -8885,7 +9105,7 @@ msgid "" "This provider requires that the machine be joined to the AD domain and a " "keytab is available. Back end communication occurs over a GSSAPI-encrypted " "channel, SSL/TLS options should not be used with the AD provider and will be " -"superceded by Kerberos usage." +"superseded by Kerberos usage." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> @@ -8933,8 +9153,16 @@ msgid "" "side." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ad.5.xml:79 +msgid "" +"If <quote>auth_provider=ad</quote> or <quote>access_provider=ad</quote> is " +"configured in sssd.conf then the id_provider must also be set to <quote>ad</" +"quote>." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:85 +#: sssd-ad.5.xml:91 #, no-wrap msgid "" "ldap_id_mapping = False\n" @@ -8942,20 +9170,25 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:79 +#: sssd-ad.5.xml:85 msgid "" "By default, the AD provider will map UID and GID values from the objectSID " "parameter in Active Directory. For details on this, see the <quote>ID " "MAPPING</quote> section below. If you want to disable ID mapping and instead " "rely on POSIX attributes defined in Active Directory, you should set " -"<placeholder type=\"programlisting\" id=\"0\"/> In order to retrieve users " -"and groups using POSIX attributes from trusted domains, the AD administrator " -"must make sure that the POSIX attributes are replicated to the Global " -"Catalog." +"<placeholder type=\"programlisting\" id=\"0\"/> If POSIX attributes should " +"be used, it is recommended for performance reasons that the attributes are " +"also replicated to the Global Catalog. If POSIX attributes are replicated, " +"SSSD will attempt to locate the domain of a requested numerical ID with the " +"help of the Global Catalog and only search that domain. In contrast, if " +"POSIX attributes are not replicated to the Global Catalog, SSSD must search " +"all the domains in the forest sequentially. Please note that the " +"<quote>cache_first</quote> option might be also helpful in speeding up " +"domainless searches." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:92 +#: sssd-ad.5.xml:105 msgid "" "Users, groups and other entities served by SSSD are always treated as case-" "insensitive in the AD provider for compatibility with Active Directory's " @@ -8963,38 +9196,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:107 +#: sssd-ad.5.xml:120 msgid "ad_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:110 +#: sssd-ad.5.xml:123 msgid "" "Specifies the name of the Active Directory domain. This is optional. If not " "provided, the configuration domain name is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:115 +#: sssd-ad.5.xml:128 msgid "" "For proper operation, this option should be specified as the lower-case " "version of the long version of the Active Directory domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:120 +#: sssd-ad.5.xml:133 msgid "" "The short domain name (also known as the NetBIOS or the flat name) is " "autodetected by the SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:127 +#: sssd-ad.5.xml:140 msgid "ad_enabled_domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:130 +#: sssd-ad.5.xml:143 msgid "" "A comma-separated list of enabled Active Directory domains. If provided, " "SSSD will ignore any domains not listed in this option. If left unset, all " @@ -9002,7 +9235,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:140 +#: sssd-ad.5.xml:153 #, no-wrap msgid "" "ad_enabled_domains = sales.example.com, eng.example.com\n" @@ -9010,7 +9243,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:136 +#: sssd-ad.5.xml:149 msgid "" "For proper operation, this option must be specified in all lower-case and as " "the fully qualified domain name of the Active Directory domain. For example: " @@ -9018,19 +9251,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:144 +#: sssd-ad.5.xml:157 msgid "" "The short domain name (also known as the NetBIOS or the flat name) will be " "autodetected by SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:154 +#: sssd-ad.5.xml:167 msgid "ad_server, ad_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:157 +#: sssd-ad.5.xml:170 msgid "" "The comma-separated list of hostnames of the AD servers to which SSSD should " "connect in order of preference. For more information on failover and server " @@ -9038,26 +9271,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:164 +#: sssd-ad.5.xml:177 msgid "" "This is optional if autodiscovery is enabled. For more information on " "service discovery, refer to the <quote>SERVICE DISCOVERY</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:169 +#: sssd-ad.5.xml:182 msgid "" "Note: Trusted domains will always auto-discover servers even if the primary " "server is explicitly defined in the ad_server option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:177 +#: sssd-ad.5.xml:190 msgid "ad_hostname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:180 +#: sssd-ad.5.xml:193 msgid "" "Optional. May be set on machines where the hostname(5) does not reflect the " "fully qualified name used in the Active Directory domain to identify this " @@ -9065,19 +9298,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:186 +#: sssd-ad.5.xml:199 msgid "" "This field is used to determine the host principal in use in the keytab. It " "must match the hostname for which the keytab was issued." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:194 +#: sssd-ad.5.xml:207 msgid "ad_enable_dns_sites (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:201 +#: sssd-ad.5.xml:214 msgid "" "If true and service discovery (see Service Discovery paragraph at the bottom " "of the man page) is enabled, the SSSD will first attempt to discover the " @@ -9088,12 +9321,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:217 +#: sssd-ad.5.xml:230 msgid "ad_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:220 +#: sssd-ad.5.xml:233 msgid "" "This option specifies LDAP access control filter that the user must match in " "order to be allowed access. Please note that the <quote>access_provider</" @@ -9102,7 +9335,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:228 +#: sssd-ad.5.xml:241 msgid "" "The option also supports specifying different filters per domain or forest. " "This extended filter would consist of: <quote>KEYWORD:NAME:FILTER</quote>. " @@ -9111,7 +9344,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:236 +#: sssd-ad.5.xml:249 msgid "" "If the keyword equals to <quote>DOM</quote> or is missing, then <quote>NAME</" "quote> specifies the domain or subdomain the filter applies to. If the " @@ -9120,14 +9353,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:244 +#: sssd-ad.5.xml:257 msgid "" "Multiple filters can be separated with the <quote>?</quote> character, " "similarly to how search bases work." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:249 +#: sssd-ad.5.xml:262 msgid "" "Nested group membership must be searched for using a special OID " "<quote>:1.2.840.113556.1.4.1941:</quote> in addition to the full DOM:domain." @@ -9140,7 +9373,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:262 +#: sssd-ad.5.xml:275 msgid "" "The most specific match is always used. For example, if the option specified " "filter for a domain the user is a member of and a global filter, the per-" @@ -9149,7 +9382,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ad.5.xml:273 +#: sssd-ad.5.xml:286 #, no-wrap msgid "" "# apply filter on domain called dom1 only:\n" @@ -9167,24 +9400,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:292 +#: sssd-ad.5.xml:305 msgid "ad_site (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:295 +#: sssd-ad.5.xml:308 msgid "" "Specify AD site to which client should try to connect. If this option is " "not provided, the AD site will be auto-discovered." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:306 +#: sssd-ad.5.xml:319 msgid "ad_enable_gc (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:309 +#: sssd-ad.5.xml:322 msgid "" "By default, the SSSD connects to the Global Catalog first to retrieve users " "from trusted domains and uses the LDAP port to retrieve group memberships or " @@ -9193,7 +9426,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:317 +#: sssd-ad.5.xml:330 msgid "" "Please note that disabling Global Catalog support does not disable " "retrieving users from trusted domains. The SSSD would connect to the LDAP " @@ -9202,12 +9435,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:331 +#: sssd-ad.5.xml:344 msgid "ad_gpo_access_control (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:334 +#: sssd-ad.5.xml:347 msgid "" "This option specifies the operation mode for GPO-based access control " "functionality: whether it operates in disabled mode, enforcing mode, or " @@ -9217,14 +9450,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:343 +#: sssd-ad.5.xml:356 msgid "" "GPO-based access control functionality uses GPO policy settings to determine " "whether or not a particular user is allowed to logon to a particular host." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:349 +#: sssd-ad.5.xml:362 +msgid "" +"NOTE: The current version of SSSD does not support host (computer) entries " +"in the GPO 'Security Filtering' list. Only user and group entries are " +"supported. Host entries in the list have no effect." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:369 msgid "" "NOTE: If the operation mode is set to enforcing, it is possible that users " "that were previously allowed logon access will now be denied logon access " @@ -9237,23 +9478,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:362 +#: sssd-ad.5.xml:382 msgid "There are three supported values for this option:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:366 +#: sssd-ad.5.xml:386 msgid "" "disabled: GPO-based access control rules are neither evaluated nor enforced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:372 +#: sssd-ad.5.xml:392 msgid "enforcing: GPO-based access control rules are evaluated and enforced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:378 +#: sssd-ad.5.xml:398 msgid "" "permissive: GPO-based access control rules are evaluated, but not enforced. " "Instead, a syslog message will be emitted indicating that the user would " @@ -9261,22 +9502,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:389 +#: sssd-ad.5.xml:409 msgid "Default: permissive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:392 +#: sssd-ad.5.xml:412 msgid "Default: enforcing" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:398 +#: sssd-ad.5.xml:418 msgid "ad_gpo_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:401 +#: sssd-ad.5.xml:421 msgid "" "The amount of time between lookups of GPO policy files against the AD " "server. This will reduce the latency and load on the AD server if there are " @@ -9284,12 +9525,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:414 +#: sssd-ad.5.xml:434 msgid "ad_gpo_map_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:417 +#: sssd-ad.5.xml:437 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the InteractiveLogonRight and " @@ -9297,14 +9538,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:423 +#: sssd-ad.5.xml:443 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on locally\" and \"Deny log on locally\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:437 +#: sssd-ad.5.xml:457 #, no-wrap msgid "" "ad_gpo_map_interactive = +my_pam_service, -login\n" @@ -9312,7 +9553,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:428 +#: sssd-ad.5.xml:448 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9324,78 +9565,78 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:441 sssd-ad.5.xml:537 sssd-ad.5.xml:583 sssd-ad.5.xml:628 -#: sssd-ad.5.xml:694 +#: sssd-ad.5.xml:461 sssd-ad.5.xml:557 sssd-ad.5.xml:603 sssd-ad.5.xml:648 +#: sssd-ad.5.xml:714 msgid "Default: the default set of PAM service names includes:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:445 +#: sssd-ad.5.xml:465 msgid "login" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:450 +#: sssd-ad.5.xml:470 msgid "su" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:455 +#: sssd-ad.5.xml:475 msgid "su-l" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:460 +#: sssd-ad.5.xml:480 msgid "gdm-fingerprint" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:465 +#: sssd-ad.5.xml:485 msgid "gdm-password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:470 +#: sssd-ad.5.xml:490 msgid "gdm-smartcard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:475 +#: sssd-ad.5.xml:495 msgid "kdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:480 +#: sssd-ad.5.xml:500 msgid "lightdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:485 +#: sssd-ad.5.xml:505 msgid "lxdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:490 +#: sssd-ad.5.xml:510 msgid "sddm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:495 +#: sssd-ad.5.xml:515 msgid "unity" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:500 +#: sssd-ad.5.xml:520 msgid "xdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:509 +#: sssd-ad.5.xml:529 msgid "ad_gpo_map_remote_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:512 +#: sssd-ad.5.xml:532 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the RemoteInteractiveLogonRight and " @@ -9403,7 +9644,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:518 +#: sssd-ad.5.xml:538 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on through Remote Desktop Services\" and \"Deny log on through Remote " @@ -9411,7 +9652,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:533 +#: sssd-ad.5.xml:553 #, no-wrap msgid "" "ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n" @@ -9419,7 +9660,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:524 +#: sssd-ad.5.xml:544 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9431,22 +9672,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:541 +#: sssd-ad.5.xml:561 msgid "sshd" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:546 +#: sssd-ad.5.xml:566 msgid "cockpit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:555 +#: sssd-ad.5.xml:575 msgid "ad_gpo_map_network (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:558 +#: sssd-ad.5.xml:578 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the NetworkLogonRight and " @@ -9454,7 +9695,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:564 +#: sssd-ad.5.xml:584 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Access " "this computer from the network\" and \"Deny access to this computer from the " @@ -9462,7 +9703,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:579 +#: sssd-ad.5.xml:599 #, no-wrap msgid "" "ad_gpo_map_network = +my_pam_service, -ftp\n" @@ -9470,7 +9711,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:570 +#: sssd-ad.5.xml:590 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9482,22 +9723,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:587 +#: sssd-ad.5.xml:607 msgid "ftp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:592 +#: sssd-ad.5.xml:612 msgid "samba" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:601 +#: sssd-ad.5.xml:621 msgid "ad_gpo_map_batch (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:604 +#: sssd-ad.5.xml:624 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " @@ -9505,14 +9746,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:610 +#: sssd-ad.5.xml:630 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a batch job\" and \"Deny log on as a batch job\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:624 +#: sssd-ad.5.xml:644 #, no-wrap msgid "" "ad_gpo_map_batch = +my_pam_service, -crond\n" @@ -9520,7 +9761,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:615 +#: sssd-ad.5.xml:635 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9532,17 +9773,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:632 +#: sssd-ad.5.xml:652 msgid "crond" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:641 +#: sssd-ad.5.xml:661 msgid "ad_gpo_map_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:644 +#: sssd-ad.5.xml:664 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the ServiceLogonRight and " @@ -9550,14 +9791,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:650 +#: sssd-ad.5.xml:670 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a service\" and \"Deny log on as a service\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:663 +#: sssd-ad.5.xml:683 #, no-wrap msgid "" "ad_gpo_map_service = +my_pam_service\n" @@ -9565,7 +9806,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:655 sssd-ad.5.xml:730 +#: sssd-ad.5.xml:675 sssd-ad.5.xml:750 msgid "" "It is possible to add a PAM service name to the default set by using <quote>" "+service_name</quote>. Since the default set is empty, it is not possible " @@ -9576,19 +9817,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:673 +#: sssd-ad.5.xml:693 msgid "ad_gpo_map_permit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:676 +#: sssd-ad.5.xml:696 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always granted, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:690 +#: sssd-ad.5.xml:710 #, no-wrap msgid "" "ad_gpo_map_permit = +my_pam_service, -sudo\n" @@ -9596,7 +9837,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:681 +#: sssd-ad.5.xml:701 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9608,39 +9849,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:698 +#: sssd-ad.5.xml:718 msgid "polkit-1" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:703 +#: sssd-ad.5.xml:723 msgid "sudo" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:708 +#: sssd-ad.5.xml:728 msgid "sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:713 +#: sssd-ad.5.xml:733 msgid "systemd-user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:722 +#: sssd-ad.5.xml:742 msgid "ad_gpo_map_deny (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:725 +#: sssd-ad.5.xml:745 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always denied, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:738 +#: sssd-ad.5.xml:758 #, no-wrap msgid "" "ad_gpo_map_deny = +my_pam_service\n" @@ -9648,12 +9889,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:748 +#: sssd-ad.5.xml:768 msgid "ad_gpo_default_right (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:751 +#: sssd-ad.5.xml:771 msgid "" "This option defines how access control is evaluated for PAM service names " "that are not explicitly listed in one of the ad_gpo_map_* options. This " @@ -9666,57 +9907,57 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:764 +#: sssd-ad.5.xml:784 msgid "Supported values for this option include:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:768 +#: sssd-ad.5.xml:788 msgid "interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:773 +#: sssd-ad.5.xml:793 msgid "remote_interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:778 +#: sssd-ad.5.xml:798 msgid "network" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:783 +#: sssd-ad.5.xml:803 msgid "batch" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:788 +#: sssd-ad.5.xml:808 msgid "service" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:793 +#: sssd-ad.5.xml:813 msgid "permit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:798 +#: sssd-ad.5.xml:818 msgid "deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:804 +#: sssd-ad.5.xml:824 msgid "Default: deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:810 +#: sssd-ad.5.xml:830 msgid "ad_maximum_machine_account_password_age (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:813 +#: sssd-ad.5.xml:833 msgid "" "SSSD will check once a day if the machine account password is older than the " "given age in days and try to renew it. A value of 0 will disable the renewal " @@ -9724,17 +9965,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:819 +#: sssd-ad.5.xml:839 msgid "Default: 30 days" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:825 +#: sssd-ad.5.xml:845 msgid "ad_machine_account_password_renewal_opts (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:828 +#: sssd-ad.5.xml:848 msgid "" "This option should only be used to test the machine account renewal task. " "The option expects 2 integers separated by a colon (':'). The first integer " @@ -9744,12 +9985,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:837 +#: sssd-ad.5.xml:857 msgid "Default: 86400:750 (24h and 15m)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:846 +#: sssd-ad.5.xml:866 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -9760,19 +10001,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:876 +#: sssd-ad.5.xml:896 msgid "Default: 3600 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:892 +#: sssd-ad.5.xml:912 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:905 +#: sssd-ad.5.xml:925 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -9782,12 +10023,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:928 sss_rpcidmapd.5.xml:76 +#: sssd-ad.5.xml:948 sss_rpcidmapd.5.xml:76 msgid "Default: True" msgstr "Padrão: TRUE" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1020 +#: sssd-ad.5.xml:1040 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -9795,7 +10036,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1027 +#: sssd-ad.5.xml:1047 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -9810,7 +10051,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1047 +#: sssd-ad.5.xml:1067 #, no-wrap msgid "" "access_provider = ldap\n" @@ -9819,7 +10060,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1043 +#: sssd-ad.5.xml:1063 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -9827,7 +10068,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1053 +#: sssd-ad.5.xml:1073 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -9837,7 +10078,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1061 +#: sssd-ad.5.xml:1081 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " @@ -10151,33 +10392,75 @@ msgid "" "files for every SSSD service and domain." msgstr "" +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:94 +msgid "" +"This option is deprecated. It is replaced by <option>--logger=files</option>." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:97 +#: sssd.8.xml:101 +#, fuzzy +#| msgid "<option>--debug-timestamps=</option><replaceable>mode</replaceable>" +msgid "<option>--logger=</option><replaceable>value</replaceable>" +msgstr "<option>--debug-timestamps=</option><replaceable>mode</replaceable>" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:105 +msgid "" +"Location where SSSD will send log messages. This option overrides the value " +"of the deprecated option <option>--debug-to-files</option>. The deprecated " +"option will still work if the <option>--logger</option> is not used." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:112 +msgid "" +"<emphasis>stderr</emphasis>: Redirect debug messages to standard error " +"output." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:116 +msgid "" +"<emphasis>files</emphasis>: Redirect debug messages to the log files. By " +"default, the log files are stored in <filename>/var/log/sssd</filename> and " +"there are separate log files for every SSSD service and domain." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:122 +msgid "" +"<emphasis>journald</emphasis>: Redirect debug messages to systemd-journald" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sssd.8.xml:132 msgid "<option>-D</option>,<option>--daemon</option>" msgstr "<option>-D</option>,<option>--daemon</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:101 +#: sssd.8.xml:136 msgid "Become a daemon after starting up." msgstr "Tornar-se um daemon após a instalação." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:107 sss_seed.8.xml:136 +#: sssd.8.xml:142 sss_seed.8.xml:136 msgid "<option>-i</option>,<option>--interactive</option>" msgstr "<option>-i</option>,<option>--interactive</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:111 +#: sssd.8.xml:146 msgid "Run in the foreground, don't become a daemon." msgstr "Executar em primeiro plano, não se torne um daemon." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:117 +#: sssd.8.xml:152 msgid "<option>-c</option>,<option>--config</option>" msgstr "<option>-c</option>,<option>--config</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:121 +#: sssd.8.xml:156 msgid "" "Specify a non-default config file. The default is <filename>/etc/sssd/sssd." "conf</filename>. For reference on the config file syntax and options, " @@ -10186,39 +10469,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:135 +#: sssd.8.xml:170 msgid "<option>--version</option>" msgstr "<option>--version</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:139 +#: sssd.8.xml:174 msgid "Print version number and exit." msgstr "Imprimir o número da versão e sair." #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.8.xml:147 +#: sssd.8.xml:182 msgid "Signals" msgstr "Sinais" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:150 +#: sssd.8.xml:185 msgid "SIGTERM/SIGINT" msgstr "SIGTERM/SIGINT" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:153 +#: sssd.8.xml:188 msgid "" "Informs the SSSD to gracefully terminate all of its child processes and then " "shut down the monitor." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:159 +#: sssd.8.xml:194 msgid "SIGHUP" msgstr "SIGHUP" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:162 +#: sssd.8.xml:197 msgid "" "Tells the SSSD to stop writing to its current debug file descriptors and to " "close and reopen them. This is meant to facilitate log rolling with programs " @@ -10226,12 +10509,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:170 +#: sssd.8.xml:205 msgid "SIGUSR1" msgstr "SIGUSR1" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:173 +#: sssd.8.xml:208 msgid "" "Tells the SSSD to simulate offline operation for the duration of the " "<quote>offline_timeout</quote> parameter. This is useful for testing. The " @@ -10240,12 +10523,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:182 +#: sssd.8.xml:217 msgid "SIGUSR2" msgstr "SIGUSR2" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:185 +#: sssd.8.xml:220 msgid "" "Tells the SSSD to go online immediately. This is useful for testing. The " "signal can be sent to either the sssd process or any sssd_be process " @@ -10253,7 +10536,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.8.xml:197 +#: sssd.8.xml:232 msgid "" "If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", client " "applications will not use the fast in memory cache." @@ -12627,7 +12910,7 @@ msgid "" "project was born to deal with this problem in cloud like environments, but " "we found the idea compelling even at a single system level. As a security " "service, SSSD is ideal to host this capability while offering the same API " -"via a Unix Socket. This will make it possible to use local calls and have " +"via a UNIX Socket. This will make it possible to use local calls and have " "them transparently routed to a local or a remote key management store like " "IPA Vault for storage, escrow and recovery." msgstr "" diff --git a/src/man/po/pt_BR.po b/src/man/po/pt_BR.po index c3aea7c3284..a1f25663dce 100644 --- a/src/man/po/pt_BR.po +++ b/src/man/po/pt_BR.po @@ -4,7 +4,7 @@ msgid "" msgstr "" "Project-Id-Version: sssd-docs 1.15.3\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2017-10-20 16:15+0200\n" +"POT-Creation-Date: 2018-03-09 12:30+0100\n" "PO-Revision-Date: 2017-01-29 10:11-0500\n" "Last-Translator: Rodrigo de Araujo Sousa Fonseca " "<rodrigodearaujo@fedoraproject.org>\n" @@ -290,9 +290,9 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:133 sssd.conf.5.xml:543 sssd.conf.5.xml:837 -#: sssd.conf.5.xml:1467 sssd-ldap.5.xml:1722 sssd-ldap.5.xml:1819 -#: sssd-ldap.5.xml:1881 sssd-ldap.5.xml:2447 sssd-ldap.5.xml:2512 -#: sssd-ldap.5.xml:2530 sssd-ad.5.xml:211 sssd-ad.5.xml:325 sssd-ad.5.xml:862 +#: sssd.conf.5.xml:1474 sssd-ldap.5.xml:1840 sssd-ldap.5.xml:1937 +#: sssd-ldap.5.xml:1999 sssd-ldap.5.xml:2565 sssd-ldap.5.xml:2630 +#: sssd-ldap.5.xml:2648 sssd-ad.5.xml:224 sssd-ad.5.xml:338 sssd-ad.5.xml:882 #: sssd-krb5.5.xml:499 sssd-secrets.5.xml:351 sssd-secrets.5.xml:364 msgid "Default: true" msgstr "" @@ -311,16 +311,16 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:146 sssd.conf.5.xml:540 sssd.conf.5.xml:721 -#: sssd.conf.5.xml:1400 sssd.conf.5.xml:2865 sssd-ldap.5.xml:708 -#: sssd-ldap.5.xml:1596 sssd-ldap.5.xml:1615 sssd-ldap.5.xml:1791 -#: sssd-ldap.5.xml:2217 sssd-ipa.5.xml:145 sssd-ipa.5.xml:232 -#: sssd-ipa.5.xml:540 sssd-krb5.5.xml:266 sssd-krb5.5.xml:300 +#: sssd.conf.5.xml:1407 sssd.conf.5.xml:2925 sssd-ldap.5.xml:708 +#: sssd-ldap.5.xml:1714 sssd-ldap.5.xml:1733 sssd-ldap.5.xml:1909 +#: sssd-ldap.5.xml:2335 sssd-ipa.5.xml:151 sssd-ipa.5.xml:238 +#: sssd-ipa.5.xml:559 sssd-krb5.5.xml:266 sssd-krb5.5.xml:300 #: sssd-krb5.5.xml:471 msgid "Default: false" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2255 +#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2373 #: sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 sssd-systemtap.5.xml:210 #: sssd-systemtap.5.xml:248 sssd-systemtap.5.xml:304 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" @@ -345,8 +345,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:169 sssd.conf.5.xml:1352 sssd.conf.5.xml:2881 -#: sssd-ldap.5.xml:1467 include/ldap_id_mapping.xml:264 +#: sssd.conf.5.xml:169 sssd.conf.5.xml:1359 sssd.conf.5.xml:2941 +#: sssd-ldap.5.xml:1585 include/ldap_id_mapping.xml:264 msgid "Default: 10" msgstr "" @@ -361,7 +361,7 @@ msgid "The [sssd] section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:191 sssd.conf.5.xml:2970 +#: sssd.conf.5.xml:191 sssd.conf.5.xml:3030 msgid "Section parameters" msgstr "" @@ -387,7 +387,7 @@ msgstr "" msgid "" "Comma separated list of services that are started when sssd itself starts. " "<phrase condition=\"have_systemd\"> The services' list is optional on " -"platforms where systemd is supported, as they will either be socket or dbus " +"platforms where systemd is supported, as they will either be socket or D-Bus " "activated when needed. </phrase>" msgstr "" @@ -441,7 +441,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:259 sssd.conf.5.xml:2508 +#: sssd.conf.5.xml:259 sssd.conf.5.xml:2539 msgid "re_expression (string)" msgstr "" @@ -461,12 +461,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:276 sssd.conf.5.xml:2559 +#: sssd.conf.5.xml:276 sssd.conf.5.xml:2590 msgid "full_name_format (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:279 sssd.conf.5.xml:2562 +#: sssd.conf.5.xml:279 sssd.conf.5.xml:2593 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -474,39 +474,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:290 sssd.conf.5.xml:2573 +#: sssd.conf.5.xml:290 sssd.conf.5.xml:2604 msgid "%1$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:291 sssd.conf.5.xml:2574 +#: sssd.conf.5.xml:291 sssd.conf.5.xml:2605 msgid "user name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:294 sssd.conf.5.xml:2577 +#: sssd.conf.5.xml:294 sssd.conf.5.xml:2608 msgid "%2$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:297 sssd.conf.5.xml:2580 +#: sssd.conf.5.xml:297 sssd.conf.5.xml:2611 msgid "domain name as specified in the SSSD config file." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:303 sssd.conf.5.xml:2586 +#: sssd.conf.5.xml:303 sssd.conf.5.xml:2617 msgid "%3$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:306 sssd.conf.5.xml:2589 +#: sssd.conf.5.xml:306 sssd.conf.5.xml:2620 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:287 sssd.conf.5.xml:2570 +#: sssd.conf.5.xml:287 sssd.conf.5.xml:2601 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -630,12 +630,13 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:418 sssd.conf.5.xml:1156 sssd-ldap.5.xml:679 -#: sssd-ldap.5.xml:1555 sssd-ldap.5.xml:1567 sssd-ldap.5.xml:1649 -#: sssd-ad.5.xml:667 sssd-ad.5.xml:742 sssd-krb5.5.xml:410 sssd-krb5.5.xml:556 -#: sssd-secrets.5.xml:339 sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 -#: sssd-secrets.5.xml:404 sssd-secrets.5.xml:415 -#: include/ldap_id_mapping.xml:205 include/ldap_id_mapping.xml:216 +#: sssd.conf.5.xml:418 sssd.conf.5.xml:1163 sssd-ldap.5.xml:679 +#: sssd-ldap.5.xml:1319 sssd-ldap.5.xml:1673 sssd-ldap.5.xml:1685 +#: sssd-ldap.5.xml:1767 sssd-ad.5.xml:687 sssd-ad.5.xml:762 sssd.8.xml:126 +#: sssd-krb5.5.xml:410 sssd-krb5.5.xml:556 sssd-secrets.5.xml:339 +#: sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 sssd-secrets.5.xml:404 +#: sssd-secrets.5.xml:415 include/ldap_id_mapping.xml:205 +#: include/ldap_id_mapping.xml:216 msgid "Default: not set" msgstr "" @@ -822,8 +823,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:587 sssd.conf.5.xml:1364 sssd.conf.5.xml:2931 -#: sssd-ad.5.xml:148 sssd-ad.5.xml:286 sssd-ad.5.xml:300 +#: sssd.conf.5.xml:587 sssd.conf.5.xml:1371 sssd.conf.5.xml:2991 +#: sssd-ad.5.xml:161 sssd-ad.5.xml:299 sssd-ad.5.xml:313 msgid "Default: Not set" msgstr "" @@ -899,7 +900,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:655 sssd.conf.5.xml:687 sssd.conf.5.xml:968 -#: sssd.conf.5.xml:1222 sssd-ldap.5.xml:1294 +#: sssd.conf.5.xml:1229 sssd-ldap.5.xml:1412 msgid "Default: 60" msgstr "" @@ -954,12 +955,12 @@ msgid "" "resource exhaustion on the system. The minimum acceptable value for this " "option is 60 seconds. Setting this option to 0 (zero) means that no timeout " "will be set up to the responder. This option only has effect when SSSD is " -"built with systemd support and when services are either socket or dbus " +"built with systemd support and when services are either socket or D-Bus " "activated." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:709 sssd.conf.5.xml:980 sssd.conf.5.xml:1559 +#: sssd.conf.5.xml:709 sssd.conf.5.xml:981 sssd.conf.5.xml:1566 #: sssd-ldap.5.xml:722 msgid "Default: 300" msgstr "" @@ -1037,7 +1038,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:775 sssd.conf.5.xml:1421 +#: sssd.conf.5.xml:775 sssd.conf.5.xml:1428 msgid "Default: 50" msgstr "" @@ -1055,7 +1056,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:789 sssd.conf.5.xml:1445 +#: sssd.conf.5.xml:789 sssd.conf.5.xml:1452 msgid "Default: 15" msgstr "" @@ -1072,7 +1073,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:802 sssd.conf.5.xml:1210 sssd.conf.5.xml:2815 sssd.8.xml:79 +#: sssd.conf.5.xml:802 sssd.conf.5.xml:1217 sssd.conf.5.xml:2846 sssd.8.xml:79 msgid "Default: 0" msgstr "" @@ -1142,7 +1143,7 @@ msgid "" msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:856 sssd.conf.5.xml:1289 sssd.conf.5.xml:1308 +#: sssd.conf.5.xml:856 sssd.conf.5.xml:1296 sssd.conf.5.xml:1315 #: sssd-krb5.5.xml:539 include/override_homedir.xml:59 msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" @@ -1276,12 +1277,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:961 sssd.conf.5.xml:1215 +#: sssd.conf.5.xml:961 sssd.conf.5.xml:1222 msgid "get_domains_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:964 sssd.conf.5.xml:1218 +#: sssd.conf.5.xml:964 sssd.conf.5.xml:1225 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." @@ -1296,23 +1297,30 @@ msgstr "" #: sssd.conf.5.xml:976 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " -"valid." +"valid. Setting this option to zero will disable the in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:983 +#: sssd.conf.5.xml:984 +msgid "" +"WARNING: Disabling the in-memory cache will have significant negative impact " +"on SSSD's performance and should only be used for testing." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:990 msgid "" "NOTE: If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", " "client applications will not use the fast in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:991 sssd-ifp.5.xml:74 +#: sssd.conf.5.xml:998 sssd-ifp.5.xml:74 msgid "user_attributes (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:994 +#: sssd.conf.5.xml:1001 msgid "" "Some of the additional NSS responder requests can return more attributes " "than just the POSIX ones defined by the NSS interface. The list of " @@ -1323,96 +1331,96 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1007 +#: sssd.conf.5.xml:1014 msgid "" "To make configuration more easy the NSS responder will check the InfoPipe " "option if it is not set for the NSS responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1012 +#: sssd.conf.5.xml:1019 msgid "Default: not set, fallback to InfoPipe option" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1017 +#: sssd.conf.5.xml:1024 msgid "pwfield (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1020 +#: sssd.conf.5.xml:1027 msgid "" "The value that NSS operations that return users or groups will return for " "the <quote>password</quote> field." msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:1025 include/override_homedir.xml:56 +#: sssd.conf.5.xml:1032 include/override_homedir.xml:56 msgid "This option can also be set per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1028 +#: sssd.conf.5.xml:1035 msgid "" "Default: <quote>*</quote> (remote domains) or <quote>x</quote> (the files " "domain)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1036 +#: sssd.conf.5.xml:1043 msgid "PAM configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1038 +#: sssd.conf.5.xml:1045 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1043 +#: sssd.conf.5.xml:1050 msgid "offline_credentials_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1046 +#: sssd.conf.5.xml:1053 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1051 sssd.conf.5.xml:1064 +#: sssd.conf.5.xml:1058 sssd.conf.5.xml:1071 msgid "Default: 0 (No limit)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1057 +#: sssd.conf.5.xml:1064 msgid "offline_failed_login_attempts (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1060 +#: sssd.conf.5.xml:1067 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1070 +#: sssd.conf.5.xml:1077 msgid "offline_failed_login_delay (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1073 +#: sssd.conf.5.xml:1080 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1078 +#: sssd.conf.5.xml:1085 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -1420,59 +1428,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1084 sssd.conf.5.xml:1182 +#: sssd.conf.5.xml:1091 sssd.conf.5.xml:1189 msgid "Default: 5" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1090 +#: sssd.conf.5.xml:1097 msgid "pam_verbosity (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1093 +#: sssd.conf.5.xml:1100 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1098 +#: sssd.conf.5.xml:1105 msgid "Currently sssd supports the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1101 +#: sssd.conf.5.xml:1108 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1104 +#: sssd.conf.5.xml:1111 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1108 +#: sssd.conf.5.xml:1115 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1111 +#: sssd.conf.5.xml:1118 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1115 sssd.8.xml:63 +#: sssd.conf.5.xml:1122 sssd.8.xml:63 msgid "Default: 1" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1121 +#: sssd.conf.5.xml:1128 msgid "pam_response_filter (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1124 +#: sssd.conf.5.xml:1131 msgid "" "A comma separated list of strings which allows to remove (filter) data sent " "by the PAM responder to pam_sss PAM module. There are different kind of " @@ -1481,61 +1489,61 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1132 +#: sssd.conf.5.xml:1139 msgid "" "While messages already can be controlled with the help of the pam_verbosity " "option this option allows to filter out other kind of responses as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1139 +#: sssd.conf.5.xml:1146 msgid "ENV" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1140 +#: sssd.conf.5.xml:1147 msgid "Do not send any environment variables to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1143 +#: sssd.conf.5.xml:1150 msgid "ENV:var_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1144 +#: sssd.conf.5.xml:1151 msgid "Do not send environment variable var_name to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1148 +#: sssd.conf.5.xml:1155 msgid "ENV:var_name:service" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1149 +#: sssd.conf.5.xml:1156 msgid "Do not send environment variable var_name to service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1137 +#: sssd.conf.5.xml:1144 msgid "" "Currently the following filters are supported: <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1159 +#: sssd.conf.5.xml:1166 msgid "Example: ENV:KRB5CCNAME:sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1165 +#: sssd.conf.5.xml:1172 msgid "pam_id_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1168 +#: sssd.conf.5.xml:1175 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1543,7 +1551,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1174 +#: sssd.conf.5.xml:1181 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -1552,17 +1560,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1188 +#: sssd.conf.5.xml:1195 msgid "pam_pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1191 sssd.conf.5.xml:2010 +#: sssd.conf.5.xml:1198 sssd.conf.5.xml:2028 msgid "Display a warning N days before the password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1194 +#: sssd.conf.5.xml:1201 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1570,26 +1578,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1200 sssd.conf.5.xml:2013 +#: sssd.conf.5.xml:1207 sssd.conf.5.xml:2031 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1205 +#: sssd.conf.5.xml:1212 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:1234 msgid "pam_trusted_users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1230 +#: sssd.conf.5.xml:1237 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to run PAM conversations against trusted domains. Users not " @@ -1599,74 +1607,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1240 +#: sssd.conf.5.xml:1247 msgid "Default: All users are considered trusted by default" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1244 +#: sssd.conf.5.xml:1251 msgid "" "Please note that UID 0 is always allowed to access the PAM responder even in " "case it is not in the pam_trusted_users list." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1251 +#: sssd.conf.5.xml:1258 msgid "pam_public_domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1254 +#: sssd.conf.5.xml:1261 msgid "" "Specifies the comma-separated list of domain names that are accessible even " "to untrusted users." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1258 +#: sssd.conf.5.xml:1265 msgid "Two special values for pam_public_domains option are defined:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1262 +#: sssd.conf.5.xml:1269 msgid "" "all (Untrusted users are allowed to access all domains in PAM responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1266 +#: sssd.conf.5.xml:1273 msgid "" "none (Untrusted users are not allowed to access any domains PAM in " "responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1270 sssd.conf.5.xml:1295 sssd.conf.5.xml:1314 -#: sssd.conf.5.xml:1807 sssd.conf.5.xml:2751 sssd-ldap.5.xml:1850 +#: sssd.conf.5.xml:1277 sssd.conf.5.xml:1302 sssd.conf.5.xml:1321 +#: sssd.conf.5.xml:1825 sssd.conf.5.xml:2782 sssd-ldap.5.xml:1968 msgid "Default: none" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1275 +#: sssd.conf.5.xml:1282 msgid "pam_account_expired_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1278 +#: sssd.conf.5.xml:1285 msgid "" "Allows a custom expiration message to be set, replacing the default " "'Permission denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1283 +#: sssd.conf.5.xml:1290 msgid "" "Note: Please be aware that message is only printed for the SSH service " "unless pam_verbosity is set to 3 (show all messages and debug information)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1291 +#: sssd.conf.5.xml:1298 #, no-wrap msgid "" "pam_account_expired_message = Account expired, please contact help desk.\n" @@ -1674,19 +1682,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1300 +#: sssd.conf.5.xml:1307 msgid "pam_account_locked_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1303 +#: sssd.conf.5.xml:1310 msgid "" "Allows a custom lockout message to be set, replacing the default 'Permission " "denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1310 +#: sssd.conf.5.xml:1317 #, no-wrap msgid "" "pam_account_locked_message = Account locked, please contact help desk.\n" @@ -1694,12 +1702,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1319 +#: sssd.conf.5.xml:1326 msgid "pam_cert_auth (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1322 +#: sssd.conf.5.xml:1329 msgid "" "Enable certificate based Smartcard authentication. Since this requires " "additional communication with the Smartcard which will delay the " @@ -1707,58 +1715,58 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1328 sssd-ldap.5.xml:1078 sssd-ldap.5.xml:1105 -#: sssd-ldap.5.xml:1396 sssd-ldap.5.xml:1417 sssd-ldap.5.xml:1923 -#: include/ldap_id_mapping.xml:244 +#: sssd.conf.5.xml:1335 sssd.conf.5.xml:2875 sssd-ldap.5.xml:1087 +#: sssd-ldap.5.xml:1114 sssd-ldap.5.xml:1514 sssd-ldap.5.xml:1535 +#: sssd-ldap.5.xml:2041 include/ldap_id_mapping.xml:244 msgid "Default: False" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1333 +#: sssd.conf.5.xml:1340 msgid "pam_cert_db_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1336 +#: sssd.conf.5.xml:1343 msgid "" "The path to the certificate database which contain the PKCS#11 modules to " "access the Smartcard." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1340 +#: sssd.conf.5.xml:1347 msgid "Default: /etc/pki/nssdb (NSS version)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1345 +#: sssd.conf.5.xml:1352 msgid "p11_child_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1348 +#: sssd.conf.5.xml:1355 msgid "How many seconds will pam_sss wait for p11_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1357 +#: sssd.conf.5.xml:1364 msgid "pam_app_services (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1360 +#: sssd.conf.5.xml:1367 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1373 +#: sssd.conf.5.xml:1380 msgid "SUDO configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1375 +#: sssd.conf.5.xml:1382 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -1769,24 +1777,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1392 +#: sssd.conf.5.xml:1399 msgid "sudo_timed (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1395 +#: sssd.conf.5.xml:1402 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1407 +#: sssd.conf.5.xml:1414 msgid "sudo_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1410 +#: sssd.conf.5.xml:1417 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -1796,22 +1804,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1429 +#: sssd.conf.5.xml:1436 msgid "AUTOFS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1431 +#: sssd.conf.5.xml:1438 msgid "These options can be used to configure the autofs service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1435 +#: sssd.conf.5.xml:1442 msgid "autofs_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1438 +#: sssd.conf.5.xml:1445 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -1819,68 +1827,68 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1454 +#: sssd.conf.5.xml:1461 msgid "SSH configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1456 +#: sssd.conf.5.xml:1463 msgid "These options can be used to configure the SSH service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1460 +#: sssd.conf.5.xml:1467 msgid "ssh_hash_known_hosts (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1463 +#: sssd.conf.5.xml:1470 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1472 +#: sssd.conf.5.xml:1479 msgid "ssh_known_hosts_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1475 +#: sssd.conf.5.xml:1482 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1479 +#: sssd.conf.5.xml:1486 msgid "Default: 180" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1484 +#: sssd.conf.5.xml:1491 msgid "ca_db (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1487 +#: sssd.conf.5.xml:1494 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1492 +#: sssd.conf.5.xml:1499 msgid "Default: /etc/pki/nssdb" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1500 +#: sssd.conf.5.xml:1507 msgid "PAC responder configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1502 +#: sssd.conf.5.xml:1509 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -1891,7 +1899,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1511 +#: sssd.conf.5.xml:1518 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -1902,24 +1910,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1519 +#: sssd.conf.5.xml:1526 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1525 +#: sssd.conf.5.xml:1532 msgid "These options can be used to configure the PAC responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1529 sssd-ifp.5.xml:50 +#: sssd.conf.5.xml:1536 sssd-ifp.5.xml:50 msgid "allowed_uids (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1532 +#: sssd.conf.5.xml:1539 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -1927,12 +1935,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1538 +#: sssd.conf.5.xml:1545 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1542 +#: sssd.conf.5.xml:1549 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -1941,24 +1949,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1551 +#: sssd.conf.5.xml:1558 msgid "pac_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1554 +#: sssd.conf.5.xml:1561 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1567 +#: sssd.conf.5.xml:1574 msgid "Session recording configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1569 +#: sssd.conf.5.xml:1576 msgid "" "Session recording works in conjunction with <citerefentry> " "<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> </" @@ -1968,66 +1976,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1582 +#: sssd.conf.5.xml:1589 msgid "These options can be used to configure session recording." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1586 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:1593 sssd-session-recording.5.xml:64 msgid "scope (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1593 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:1600 sssd-session-recording.5.xml:71 msgid "\"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1596 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:1603 sssd-session-recording.5.xml:74 msgid "No users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1601 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:1608 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1604 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:1611 sssd-session-recording.5.xml:82 msgid "" "Users/groups specified by <replaceable>users</replaceable> and " "<replaceable>groups</replaceable> options are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1613 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:1620 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1616 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:1623 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1589 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:1596 sssd-session-recording.5.xml:67 msgid "" "One of the following strings specifying the scope of session recording: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1623 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:1630 sssd-session-recording.5.xml:101 msgid "Default: \"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1628 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:1635 sssd-session-recording.5.xml:106 msgid "users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1631 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:1638 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording enabled. " "Matches user names as returned by NSS. I.e. after the possible space " @@ -2035,17 +2043,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1637 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:1644 sssd-session-recording.5.xml:115 msgid "Default: Empty. Matches no users." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1642 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:1649 sssd-session-recording.5.xml:120 msgid "groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1645 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:1652 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " @@ -2053,7 +2061,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1651 sssd-session-recording.5.xml:129 +#: sssd.conf.5.xml:1658 sssd-session-recording.5.xml:129 msgid "" "NOTE: using this option (having it set to anything) has a considerable " "performance cost, because each uncached request for a user requires " @@ -2061,22 +2069,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1658 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:1665 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1668 +#: sssd.conf.5.xml:1675 msgid "DOMAIN SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1675 +#: sssd.conf.5.xml:1682 msgid "domain_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1678 +#: sssd.conf.5.xml:1685 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " @@ -2085,14 +2093,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1686 +#: sssd.conf.5.xml:1693 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1690 +#: sssd.conf.5.xml:1697 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " @@ -2101,38 +2109,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1698 +#: sssd.conf.5.xml:1705 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1702 +#: sssd.conf.5.xml:1709 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1706 +#: sssd.conf.5.xml:1713 msgid "Default: posix" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1712 +#: sssd.conf.5.xml:1719 msgid "min_id,max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1715 +#: sssd.conf.5.xml:1722 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1720 +#: sssd.conf.5.xml:1727 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -2141,46 +2149,55 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1727 +#: sssd.conf.5.xml:1734 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1731 +#: sssd.conf.5.xml:1738 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1737 +#: sssd.conf.5.xml:1744 msgid "enumerate (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1740 +#: sssd.conf.5.xml:1747 msgid "" -"Determines if a domain can be enumerated. This parameter can have one of the " -"following values:" +"Determines if a domain can be enumerated, that is, whether the domain can " +"list all the users and group it contains. Note that it is not required to " +"enable enumeration in order for secondary groups to be displayed. This " +"parameter can have one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1744 +#: sssd.conf.5.xml:1755 msgid "TRUE = Users and groups are enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1747 +#: sssd.conf.5.xml:1758 msgid "FALSE = No enumerations for this domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1750 sssd.conf.5.xml:1965 sssd.conf.5.xml:2132 +#: sssd.conf.5.xml:1761 sssd.conf.5.xml:1983 sssd.conf.5.xml:2150 msgid "Default: FALSE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1753 +#: sssd.conf.5.xml:1764 +msgid "" +"Enumerating a domain requires SSSD to download and store ALL user and group " +"entries from the remote server." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1769 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -2188,18 +2205,20 @@ msgid "" "information will go directly to LDAP, though it may be slow, due to the " "heavy enumeration processing. Saving a large number of entries to cache " "after the enumeration completes might also be CPU intensive as the " -"memberships have to be recomputed." +"memberships have to be recomputed. This can lead to the <quote>sssd_be</" +"quote> process becoming unresponsive or even restarted by the internal " +"watchdog." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1766 +#: sssd.conf.5.xml:1784 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1771 +#: sssd.conf.5.xml:1789 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -2208,39 +2227,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1779 +#: sssd.conf.5.xml:1797 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1787 +#: sssd.conf.5.xml:1805 msgid "subdomain_enumerate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1794 +#: sssd.conf.5.xml:1812 msgid "all" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1795 +#: sssd.conf.5.xml:1813 msgid "All discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1798 +#: sssd.conf.5.xml:1816 msgid "none" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1799 +#: sssd.conf.5.xml:1817 msgid "No discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1790 +#: sssd.conf.5.xml:1808 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -2249,19 +2268,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1813 +#: sssd.conf.5.xml:1831 msgid "entry_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1816 +#: sssd.conf.5.xml:1834 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1820 +#: sssd.conf.5.xml:1838 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -2272,151 +2291,151 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1833 +#: sssd.conf.5.xml:1851 msgid "Default: 5400" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1839 +#: sssd.conf.5.xml:1857 msgid "entry_cache_user_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1842 +#: sssd.conf.5.xml:1860 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1846 sssd.conf.5.xml:1859 sssd.conf.5.xml:1872 -#: sssd.conf.5.xml:1885 sssd.conf.5.xml:1898 sssd.conf.5.xml:1912 -#: sssd.conf.5.xml:1926 +#: sssd.conf.5.xml:1864 sssd.conf.5.xml:1877 sssd.conf.5.xml:1890 +#: sssd.conf.5.xml:1903 sssd.conf.5.xml:1916 sssd.conf.5.xml:1930 +#: sssd.conf.5.xml:1944 msgid "Default: entry_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1852 +#: sssd.conf.5.xml:1870 msgid "entry_cache_group_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1855 +#: sssd.conf.5.xml:1873 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1865 +#: sssd.conf.5.xml:1883 msgid "entry_cache_netgroup_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1868 +#: sssd.conf.5.xml:1886 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1878 +#: sssd.conf.5.xml:1896 msgid "entry_cache_service_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1881 +#: sssd.conf.5.xml:1899 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1891 +#: sssd.conf.5.xml:1909 msgid "entry_cache_sudo_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1894 +#: sssd.conf.5.xml:1912 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1904 +#: sssd.conf.5.xml:1922 msgid "entry_cache_autofs_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1907 +#: sssd.conf.5.xml:1925 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1918 +#: sssd.conf.5.xml:1936 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1921 +#: sssd.conf.5.xml:1939 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1932 +#: sssd.conf.5.xml:1950 msgid "refresh_expired_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1935 +#: sssd.conf.5.xml:1953 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1940 +#: sssd.conf.5.xml:1958 msgid "" "The background refresh will process users, groups and netgroups in the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1944 +#: sssd.conf.5.xml:1962 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1948 sssd-ldap.5.xml:746 sssd-ipa.5.xml:248 +#: sssd.conf.5.xml:1966 sssd-ldap.5.xml:746 sssd-ipa.5.xml:254 msgid "Default: 0 (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1954 +#: sssd.conf.5.xml:1972 msgid "cache_credentials (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1957 +#: sssd.conf.5.xml:1975 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1961 +#: sssd.conf.5.xml:1979 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1971 +#: sssd.conf.5.xml:1989 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1974 +#: sssd.conf.5.xml:1992 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " @@ -2424,24 +2443,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1981 +#: sssd.conf.5.xml:1999 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1986 +#: sssd.conf.5.xml:2004 msgid "Default: 8" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1992 +#: sssd.conf.5.xml:2010 msgid "account_cache_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1995 +#: sssd.conf.5.xml:2013 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -2450,17 +2469,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2002 +#: sssd.conf.5.xml:2020 msgid "Default: 0 (unlimited)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2007 +#: sssd.conf.5.xml:2025 msgid "pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2018 +#: sssd.conf.5.xml:2036 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -2469,33 +2488,33 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2025 +#: sssd.conf.5.xml:2043 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2031 +#: sssd.conf.5.xml:2049 msgid "id_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2034 +#: sssd.conf.5.xml:2052 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2038 +#: sssd.conf.5.xml:2056 msgid "<quote>proxy</quote>: Support a legacy NSS provider" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2041 sssd.conf.5.xml:2178 +#: sssd.conf.5.xml:2059 sssd.conf.5.xml:2196 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2045 +#: sssd.conf.5.xml:2063 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -2503,8 +2522,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2053 sssd.conf.5.xml:2158 sssd.conf.5.xml:2213 -#: sssd.conf.5.xml:2276 +#: sssd.conf.5.xml:2071 sssd.conf.5.xml:2176 sssd.conf.5.xml:2231 +#: sssd.conf.5.xml:2294 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -2513,8 +2532,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2062 sssd.conf.5.xml:2167 sssd.conf.5.xml:2222 -#: sssd.conf.5.xml:2285 +#: sssd.conf.5.xml:2080 sssd.conf.5.xml:2185 sssd.conf.5.xml:2240 +#: sssd.conf.5.xml:2303 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2522,19 +2541,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2073 +#: sssd.conf.5.xml:2091 msgid "use_fully_qualified_names (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2076 +#: sssd.conf.5.xml:2094 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2081 +#: sssd.conf.5.xml:2099 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -2543,7 +2562,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2089 +#: sssd.conf.5.xml:2107 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -2551,22 +2570,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2096 +#: sssd.conf.5.xml:2114 msgid "Default: FALSE (TRUE if default_domain_suffix is used)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2102 +#: sssd.conf.5.xml:2120 msgid "ignore_group_members (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2105 +#: sssd.conf.5.xml:2123 msgid "Do not return group members for group lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2108 +#: sssd.conf.5.xml:2126 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -2578,7 +2597,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2126 +#: sssd.conf.5.xml:2144 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " @@ -2586,19 +2605,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2137 +#: sssd.conf.5.xml:2155 msgid "auth_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2140 +#: sssd.conf.5.xml:2158 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2144 sssd.conf.5.xml:2206 +#: sssd.conf.5.xml:2162 sssd.conf.5.xml:2224 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2606,7 +2625,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2151 +#: sssd.conf.5.xml:2169 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2614,30 +2633,30 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2175 +#: sssd.conf.5.xml:2193 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2182 +#: sssd.conf.5.xml:2200 msgid "<quote>none</quote> disables authentication explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2185 +#: sssd.conf.5.xml:2203 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2191 +#: sssd.conf.5.xml:2209 msgid "access_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2194 +#: sssd.conf.5.xml:2212 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -2645,19 +2664,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2200 +#: sssd.conf.5.xml:2218 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2203 +#: sssd.conf.5.xml:2221 msgid "<quote>deny</quote> always deny access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2230 +#: sssd.conf.5.xml:2248 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -2666,7 +2685,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2237 +#: sssd.conf.5.xml:2255 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum></" @@ -2674,29 +2693,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2244 +#: sssd.conf.5.xml:2262 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2247 +#: sssd.conf.5.xml:2265 msgid "Default: <quote>permit</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2252 +#: sssd.conf.5.xml:2270 msgid "chpass_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2255 +#: sssd.conf.5.xml:2273 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2260 +#: sssd.conf.5.xml:2278 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -2704,7 +2723,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2268 +#: sssd.conf.5.xml:2286 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2712,35 +2731,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2293 +#: sssd.conf.5.xml:2311 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2297 +#: sssd.conf.5.xml:2315 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2300 +#: sssd.conf.5.xml:2318 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2307 +#: sssd.conf.5.xml:2325 msgid "sudo_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2310 +#: sssd.conf.5.xml:2328 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2314 +#: sssd.conf.5.xml:2332 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2748,32 +2767,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2322 +#: sssd.conf.5.xml:2340 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2326 +#: sssd.conf.5.xml:2344 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2330 +#: sssd.conf.5.xml:2348 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2333 sssd.conf.5.xml:2411 sssd.conf.5.xml:2476 -#: sssd.conf.5.xml:2501 +#: sssd.conf.5.xml:2351 sssd.conf.5.xml:2437 sssd.conf.5.xml:2507 +#: sssd.conf.5.xml:2532 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2337 +#: sssd.conf.5.xml:2355 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -2783,13 +2802,22 @@ msgid "" "<manvolnum>5</manvolnum> </citerefentry>." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2370 +msgid "" +"<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " +"background unless the sudo provider is explicitly disabled. Set " +"<emphasis>sudo_provider = None</emphasis> to disable all sudo-related " +"activity in SSSD if you do not want to use sudo with SSSD at all." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2354 +#: sssd.conf.5.xml:2380 msgid "selinux_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2357 +#: sssd.conf.5.xml:2383 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -2797,7 +2825,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2363 +#: sssd.conf.5.xml:2389 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -2805,31 +2833,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2371 +#: sssd.conf.5.xml:2397 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2374 +#: sssd.conf.5.xml:2400 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2380 +#: sssd.conf.5.xml:2406 msgid "subdomains_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2383 +#: sssd.conf.5.xml:2409 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2389 +#: sssd.conf.5.xml:2415 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -2837,7 +2865,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2398 +#: sssd.conf.5.xml:2424 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -2846,17 +2874,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2407 +#: sssd.conf.5.xml:2433 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2417 +#: sssd.conf.5.xml:2443 msgid "session_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2420 +#: sssd.conf.5.xml:2446 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " @@ -2864,36 +2892,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2427 +#: sssd.conf.5.xml:2453 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2431 +#: sssd.conf.5.xml:2457 msgid "" "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2435 +#: sssd.conf.5.xml:2461 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can perform " "session related tasks." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2465 +msgid "" +"<emphasis>NOTE:</emphasis> In order to have this feature working as expected " +"SSSD must be running as \"root\" and not as the unprivileged user." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2442 +#: sssd.conf.5.xml:2473 msgid "autofs_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2445 +#: sssd.conf.5.xml:2476 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2449 +#: sssd.conf.5.xml:2480 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2901,7 +2936,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2456 +#: sssd.conf.5.xml:2487 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2909,7 +2944,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2464 +#: sssd.conf.5.xml:2495 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2917,24 +2952,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2473 +#: sssd.conf.5.xml:2504 msgid "<quote>none</quote> disables autofs explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2483 +#: sssd.conf.5.xml:2514 msgid "hostid_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2486 +#: sssd.conf.5.xml:2517 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2490 +#: sssd.conf.5.xml:2521 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -2942,12 +2977,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2498 +#: sssd.conf.5.xml:2529 msgid "<quote>none</quote> disables hostid explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2511 +#: sssd.conf.5.xml:2542 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -2957,7 +2992,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2520 +#: sssd.conf.5.xml:2551 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -2966,29 +3001,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2525 +#: sssd.conf.5.xml:2556 msgid "username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2528 +#: sssd.conf.5.xml:2559 msgid "username@domain.name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2531 +#: sssd.conf.5.xml:2562 msgid "domain\\username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2534 +#: sssd.conf.5.xml:2565 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2539 +#: sssd.conf.5.xml:2570 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -2996,7 +3031,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2545 +#: sssd.conf.5.xml:2576 msgid "" "PLEASE NOTE: the support for non-unique named subpatterns is not available " "on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre " @@ -3004,66 +3039,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2552 +#: sssd.conf.5.xml:2583 msgid "" "PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?" "P<name>) to label subpatterns." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2599 +#: sssd.conf.5.xml:2630 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2605 +#: sssd.conf.5.xml:2636 msgid "lookup_family_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2608 +#: sssd.conf.5.xml:2639 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2612 +#: sssd.conf.5.xml:2643 msgid "Supported values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2615 +#: sssd.conf.5.xml:2646 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2618 +#: sssd.conf.5.xml:2649 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2621 +#: sssd.conf.5.xml:2652 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2624 +#: sssd.conf.5.xml:2655 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2627 +#: sssd.conf.5.xml:2658 msgid "Default: ipv4_first" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2633 +#: sssd.conf.5.xml:2664 msgid "dns_resolver_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2636 +#: sssd.conf.5.xml:2667 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the " "internal fail over service before assuming that the service is unreachable. " @@ -3072,77 +3107,77 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2643 +#: sssd.conf.5.xml:2674 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2648 sssd-ldap.5.xml:1278 sssd-ldap.5.xml:1320 -#: sssd-ldap.5.xml:1338 sssd-krb5.5.xml:248 +#: sssd.conf.5.xml:2679 sssd-ldap.5.xml:1396 sssd-ldap.5.xml:1438 +#: sssd-ldap.5.xml:1456 sssd-krb5.5.xml:248 msgid "Default: 6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2654 +#: sssd.conf.5.xml:2685 msgid "dns_discovery_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2657 +#: sssd.conf.5.xml:2688 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2661 +#: sssd.conf.5.xml:2692 msgid "Default: Use the domain part of machine's hostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2667 +#: sssd.conf.5.xml:2698 msgid "override_gid (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2670 +#: sssd.conf.5.xml:2701 msgid "Override the primary GID value with the one specified." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2676 +#: sssd.conf.5.xml:2707 msgid "case_sensitive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2684 +#: sssd.conf.5.xml:2715 msgid "True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2687 +#: sssd.conf.5.xml:2718 msgid "Case sensitive. This value is invalid for AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2693 +#: sssd.conf.5.xml:2724 msgid "False" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2695 +#: sssd.conf.5.xml:2726 msgid "Case insensitive." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2699 +#: sssd.conf.5.xml:2730 msgid "Preserving" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2702 +#: sssd.conf.5.xml:2733 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " @@ -3150,7 +3185,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2679 +#: sssd.conf.5.xml:2710 msgid "" "Treat user and group names as case sensitive. At the moment, this option is " "not supported in the local provider. Possible option values are: " @@ -3158,17 +3193,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2714 +#: sssd.conf.5.xml:2745 msgid "Default: True (False for AD provider)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2720 +#: sssd.conf.5.xml:2751 msgid "subdomain_inherit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2723 +#: sssd.conf.5.xml:2754 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " @@ -3176,34 +3211,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2729 +#: sssd.conf.5.xml:2760 msgid "ignore_group_members" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2732 +#: sssd.conf.5.xml:2763 msgid "ldap_purge_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2735 sssd-ldap.5.xml:1111 +#: sssd.conf.5.xml:2766 sssd-ldap.5.xml:1120 msgid "ldap_use_tokengroups" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2738 +#: sssd.conf.5.xml:2769 msgid "ldap_user_principal" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2741 +#: sssd.conf.5.xml:2772 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:2747 +#: sssd.conf.5.xml:2778 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" @@ -3211,32 +3246,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2745 sssd-secrets.5.xml:448 +#: sssd.conf.5.xml:2776 sssd-secrets.5.xml:448 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2754 +#: sssd.conf.5.xml:2785 msgid "Note: This option only works with the IPA and AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2761 +#: sssd.conf.5.xml:2792 msgid "subdomain_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2772 +#: sssd.conf.5.xml:2803 msgid "%F" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2773 +#: sssd.conf.5.xml:2804 msgid "flat (NetBIOS) name of a subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2764 +#: sssd.conf.5.xml:2795 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -3246,34 +3281,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2778 +#: sssd.conf.5.xml:2809 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2782 +#: sssd.conf.5.xml:2813 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2787 +#: sssd.conf.5.xml:2818 msgid "realmd_tags (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2790 +#: sssd.conf.5.xml:2821 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2796 +#: sssd.conf.5.xml:2827 msgid "cached_auth_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2799 +#: sssd.conf.5.xml:2830 msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " @@ -3281,20 +3316,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2805 +#: sssd.conf.5.xml:2836 msgid "Special value 0 implies that this feature is disabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2809 +#: sssd.conf.5.xml:2840 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " "<quote>initgroups.</quote>" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2851 +msgid "auto_private_groups (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2854 +msgid "" +"If this option is enabled, SSSD will automatically create user private " +"groups based on user's UID number. The GID number is ignored in this case." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2859 +msgid "" +"For POSIX subdomains, setting the option in the main domain is inherited in " +"the subdomain." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2863 +msgid "" +"For ID-mapping subdomains, auto_private_groups is already enabled for the " +"subdomains and setting it to false will not have any effect for the " +"subdomain." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2868 +msgid "" +"NOTE: Because the GID number and the user private group are inferred from " +"the UID number, it is not supported to have multiple entries with the same " +"UID or GID number with this option. In other words, enabling this option " +"enforces uniqueness across the ID space." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1670 +#: sssd.conf.5.xml:1677 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -3302,29 +3373,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2827 +#: sssd.conf.5.xml:2887 msgid "proxy_pam_target (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2830 +#: sssd.conf.5.xml:2890 msgid "The proxy target PAM proxies to." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2833 +#: sssd.conf.5.xml:2893 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2841 +#: sssd.conf.5.xml:2901 msgid "proxy_lib_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2844 +#: sssd.conf.5.xml:2904 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -3332,12 +3403,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2854 +#: sssd.conf.5.xml:2914 msgid "proxy_fast_alias (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2857 +#: sssd.conf.5.xml:2917 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -3346,12 +3417,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2871 +#: sssd.conf.5.xml:2931 msgid "proxy_max_children (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2874 +#: sssd.conf.5.xml:2934 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " @@ -3359,19 +3430,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:2823 +#: sssd.conf.5.xml:2883 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2890 +#: sssd.conf.5.xml:2950 msgid "Application domains" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2892 +#: sssd.conf.5.xml:2952 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> <refentrytitle>sssd-ifp</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) is appealing to " @@ -3388,7 +3459,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2912 +#: sssd.conf.5.xml:2972 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " @@ -3396,17 +3467,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:2918 +#: sssd.conf.5.xml:2978 msgid "Application domain parameters" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2920 +#: sssd.conf.5.xml:2980 msgid "inherit_from (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2923 +#: sssd.conf.5.xml:2983 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " @@ -3415,7 +3486,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2937 +#: sssd.conf.5.xml:2997 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " @@ -3425,7 +3496,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:2945 +#: sssd.conf.5.xml:3005 #, no-wrap msgid "" "[sssd]\n" @@ -3445,12 +3516,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2963 +#: sssd.conf.5.xml:3023 msgid "The local domain section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2965 +#: sssd.conf.5.xml:3025 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -3458,73 +3529,73 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2972 +#: sssd.conf.5.xml:3032 msgid "default_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2975 +#: sssd.conf.5.xml:3035 msgid "The default shell for users created with SSSD userspace tools." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2979 +#: sssd.conf.5.xml:3039 msgid "Default: <filename>/bin/bash</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2984 +#: sssd.conf.5.xml:3044 msgid "base_directory (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2987 +#: sssd.conf.5.xml:3047 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2992 +#: sssd.conf.5.xml:3052 msgid "Default: <filename>/home</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2997 +#: sssd.conf.5.xml:3057 msgid "create_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3000 +#: sssd.conf.5.xml:3060 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3004 sssd.conf.5.xml:3016 +#: sssd.conf.5.xml:3064 sssd.conf.5.xml:3076 msgid "Default: TRUE" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3009 +#: sssd.conf.5.xml:3069 msgid "remove_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3012 +#: sssd.conf.5.xml:3072 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3021 +#: sssd.conf.5.xml:3081 msgid "homedir_umask (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3024 +#: sssd.conf.5.xml:3084 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -3532,17 +3603,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3032 +#: sssd.conf.5.xml:3092 msgid "Default: 077" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3037 +#: sssd.conf.5.xml:3097 msgid "skel_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3040 +#: sssd.conf.5.xml:3100 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -3551,17 +3622,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3050 +#: sssd.conf.5.xml:3110 msgid "Default: <filename>/etc/skel</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3055 +#: sssd.conf.5.xml:3115 msgid "mail_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3058 +#: sssd.conf.5.xml:3118 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -3569,17 +3640,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3065 +#: sssd.conf.5.xml:3125 msgid "Default: <filename>/var/mail</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3070 +#: sssd.conf.5.xml:3130 msgid "userdel_cmd (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3073 +#: sssd.conf.5.xml:3133 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -3587,17 +3658,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3079 +#: sssd.conf.5.xml:3139 msgid "Default: None, no command is run" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3089 +#: sssd.conf.5.xml:3149 msgid "TRUSTED DOMAIN SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3091 +#: sssd.conf.5.xml:3151 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called <quote>[domain/" @@ -3608,64 +3679,64 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3098 +#: sssd.conf.5.xml:3158 msgid "ldap_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3099 +#: sssd.conf.5.xml:3159 msgid "ldap_user_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3100 +#: sssd.conf.5.xml:3160 msgid "ldap_group_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3101 +#: sssd.conf.5.xml:3161 msgid "ldap_netgroup_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3102 +#: sssd.conf.5.xml:3162 msgid "ldap_service_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3103 +#: sssd.conf.5.xml:3163 msgid "ad_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3104 +#: sssd.conf.5.xml:3164 msgid "ad_backup_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3105 +#: sssd.conf.5.xml:3165 msgid "ad_site," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3106 +#: sssd.conf.5.xml:3166 msgid "use_fully_qualified_names" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3108 +#: sssd.conf.5.xml:3168 msgid "" "For more details about these options see their individual description in the " "manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3114 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:3174 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3120 +#: sssd.conf.5.xml:3180 #, no-wrap msgid "" "[sssd]\n" @@ -3695,7 +3766,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3116 +#: sssd.conf.5.xml:3176 msgid "" "1. The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -3704,7 +3775,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3153 +#: sssd.conf.5.xml:3213 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" @@ -3712,7 +3783,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3147 +#: sssd.conf.5.xml:3207 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -3760,7 +3831,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:75 sssd-ad.5.xml:99 +#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:81 sssd-ad.5.xml:112 #: sssd-krb5.5.xml:63 sssd-ifp.5.xml:44 sssd-files.5.xml:57 #: sssd-secrets.5.xml:120 sssd-session-recording.5.xml:58 sssd-kcm.8.xml:139 msgid "CONFIGURATION OPTIONS" @@ -3861,7 +3932,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:662 sssd-ad.5.xml:270 +#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:662 sssd-ad.5.xml:283 #: sss_override.8.xml:137 sss_override.8.xml:234 msgid "Examples:" msgstr "" @@ -4062,7 +4133,7 @@ msgid "The LDAP attribute that corresponds to the user's primary group id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:297 sssd-ldap.5.xml:920 +#: sssd-ldap.5.xml:297 sssd-ldap.5.xml:929 msgid "Default: gidNumber" msgstr "" @@ -4140,7 +4211,7 @@ msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:364 sssd-ldap.5.xml:946 +#: sssd-ldap.5.xml:364 sssd-ldap.5.xml:955 msgid "" "Default: not set in the general case, objectGUID for AD and ipaUniqueID for " "IPA" @@ -4159,7 +4230,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:379 sssd-ldap.5.xml:961 +#: sssd-ldap.5.xml:379 sssd-ldap.5.xml:970 msgid "Default: objectSid for ActiveDirectory, not set for other servers." msgstr "" @@ -4169,14 +4240,14 @@ msgid "ldap_user_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:389 sssd-ldap.5.xml:971 sssd-ldap.5.xml:1194 +#: sssd-ldap.5.xml:389 sssd-ldap.5.xml:980 sssd-ldap.5.xml:1203 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:393 sssd-ldap.5.xml:975 sssd-ldap.5.xml:1201 +#: sssd-ldap.5.xml:393 sssd-ldap.5.xml:984 sssd-ldap.5.xml:1210 msgid "Default: modifyTimestamp" msgstr "" @@ -4508,7 +4579,7 @@ msgid "The LDAP attribute that contains the user's SSH public keys." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:692 +#: sssd-ldap.5.xml:692 sssd-ldap.5.xml:1306 msgid "Default: sshPublicKey" msgstr "" @@ -4571,8 +4642,8 @@ msgid "The LDAP attribute that corresponds to the user's full name." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:759 sssd-ldap.5.xml:1152 sssd-ldap.5.xml:1226 -#: sssd-ldap.5.xml:2276 sssd-ipa.5.xml:588 +#: sssd-ldap.5.xml:759 sssd-ldap.5.xml:1161 sssd-ldap.5.xml:1235 +#: sssd-ldap.5.xml:1344 sssd-ldap.5.xml:2394 sssd-ipa.5.xml:607 msgid "Default: cn" msgstr "" @@ -4587,7 +4658,7 @@ msgid "The LDAP attribute that lists the user's group memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:772 +#: sssd-ldap.5.xml:772 sssd-ldap.5.xml:1274 msgid "Default: memberOf" msgstr "" @@ -4717,105 +4788,115 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:881 +msgid "" +"Note: If an email address of a user conflicts with an email address or fully " +"qualified name of another user, then SSSD will not be able to serve those " +"users properly. If for some reason several users need to share the same " +"email address then set this option to a nonexistent attribute name in order " +"to disable user lookup/login by email." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:890 msgid "Default: mail" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:887 +#: sssd-ldap.5.xml:896 msgid "ldap_group_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:890 +#: sssd-ldap.5.xml:899 msgid "The object class of a group entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:893 +#: sssd-ldap.5.xml:902 msgid "Default: posixGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:899 +#: sssd-ldap.5.xml:908 msgid "ldap_group_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:902 +#: sssd-ldap.5.xml:911 msgid "The LDAP attribute that corresponds to the group name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:906 +#: sssd-ldap.5.xml:915 msgid "Default: cn (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:913 +#: sssd-ldap.5.xml:922 msgid "ldap_group_gid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:916 +#: sssd-ldap.5.xml:925 msgid "The LDAP attribute that corresponds to the group's id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:926 +#: sssd-ldap.5.xml:935 msgid "ldap_group_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:929 +#: sssd-ldap.5.xml:938 msgid "The LDAP attribute that contains the names of the group's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:933 +#: sssd-ldap.5.xml:942 msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:939 +#: sssd-ldap.5.xml:948 msgid "ldap_group_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:942 +#: sssd-ldap.5.xml:951 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:953 +#: sssd-ldap.5.xml:962 msgid "ldap_group_objectsid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:956 +#: sssd-ldap.5.xml:965 msgid "" "The LDAP attribute that contains the objectSID of an LDAP group object. This " "is usually only necessary for ActiveDirectory servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:968 +#: sssd-ldap.5.xml:977 msgid "ldap_group_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:981 +#: sssd-ldap.5.xml:990 msgid "ldap_group_type (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:984 +#: sssd-ldap.5.xml:993 msgid "" "The LDAP attribute that contains an integer value indicating the type of the " "group and maybe other flags." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:989 +#: sssd-ldap.5.xml:998 msgid "" "This attribute is currently only used by the AD provider to determine if a " "group is a domain local groups and has to be filtered out for trusted " @@ -4823,34 +4904,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:995 +#: sssd-ldap.5.xml:1004 msgid "Default: groupType in the AD provider, otherwise not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1002 +#: sssd-ldap.5.xml:1011 msgid "ldap_group_external_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1005 +#: sssd-ldap.5.xml:1014 msgid "" "The LDAP attribute that references group members that are defined in an " "external domain. At the moment, only IPA's external members are supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1011 +#: sssd-ldap.5.xml:1020 msgid "Default: ipaExternalMember in the IPA provider, otherwise unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1018 +#: sssd-ldap.5.xml:1027 msgid "ldap_group_nesting_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1021 +#: sssd-ldap.5.xml:1030 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -4858,7 +4939,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1028 +#: sssd-ldap.5.xml:1037 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -4868,7 +4949,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1037 +#: sssd-ldap.5.xml:1046 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " @@ -4878,17 +4959,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1046 +#: sssd-ldap.5.xml:1055 msgid "Default: 2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1052 +#: sssd-ldap.5.xml:1061 msgid "ldap_groups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1055 +#: sssd-ldap.5.xml:1064 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which may speed up group lookup operations on deployments with " @@ -4896,14 +4977,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1061 +#: sssd-ldap.5.xml:1070 msgid "" "In most common cases, it is best to leave this option disabled. It generally " "only provides a performance increase on very complex nestings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1066 sssd-ldap.5.xml:1093 +#: sssd-ldap.5.xml:1075 sssd-ldap.5.xml:1102 msgid "" "If this option is enabled, SSSD will use it if it detects that the server " "supports it during initial connection. So \"True\" here essentially means " @@ -4911,7 +4992,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1072 sssd-ldap.5.xml:1099 +#: sssd-ldap.5.xml:1081 sssd-ldap.5.xml:1108 msgid "" "Note: This feature is currently known to work only with Active Directory " "2008 R1 and later. See <ulink url=\"http://msdn.microsoft.com/en-us/library/" @@ -4920,12 +5001,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1084 +#: sssd-ldap.5.xml:1093 msgid "ldap_initgroups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1087 +#: sssd-ldap.5.xml:1096 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which might speed up initgroups operations (most notably when " @@ -4933,168 +5014,268 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1114 +#: sssd-ldap.5.xml:1123 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1119 +#: sssd-ldap.5.xml:1128 msgid "Default: True for AD and IPA otherwise False." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1125 +#: sssd-ldap.5.xml:1134 msgid "ldap_netgroup_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1128 +#: sssd-ldap.5.xml:1137 msgid "The object class of a netgroup entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1131 +#: sssd-ldap.5.xml:1140 msgid "In IPA provider, ipa_netgroup_object_class should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1135 +#: sssd-ldap.5.xml:1144 msgid "Default: nisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1141 +#: sssd-ldap.5.xml:1150 msgid "ldap_netgroup_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1144 +#: sssd-ldap.5.xml:1153 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1148 +#: sssd-ldap.5.xml:1157 msgid "In IPA provider, ipa_netgroup_name should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1158 +#: sssd-ldap.5.xml:1167 msgid "ldap_netgroup_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1161 +#: sssd-ldap.5.xml:1170 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1165 +#: sssd-ldap.5.xml:1174 msgid "In IPA provider, ipa_netgroup_member should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1169 +#: sssd-ldap.5.xml:1178 msgid "Default: memberNisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1175 +#: sssd-ldap.5.xml:1184 msgid "ldap_netgroup_triple (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1178 +#: sssd-ldap.5.xml:1187 msgid "" "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1182 sssd-ldap.5.xml:1198 +#: sssd-ldap.5.xml:1191 sssd-ldap.5.xml:1207 msgid "This option is not available in IPA provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1185 +#: sssd-ldap.5.xml:1194 msgid "Default: nisNetgroupTriple" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1191 +#: sssd-ldap.5.xml:1200 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1207 -msgid "ldap_service_object_class (string)" +#: sssd-ldap.5.xml:1216 +msgid "ldap_host_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1210 -msgid "The object class of a service entry in LDAP." +#: sssd-ldap.5.xml:1219 +msgid "The object class of a host entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1213 +#: sssd-ldap.5.xml:1222 sssd-ldap.5.xml:1331 msgid "Default: ipService" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1219 +#: sssd-ldap.5.xml:1228 +msgid "ldap_host_name (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1231 sssd-ldap.5.xml:1257 +msgid "The LDAP attribute that corresponds to the host's name." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1241 +msgid "ldap_host_fqdn (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1244 +msgid "" +"The LDAP attribute that corresponds to the host's fully-qualified domain " +"name." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1248 +msgid "Default: fqdn" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1254 +msgid "ldap_host_serverhostname (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1261 +msgid "Default: serverHostname" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1267 +msgid "ldap_host_member_of (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1270 +msgid "The LDAP attribute that lists the host's group memberships." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1280 +msgid "ldap_host_search_base (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1283 +msgid "Optional. Use the given string as search base for host objects." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1287 sssd-ipa.5.xml:359 sssd-ipa.5.xml:378 +#: sssd-ipa.5.xml:397 sssd-ipa.5.xml:416 +msgid "" +"See <quote>ldap_search_base</quote> for information about configuring " +"multiple search bases." +msgstr "" + +#. type: Content of: <listitem><para> +#: sssd-ldap.5.xml:1292 sssd-ipa.5.xml:364 include/ldap_search_bases.xml:27 +msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1299 +msgid "ldap_host_ssh_public_key (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1302 +msgid "The LDAP attribute that contains the host's SSH public keys." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1312 +msgid "ldap_host_uuid (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1315 +msgid "The LDAP attribute that contains the UUID/GUID of an LDAP host object." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1325 +msgid "ldap_service_object_class (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1328 +msgid "The object class of a service entry in LDAP." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1337 msgid "ldap_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1222 +#: sssd-ldap.5.xml:1340 msgid "" "The LDAP attribute that contains the name of service attributes and their " "aliases." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1232 +#: sssd-ldap.5.xml:1350 msgid "ldap_service_port (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1235 +#: sssd-ldap.5.xml:1353 msgid "The LDAP attribute that contains the port managed by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1239 +#: sssd-ldap.5.xml:1357 msgid "Default: ipServicePort" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1245 +#: sssd-ldap.5.xml:1363 msgid "ldap_service_proto (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1248 +#: sssd-ldap.5.xml:1366 msgid "" "The LDAP attribute that contains the protocols understood by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1252 +#: sssd-ldap.5.xml:1370 msgid "Default: ipServiceProtocol" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1258 +#: sssd-ldap.5.xml:1376 msgid "ldap_service_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1263 +#: sssd-ldap.5.xml:1381 msgid "ldap_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1266 +#: sssd-ldap.5.xml:1384 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -5102,7 +5283,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1272 +#: sssd-ldap.5.xml:1390 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -5110,12 +5291,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1284 +#: sssd-ldap.5.xml:1402 msgid "ldap_enumeration_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1287 +#: sssd-ldap.5.xml:1405 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -5123,12 +5304,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1300 +#: sssd-ldap.5.xml:1418 msgid "ldap_network_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1303 +#: sssd-ldap.5.xml:1421 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -5139,12 +5320,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1326 +#: sssd-ldap.5.xml:1444 msgid "ldap_opt_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1329 +#: sssd-ldap.5.xml:1447 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -5153,12 +5334,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1344 +#: sssd-ldap.5.xml:1462 msgid "ldap_connection_expire_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1347 +#: sssd-ldap.5.xml:1465 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -5167,34 +5348,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1355 sssd-ldap.5.xml:2433 +#: sssd-ldap.5.xml:1473 sssd-ldap.5.xml:2551 msgid "Default: 900 (15 minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1361 +#: sssd-ldap.5.xml:1479 msgid "ldap_page_size (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1364 +#: sssd-ldap.5.xml:1482 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1369 +#: sssd-ldap.5.xml:1487 msgid "Default: 1000" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1375 +#: sssd-ldap.5.xml:1493 msgid "ldap_disable_paging (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1378 +#: sssd-ldap.5.xml:1496 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -5202,14 +5383,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1384 +#: sssd-ldap.5.xml:1502 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1390 +#: sssd-ldap.5.xml:1508 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -5217,17 +5398,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1402 +#: sssd-ldap.5.xml:1520 msgid "ldap_disable_range_retrieval (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1405 +#: sssd-ldap.5.xml:1523 msgid "Disable Active Directory range retrieval." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1408 +#: sssd-ldap.5.xml:1526 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -5237,12 +5418,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1423 +#: sssd-ldap.5.xml:1541 msgid "ldap_sasl_minssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1426 +#: sssd-ldap.5.xml:1544 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -5250,17 +5431,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1432 +#: sssd-ldap.5.xml:1550 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1439 +#: sssd-ldap.5.xml:1557 msgid "ldap_deref_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1442 +#: sssd-ldap.5.xml:1560 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -5268,13 +5449,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1448 +#: sssd-ldap.5.xml:1566 msgid "" "You can turn off dereference lookups completely by setting the value to 0." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1452 +#: sssd-ldap.5.xml:1570 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -5283,7 +5464,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1460 +#: sssd-ldap.5.xml:1578 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -5291,26 +5472,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1473 +#: sssd-ldap.5.xml:1591 msgid "ldap_tls_reqcert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1476 +#: sssd-ldap.5.xml:1594 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1482 +#: sssd-ldap.5.xml:1600 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1486 +#: sssd-ldap.5.xml:1604 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5318,7 +5499,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1493 +#: sssd-ldap.5.xml:1611 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5326,7 +5507,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1499 +#: sssd-ldap.5.xml:1617 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -5334,41 +5515,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1505 +#: sssd-ldap.5.xml:1623 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1509 +#: sssd-ldap.5.xml:1627 msgid "Default: hard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1515 +#: sssd-ldap.5.xml:1633 msgid "ldap_tls_cacert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1518 +#: sssd-ldap.5.xml:1636 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1523 sssd-ldap.5.xml:1541 sssd-ldap.5.xml:1582 +#: sssd-ldap.5.xml:1641 sssd-ldap.5.xml:1659 sssd-ldap.5.xml:1700 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1530 +#: sssd-ldap.5.xml:1648 msgid "ldap_tls_cacertdir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1533 +#: sssd-ldap.5.xml:1651 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -5377,32 +5558,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1548 +#: sssd-ldap.5.xml:1666 msgid "ldap_tls_cert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1551 +#: sssd-ldap.5.xml:1669 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1561 +#: sssd-ldap.5.xml:1679 msgid "ldap_tls_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1564 +#: sssd-ldap.5.xml:1682 msgid "Specifies the file that contains the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1573 +#: sssd-ldap.5.xml:1691 msgid "ldap_tls_cipher_suite (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1576 +#: sssd-ldap.5.xml:1694 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -5410,24 +5591,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1589 +#: sssd-ldap.5.xml:1707 msgid "ldap_id_use_start_tls (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1592 +#: sssd-ldap.5.xml:1710 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1602 +#: sssd-ldap.5.xml:1720 msgid "ldap_id_mapping (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1605 +#: sssd-ldap.5.xml:1723 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -5435,17 +5616,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1611 +#: sssd-ldap.5.xml:1729 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1621 +#: sssd-ldap.5.xml:1739 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1624 +#: sssd-ldap.5.xml:1742 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -5456,29 +5637,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1636 +#: sssd-ldap.5.xml:1754 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1642 +#: sssd-ldap.5.xml:1760 msgid "ldap_sasl_mech (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1645 +#: sssd-ldap.5.xml:1763 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI is tested and " "supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1655 +#: sssd-ldap.5.xml:1773 msgid "ldap_sasl_authid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1658 +#: sssd-ldap.5.xml:1776 msgid "" "Specify the SASL authorization id to use. When GSSAPI is used, this " "represents the Kerberos principal used for authentication to the directory. " @@ -5487,17 +5668,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1666 +#: sssd-ldap.5.xml:1784 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1672 +#: sssd-ldap.5.xml:1790 msgid "ldap_sasl_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1675 +#: sssd-ldap.5.xml:1793 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -5505,49 +5686,49 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1681 +#: sssd-ldap.5.xml:1799 msgid "Default: the value of krb5_realm." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1687 +#: sssd-ldap.5.xml:1805 msgid "ldap_sasl_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1690 +#: sssd-ldap.5.xml:1808 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1695 +#: sssd-ldap.5.xml:1813 msgid "Default: false;" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1701 +#: sssd-ldap.5.xml:1819 msgid "ldap_krb5_keytab (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1704 +#: sssd-ldap.5.xml:1822 msgid "Specify the keytab to use when using SASL/GSSAPI." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1707 +#: sssd-ldap.5.xml:1825 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1713 +#: sssd-ldap.5.xml:1831 msgid "ldap_krb5_init_creds (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1716 +#: sssd-ldap.5.xml:1834 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -5555,27 +5736,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1728 +#: sssd-ldap.5.xml:1846 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1731 +#: sssd-ldap.5.xml:1849 msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1735 sssd-ad.5.xml:914 +#: sssd-ldap.5.xml:1853 sssd-ad.5.xml:934 msgid "Default: 86400 (24 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1741 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1859 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1744 +#: sssd-ldap.5.xml:1862 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -5587,7 +5768,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1756 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1874 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -5595,7 +5776,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1761 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1879 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -5603,39 +5784,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1770 sssd-ipa.5.xml:432 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1888 sssd-ipa.5.xml:428 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1773 +#: sssd-ldap.5.xml:1891 msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1776 +#: sssd-ldap.5.xml:1894 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1782 sssd-krb5.5.xml:462 +#: sssd-ldap.5.xml:1900 sssd-krb5.5.xml:462 msgid "krb5_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1785 +#: sssd-ldap.5.xml:1903 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1797 sssd-krb5.5.xml:477 +#: sssd-ldap.5.xml:1915 sssd-krb5.5.xml:477 msgid "krb5_use_kdcinfo (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1800 sssd-krb5.5.xml:480 +#: sssd-ldap.5.xml:1918 sssd-krb5.5.xml:480 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -5645,7 +5826,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1811 sssd-krb5.5.xml:491 +#: sssd-ldap.5.xml:1929 sssd-krb5.5.xml:491 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -5653,26 +5834,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1825 +#: sssd-ldap.5.xml:1943 msgid "ldap_pwd_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1828 +#: sssd-ldap.5.xml:1946 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1833 +#: sssd-ldap.5.xml:1951 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1838 +#: sssd-ldap.5.xml:1956 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -5680,7 +5861,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1844 +#: sssd-ldap.5.xml:1962 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -5688,31 +5869,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1853 +#: sssd-ldap.5.xml:1971 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1861 +#: sssd-ldap.5.xml:1979 msgid "ldap_referrals (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1864 +#: sssd-ldap.5.xml:1982 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1868 +#: sssd-ldap.5.xml:1986 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1873 +#: sssd-ldap.5.xml:1991 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -5721,56 +5902,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1887 +#: sssd-ldap.5.xml:2005 msgid "ldap_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1890 +#: sssd-ldap.5.xml:2008 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1894 +#: sssd-ldap.5.xml:2012 msgid "Default: ldap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1900 +#: sssd-ldap.5.xml:2018 msgid "ldap_chpass_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1903 +#: sssd-ldap.5.xml:2021 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1908 +#: sssd-ldap.5.xml:2026 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1914 +#: sssd-ldap.5.xml:2032 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1917 +#: sssd-ldap.5.xml:2035 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1929 +#: sssd-ldap.5.xml:2047 msgid "ldap_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1932 +#: sssd-ldap.5.xml:2050 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -5786,12 +5967,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1952 +#: sssd-ldap.5.xml:2070 msgid "Example:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1955 +#: sssd-ldap.5.xml:2073 #, no-wrap msgid "" "access_provider = ldap\n" @@ -5800,14 +5981,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1959 +#: sssd-ldap.5.xml:2077 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1964 +#: sssd-ldap.5.xml:2082 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -5816,24 +5997,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1972 sssd-ldap.5.xml:2029 +#: sssd-ldap.5.xml:2090 sssd-ldap.5.xml:2147 msgid "Default: Empty" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1978 +#: sssd-ldap.5.xml:2096 msgid "ldap_account_expire_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1981 +#: sssd-ldap.5.xml:2099 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1985 +#: sssd-ldap.5.xml:2103 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -5841,19 +6022,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1992 +#: sssd-ldap.5.xml:2110 msgid "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1995 +#: sssd-ldap.5.xml:2113 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2000 +#: sssd-ldap.5.xml:2118 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -5862,7 +6043,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2007 +#: sssd-ldap.5.xml:2125 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -5870,7 +6051,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2013 +#: sssd-ldap.5.xml:2131 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -5879,7 +6060,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2022 +#: sssd-ldap.5.xml:2140 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -5887,22 +6068,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2035 +#: sssd-ldap.5.xml:2153 msgid "ldap_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2038 +#: sssd-ldap.5.xml:2156 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2042 +#: sssd-ldap.5.xml:2160 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2045 +#: sssd-ldap.5.xml:2163 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -5912,14 +6093,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2055 +#: sssd-ldap.5.xml:2173 msgid "" "<emphasis> Please note that this option is superseded by the <quote>ppolicy</" "quote> option and might be removed in a future release. </emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2062 +#: sssd-ldap.5.xml:2180 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -5932,12 +6113,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2079 +#: sssd-ldap.5.xml:2197 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2083 +#: sssd-ldap.5.xml:2201 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " @@ -5947,7 +6128,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2093 +#: sssd-ldap.5.xml:2211 msgid "" "The difference between these options is the action taken if user password is " "expired: pwd_expire_policy_reject - user is denied to log in, " @@ -5957,63 +6138,63 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2101 +#: sssd-ldap.5.xml:2219 msgid "" "Note If user password is expired no explicit message is prompted by SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2105 +#: sssd-ldap.5.xml:2223 msgid "" "Please note that 'access_provider = ldap' must be set for this feature to " "work. Also 'ldap_pwd_policy' must be set to an appropriate password policy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2110 +#: sssd-ldap.5.xml:2228 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2115 +#: sssd-ldap.5.xml:2233 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2119 +#: sssd-ldap.5.xml:2237 msgid "" "<emphasis>rhost</emphasis>: use the rhost attribute to determine whether " "remote host can access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2123 +#: sssd-ldap.5.xml:2241 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control option" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2128 +#: sssd-ldap.5.xml:2246 msgid "Default: filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2131 +#: sssd-ldap.5.xml:2249 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2138 +#: sssd-ldap.5.xml:2256 msgid "ldap_pwdlockout_dn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2141 +#: sssd-ldap.5.xml:2259 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " @@ -6022,74 +6203,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2149 +#: sssd-ldap.5.xml:2267 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2152 +#: sssd-ldap.5.xml:2270 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2158 +#: sssd-ldap.5.xml:2276 msgid "ldap_deref (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2161 +#: sssd-ldap.5.xml:2279 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2166 +#: sssd-ldap.5.xml:2284 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2170 +#: sssd-ldap.5.xml:2288 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2175 +#: sssd-ldap.5.xml:2293 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2180 +#: sssd-ldap.5.xml:2298 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2185 +#: sssd-ldap.5.xml:2303 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2193 +#: sssd-ldap.5.xml:2311 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2196 +#: sssd-ldap.5.xml:2314 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2200 +#: sssd-ldap.5.xml:2318 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -6100,7 +6281,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2211 +#: sssd-ldap.5.xml:2329 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -6108,24 +6289,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2223 sssd-ifp.5.xml:136 +#: sssd-ldap.5.xml:2341 sssd-ifp.5.xml:136 msgid "wildcard_limit (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2226 +#: sssd-ldap.5.xml:2344 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2230 +#: sssd-ldap.5.xml:2348 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2234 +#: sssd-ldap.5.xml:2352 msgid "Default: 1000 (often the size of one page)" msgstr "" @@ -6140,12 +6321,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2244 +#: sssd-ldap.5.xml:2362 msgid "SUDO OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2246 +#: sssd-ldap.5.xml:2364 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -6153,208 +6334,208 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2257 +#: sssd-ldap.5.xml:2375 msgid "ldap_sudorule_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2260 +#: sssd-ldap.5.xml:2378 msgid "The object class of a sudo rule entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2263 +#: sssd-ldap.5.xml:2381 msgid "Default: sudoRole" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2269 +#: sssd-ldap.5.xml:2387 msgid "ldap_sudorule_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2272 +#: sssd-ldap.5.xml:2390 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2282 +#: sssd-ldap.5.xml:2400 msgid "ldap_sudorule_command (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2285 +#: sssd-ldap.5.xml:2403 msgid "The LDAP attribute that corresponds to the command name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2289 +#: sssd-ldap.5.xml:2407 msgid "Default: sudoCommand" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2295 +#: sssd-ldap.5.xml:2413 msgid "ldap_sudorule_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2298 +#: sssd-ldap.5.xml:2416 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2303 +#: sssd-ldap.5.xml:2421 msgid "Default: sudoHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2309 +#: sssd-ldap.5.xml:2427 msgid "ldap_sudorule_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2312 +#: sssd-ldap.5.xml:2430 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2316 +#: sssd-ldap.5.xml:2434 msgid "Default: sudoUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2322 +#: sssd-ldap.5.xml:2440 msgid "ldap_sudorule_option (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2325 +#: sssd-ldap.5.xml:2443 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2329 +#: sssd-ldap.5.xml:2447 msgid "Default: sudoOption" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2335 +#: sssd-ldap.5.xml:2453 msgid "ldap_sudorule_runasuser (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2338 +#: sssd-ldap.5.xml:2456 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2342 +#: sssd-ldap.5.xml:2460 msgid "Default: sudoRunAsUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2348 +#: sssd-ldap.5.xml:2466 msgid "ldap_sudorule_runasgroup (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2351 +#: sssd-ldap.5.xml:2469 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2355 +#: sssd-ldap.5.xml:2473 msgid "Default: sudoRunAsGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2361 +#: sssd-ldap.5.xml:2479 msgid "ldap_sudorule_notbefore (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2364 +#: sssd-ldap.5.xml:2482 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2368 +#: sssd-ldap.5.xml:2486 msgid "Default: sudoNotBefore" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2374 +#: sssd-ldap.5.xml:2492 msgid "ldap_sudorule_notafter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2377 +#: sssd-ldap.5.xml:2495 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2382 +#: sssd-ldap.5.xml:2500 msgid "Default: sudoNotAfter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2388 +#: sssd-ldap.5.xml:2506 msgid "ldap_sudorule_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2391 +#: sssd-ldap.5.xml:2509 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2395 +#: sssd-ldap.5.xml:2513 msgid "Default: sudoOrder" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2401 +#: sssd-ldap.5.xml:2519 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2404 +#: sssd-ldap.5.xml:2522 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2409 +#: sssd-ldap.5.xml:2527 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2414 +#: sssd-ldap.5.xml:2532 msgid "Default: 21600 (6 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2420 +#: sssd-ldap.5.xml:2538 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2423 +#: sssd-ldap.5.xml:2541 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest USN " @@ -6362,101 +6543,101 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2429 +#: sssd-ldap.5.xml:2547 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2439 +#: sssd-ldap.5.xml:2557 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2442 +#: sssd-ldap.5.xml:2560 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2453 +#: sssd-ldap.5.xml:2571 msgid "ldap_sudo_hostnames (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2456 +#: sssd-ldap.5.xml:2574 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2461 +#: sssd-ldap.5.xml:2579 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2466 sssd-ldap.5.xml:2489 sssd-ldap.5.xml:2507 -#: sssd-ldap.5.xml:2525 +#: sssd-ldap.5.xml:2584 sssd-ldap.5.xml:2607 sssd-ldap.5.xml:2625 +#: sssd-ldap.5.xml:2643 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2471 sssd-ldap.5.xml:2494 +#: sssd-ldap.5.xml:2589 sssd-ldap.5.xml:2612 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2477 +#: sssd-ldap.5.xml:2595 msgid "ldap_sudo_ip (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2480 +#: sssd-ldap.5.xml:2598 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2485 +#: sssd-ldap.5.xml:2603 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2500 +#: sssd-ldap.5.xml:2618 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2503 +#: sssd-ldap.5.xml:2621 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2518 +#: sssd-ldap.5.xml:2636 msgid "ldap_sudo_include_regexp (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2521 +#: sssd-ldap.5.xml:2639 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2537 +#: sssd-ldap.5.xml:2655 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -6465,111 +6646,111 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2547 +#: sssd-ldap.5.xml:2665 msgid "AUTOFS OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2549 +#: sssd-ldap.5.xml:2667 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2555 +#: sssd-ldap.5.xml:2673 msgid "ldap_autofs_map_master_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2558 +#: sssd-ldap.5.xml:2676 msgid "The name of the automount master map in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2561 +#: sssd-ldap.5.xml:2679 msgid "Default: auto.master" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2568 +#: sssd-ldap.5.xml:2686 msgid "ldap_autofs_map_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2571 +#: sssd-ldap.5.xml:2689 msgid "The object class of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2574 +#: sssd-ldap.5.xml:2692 msgid "Default: nisMap (rfc2307, autofs_provider=ad), otherwise automountMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2582 +#: sssd-ldap.5.xml:2700 msgid "ldap_autofs_map_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2585 +#: sssd-ldap.5.xml:2703 msgid "The name of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2588 +#: sssd-ldap.5.xml:2706 msgid "" "Default: nisMapName (rfc2307, autofs_provider=ad), otherwise automountMapName" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2596 +#: sssd-ldap.5.xml:2714 msgid "ldap_autofs_entry_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2599 +#: sssd-ldap.5.xml:2717 msgid "" "The object class of an automount entry in LDAP. The entry usually " "corresponds to a mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2604 +#: sssd-ldap.5.xml:2722 msgid "Default: nisObject (rfc2307, autofs_provider=ad), otherwise automount" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2612 +#: sssd-ldap.5.xml:2730 msgid "ldap_autofs_entry_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2615 sssd-ldap.5.xml:2630 +#: sssd-ldap.5.xml:2733 sssd-ldap.5.xml:2748 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2619 +#: sssd-ldap.5.xml:2737 msgid "Default: cn (rfc2307, autofs_provider=ad), otherwise automountKey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2627 +#: sssd-ldap.5.xml:2745 msgid "ldap_autofs_entry_value (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2634 +#: sssd-ldap.5.xml:2752 msgid "" "Default: nisMapEntry (rfc2307, autofs_provider=ad), otherwise " "automountInformation" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2553 +#: sssd-ldap.5.xml:2671 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " @@ -6578,32 +6759,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2645 +#: sssd-ldap.5.xml:2763 msgid "ADVANCED OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2652 +#: sssd-ldap.5.xml:2770 msgid "ldap_netgroup_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2657 +#: sssd-ldap.5.xml:2775 msgid "ldap_user_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2662 +#: sssd-ldap.5.xml:2780 msgid "ldap_group_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> -#: sssd-ldap.5.xml:2667 +#: sssd-ldap.5.xml:2785 msgid "<note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> -#: sssd-ldap.5.xml:2669 +#: sssd-ldap.5.xml:2787 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " @@ -6612,22 +6793,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist> -#: sssd-ldap.5.xml:2676 +#: sssd-ldap.5.xml:2794 msgid "</note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2678 +#: sssd-ldap.5.xml:2796 msgid "ldap_sudo_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2683 +#: sssd-ldap.5.xml:2801 msgid "ldap_autofs_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2647 +#: sssd-ldap.5.xml:2765 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -6636,14 +6817,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2698 sssd-simple.5.xml:131 sssd-ipa.5.xml:717 -#: sssd-ad.5.xml:1018 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 +#: sssd-ldap.5.xml:2816 sssd-simple.5.xml:131 sssd-ipa.5.xml:736 +#: sssd-ad.5.xml:1038 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 #: sssd-files.5.xml:71 sssd-session-recording.5.xml:144 msgid "EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2700 +#: sssd-ldap.5.xml:2818 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -6651,7 +6832,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2706 +#: sssd-ldap.5.xml:2824 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -6664,27 +6845,27 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2705 sssd-ldap.5.xml:2723 sssd-simple.5.xml:139 -#: sssd-ipa.5.xml:725 sssd-ad.5.xml:1026 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 +#: sssd-ldap.5.xml:2823 sssd-ldap.5.xml:2841 sssd-simple.5.xml:139 +#: sssd-ipa.5.xml:744 sssd-ad.5.xml:1046 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 #: sssd-files.5.xml:78 sssd-session-recording.5.xml:150 #: include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2717 +#: sssd-ldap.5.xml:2835 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2719 +#: sssd-ldap.5.xml:2837 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2724 +#: sssd-ldap.5.xml:2842 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -6700,13 +6881,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2739 sssd_krb5_locator_plugin.8.xml:61 sssd-simple.5.xml:148 -#: sssd-ad.5.xml:1041 sssd.8.xml:195 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2857 sssd_krb5_locator_plugin.8.xml:61 sssd-simple.5.xml:148 +#: sssd-ad.5.xml:1061 sssd.8.xml:230 sss_seed.8.xml:163 msgid "NOTES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2741 +#: sssd-ldap.5.xml:2859 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -7112,7 +7293,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:70 sssd-ipa.5.xml:76 sssd-ad.5.xml:100 +#: sssd-simple.5.xml:70 sssd-ipa.5.xml:82 sssd-ad.5.xml:113 msgid "" "Refer to the section <quote>DOMAIN SECTIONS</quote> of the <citerefentry> " "<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" @@ -7962,7 +8143,7 @@ msgstr "" #: sss-certmap.5.xml:577 msgid "" "This template will add the OID which is stored in the registeredID component " -"of the SAN as as dotted-decimal string." +"of the SAN as a dotted-decimal string." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> @@ -8053,30 +8234,38 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:67 msgid "" +"If <quote>auth_provider=ipa</quote> or <quote>access_provider=ipa</quote> is " +"configured in sssd.conf then the id_provider must also be set to <quote>ipa</" +"quote>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:73 +msgid "" "The IPA provider will use the PAC responder if the Kerberos tickets of users " "from trusted realms contain a PAC. To make configuration easier the PAC " "responder is started automatically if the IPA ID provider is configured." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:83 +#: sssd-ipa.5.xml:89 msgid "ipa_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:86 +#: sssd-ipa.5.xml:92 msgid "" "Specifies the name of the IPA domain. This is optional. If not provided, " "the configuration domain name is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:94 +#: sssd-ipa.5.xml:100 msgid "ipa_server, ipa_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:97 +#: sssd-ipa.5.xml:103 msgid "" "The comma-separated list of IP addresses or hostnames of the IPA servers to " "which SSSD should connect in the order of preference. For more information " @@ -8086,12 +8275,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:110 +#: sssd-ipa.5.xml:116 msgid "ipa_hostname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:113 +#: sssd-ipa.5.xml:119 msgid "" "Optional. May be set on machines where the hostname(5) does not reflect the " "fully qualified name used in the IPA domain to identify this host. The " @@ -8099,12 +8288,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:122 sssd-ad.5.xml:843 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:863 msgid "dyndns_update (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:125 +#: sssd-ipa.5.xml:131 msgid "" "Optional. This option tells SSSD to automatically update the DNS server " "built into FreeIPA with the IP address of this client. The update is secured " @@ -8114,14 +8303,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:134 sssd-ad.5.xml:857 +#: sssd-ipa.5.xml:140 sssd-ad.5.xml:877 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:139 +#: sssd-ipa.5.xml:145 msgid "" "NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_update</" "emphasis> option, users should migrate to using <emphasis>dyndns_update</" @@ -8129,12 +8318,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:151 sssd-ad.5.xml:868 +#: sssd-ipa.5.xml:157 sssd-ad.5.xml:888 msgid "dyndns_ttl (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:154 sssd-ad.5.xml:871 +#: sssd-ipa.5.xml:160 sssd-ad.5.xml:891 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -8142,7 +8331,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:159 +#: sssd-ipa.5.xml:165 msgid "" "NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_ttl</" "emphasis> option, users should migrate to using <emphasis>dyndns_ttl</" @@ -8150,17 +8339,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:165 +#: sssd-ipa.5.xml:171 msgid "Default: 1200 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:171 sssd-ad.5.xml:882 +#: sssd-ipa.5.xml:177 sssd-ad.5.xml:902 msgid "dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:174 sssd-ad.5.xml:885 +#: sssd-ipa.5.xml:180 sssd-ad.5.xml:905 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " @@ -8169,7 +8358,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:181 +#: sssd-ipa.5.xml:187 msgid "" "NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_iface</" "emphasis> option, users should migrate to using <emphasis>dyndns_iface</" @@ -8177,24 +8366,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:187 +#: sssd-ipa.5.xml:193 msgid "" "Default: Use the IP addresses of the interface which is used for IPA LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:191 sssd-ad.5.xml:896 +#: sssd-ipa.5.xml:197 sssd-ad.5.xml:916 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:197 sssd-ad.5.xml:947 +#: sssd-ipa.5.xml:203 sssd-ad.5.xml:967 msgid "dyndns_auth (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:200 sssd-ad.5.xml:950 +#: sssd-ipa.5.xml:206 sssd-ad.5.xml:970 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " @@ -8202,22 +8391,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:206 sssd-ad.5.xml:956 +#: sssd-ipa.5.xml:212 sssd-ad.5.xml:976 msgid "Default: GSS-TSIG" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:212 +#: sssd-ipa.5.xml:218 msgid "ipa_enable_dns_sites (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:215 sssd-ad.5.xml:197 +#: sssd-ipa.5.xml:221 sssd-ad.5.xml:210 msgid "Enables DNS sites - location based service discovery." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:219 +#: sssd-ipa.5.xml:225 msgid "" "If true and service discovery (see Service Discovery paragraph at the bottom " "of the man page) is enabled, then the SSSD will first attempt location " @@ -8229,12 +8418,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:238 sssd-ad.5.xml:902 +#: sssd-ipa.5.xml:244 sssd-ad.5.xml:922 msgid "dyndns_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:241 +#: sssd-ipa.5.xml:247 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -8242,228 +8431,215 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:254 sssd-ad.5.xml:920 +#: sssd-ipa.5.xml:260 sssd-ad.5.xml:940 msgid "dyndns_update_ptr (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:257 sssd-ad.5.xml:923 +#: sssd-ipa.5.xml:263 sssd-ad.5.xml:943 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:262 +#: sssd-ipa.5.xml:268 msgid "" "This option should be False in most IPA deployments as the IPA server " "generates the PTR records automatically when forward records are changed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:268 +#: sssd-ipa.5.xml:274 msgid "Default: False (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:274 sssd-ad.5.xml:934 +#: sssd-ipa.5.xml:280 sssd-ad.5.xml:954 msgid "dyndns_force_tcp (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:277 sssd-ad.5.xml:937 +#: sssd-ipa.5.xml:283 sssd-ad.5.xml:957 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:281 sssd-ad.5.xml:941 +#: sssd-ipa.5.xml:287 sssd-ad.5.xml:961 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:287 sssd-ad.5.xml:962 +#: sssd-ipa.5.xml:293 sssd-ad.5.xml:982 msgid "dyndns_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:290 sssd-ad.5.xml:965 +#: sssd-ipa.5.xml:296 sssd-ad.5.xml:985 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:295 sssd-ad.5.xml:970 +#: sssd-ipa.5.xml:301 sssd-ad.5.xml:990 msgid "" "Setting this option makes sense for environments where the DNS server is " "different from the identity server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:300 sssd-ad.5.xml:975 +#: sssd-ipa.5.xml:306 sssd-ad.5.xml:995 msgid "" "Please note that this option will be only used in fallback attempt when " "previous attempt using autodetected settings failed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:305 sssd-ad.5.xml:980 +#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1000 msgid "Default: None (let nsupdate choose the server)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:311 +#: sssd-ipa.5.xml:317 msgid "ipa_deskprofile_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:314 +#: sssd-ipa.5.xml:320 msgid "" "Optional. Use the given string as search base for Desktop Profile related " "objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:318 sssd-ipa.5.xml:331 +#: sssd-ipa.5.xml:324 sssd-ipa.5.xml:337 msgid "Default: Use base DN" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:324 +#: sssd-ipa.5.xml:330 msgid "ipa_hbac_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:327 +#: sssd-ipa.5.xml:333 msgid "Optional. Use the given string as search base for HBAC related objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:337 +#: sssd-ipa.5.xml:343 msgid "ipa_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:340 -msgid "Optional. Use the given string as search base for host objects." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:344 sssd-ipa.5.xml:363 sssd-ipa.5.xml:382 sssd-ipa.5.xml:401 -#: sssd-ipa.5.xml:420 -msgid "" -"See <quote>ldap_search_base</quote> for information about configuring " -"multiple search bases." -msgstr "" - -#. type: Content of: <listitem><para> -#: sssd-ipa.5.xml:349 sssd-ipa.5.xml:368 include/ldap_search_bases.xml:27 -msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" +#: sssd-ipa.5.xml:346 +msgid "Deprecated. Use ldap_host_search_base instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:356 +#: sssd-ipa.5.xml:352 msgid "ipa_selinux_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:359 +#: sssd-ipa.5.xml:355 msgid "Optional. Use the given string as search base for SELinux user maps." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:375 +#: sssd-ipa.5.xml:371 msgid "ipa_subdomains_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:378 +#: sssd-ipa.5.xml:374 msgid "Optional. Use the given string as search base for trusted domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:387 +#: sssd-ipa.5.xml:383 msgid "Default: the value of <emphasis>cn=trusts,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:394 +#: sssd-ipa.5.xml:390 msgid "ipa_master_domain_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:397 +#: sssd-ipa.5.xml:393 msgid "Optional. Use the given string as search base for master domain object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:406 +#: sssd-ipa.5.xml:402 msgid "Default: the value of <emphasis>cn=ad,cn=etc,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:413 +#: sssd-ipa.5.xml:409 msgid "ipa_views_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:416 +#: sssd-ipa.5.xml:412 msgid "Optional. Use the given string as search base for views containers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:425 +#: sssd-ipa.5.xml:421 msgid "Default: the value of <emphasis>cn=views,cn=accounts,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:435 +#: sssd-ipa.5.xml:431 msgid "" "The name of the Kerberos realm. This is optional and defaults to the value " "of <quote>ipa_domain</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:439 +#: sssd-ipa.5.xml:435 msgid "" "The name of the Kerberos realm has a special meaning in IPA - it is " "converted into the base DN to use for performing LDAP operations." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:447 sssd-ad.5.xml:989 +#: sssd-ipa.5.xml:443 sssd-ad.5.xml:1009 msgid "krb5_confd_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:450 sssd-ad.5.xml:992 +#: sssd-ipa.5.xml:446 sssd-ad.5.xml:1012 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:454 sssd-ad.5.xml:996 +#: sssd-ipa.5.xml:450 sssd-ad.5.xml:1016 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:458 sssd-ad.5.xml:1000 +#: sssd-ipa.5.xml:454 sssd-ad.5.xml:1020 msgid "" "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:465 +#: sssd-ipa.5.xml:461 msgid "ipa_deskprofile_refresh (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:468 +#: sssd-ipa.5.xml:464 msgid "" "The amount of time between lookups of the Desktop Profile rules against the " "IPA server. This will reduce the latency and load on the IPA server if there " @@ -8471,34 +8647,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:475 sssd-ipa.5.xml:505 sssd-ipa.5.xml:521 sssd-ad.5.xml:408 +#: sssd-ipa.5.xml:471 sssd-ipa.5.xml:501 sssd-ipa.5.xml:517 sssd-ad.5.xml:428 msgid "Default: 5 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:481 +#: sssd-ipa.5.xml:477 msgid "ipa_deskprofile_request_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:484 +#: sssd-ipa.5.xml:480 msgid "" "The amount of time between lookups of the Desktop Profile rules against the " "IPA server in case the last request did not return any rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:489 +#: sssd-ipa.5.xml:485 msgid "Default: 60 (minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:495 +#: sssd-ipa.5.xml:491 msgid "ipa_hbac_refresh (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:498 +#: sssd-ipa.5.xml:494 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server. " "This will reduce the latency and load on the IPA server if there are many " @@ -8506,12 +8682,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:511 +#: sssd-ipa.5.xml:507 msgid "ipa_hbac_selinux (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:514 +#: sssd-ipa.5.xml:510 msgid "" "The amount of time between lookups of the SELinux maps against the IPA " "server. This will reduce the latency and load on the IPA server if there are " @@ -8519,192 +8695,214 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:527 +#: sssd-ipa.5.xml:523 msgid "ipa_server_mode (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:530 +#: sssd-ipa.5.xml:526 msgid "" "This option will be set by the IPA installer (ipa-server-install) " "automatically and denotes if SSSD is running on an IPA server or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:535 +#: sssd-ipa.5.xml:531 msgid "" "On an IPA server SSSD will lookup users and groups from trusted domains " "directly while on a client it will ask an IPA server." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:536 +msgid "" +"NOTE: There are currently some assumptions that must be met when SSSD is " +"running on an IPA server." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ipa.5.xml:541 +msgid "" +"The <quote>ipa_server</quote> option must be configured to point to the IPA " +"server itself. This is already the default set by the IPA installer, so no " +"manual change is required." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ipa.5.xml:550 +msgid "" +"The <quote>full_name_format</quote> option must not be tweaked to only print " +"short names for users from trusted domains." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:546 +#: sssd-ipa.5.xml:565 msgid "ipa_automount_location (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:549 +#: sssd-ipa.5.xml:568 msgid "The automounter location this IPA client will be using" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:552 +#: sssd-ipa.5.xml:571 msgid "Default: The location named \"default\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:560 +#: sssd-ipa.5.xml:579 msgid "VIEWS AND OVERRIDES" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:569 +#: sssd-ipa.5.xml:588 msgid "ipa_view_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:572 +#: sssd-ipa.5.xml:591 msgid "Objectclass of the view container." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:575 +#: sssd-ipa.5.xml:594 msgid "Default: nsContainer" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:581 +#: sssd-ipa.5.xml:600 msgid "ipa_view_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:584 +#: sssd-ipa.5.xml:603 msgid "Name of the attribute holding the name of the view." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:594 +#: sssd-ipa.5.xml:613 msgid "ipa_override_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:597 +#: sssd-ipa.5.xml:616 msgid "Objectclass of the override objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:600 +#: sssd-ipa.5.xml:619 msgid "Default: ipaOverrideAnchor" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:606 +#: sssd-ipa.5.xml:625 msgid "ipa_anchor_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:609 +#: sssd-ipa.5.xml:628 msgid "" "Name of the attribute containing the reference to the original object in a " "remote domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:613 +#: sssd-ipa.5.xml:632 msgid "Default: ipaAnchorUUID" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:619 +#: sssd-ipa.5.xml:638 msgid "ipa_user_override_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:622 +#: sssd-ipa.5.xml:641 msgid "" "Name of the objectclass for user overrides. It is used to determine if the " "found override object is related to a user or a group." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:627 +#: sssd-ipa.5.xml:646 msgid "User overrides can contain attributes given by" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:630 +#: sssd-ipa.5.xml:649 msgid "ldap_user_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:633 +#: sssd-ipa.5.xml:652 msgid "ldap_user_uid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:636 +#: sssd-ipa.5.xml:655 msgid "ldap_user_gid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:639 +#: sssd-ipa.5.xml:658 msgid "ldap_user_gecos" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:642 +#: sssd-ipa.5.xml:661 msgid "ldap_user_home_directory" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:645 +#: sssd-ipa.5.xml:664 msgid "ldap_user_shell" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:648 +#: sssd-ipa.5.xml:667 msgid "ldap_user_ssh_public_key" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:653 +#: sssd-ipa.5.xml:672 msgid "Default: ipaUserOverride" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:659 +#: sssd-ipa.5.xml:678 msgid "ipa_group_override_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:662 +#: sssd-ipa.5.xml:681 msgid "" "Name of the objectclass for group overrides. It is used to determine if the " "found override object is related to a user or a group." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:667 +#: sssd-ipa.5.xml:686 msgid "Group overrides can contain attributes given by" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:670 +#: sssd-ipa.5.xml:689 msgid "ldap_group_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:673 +#: sssd-ipa.5.xml:692 msgid "ldap_group_gid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:678 +#: sssd-ipa.5.xml:697 msgid "Default: ipaGroupOverride" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:562 +#: sssd-ipa.5.xml:581 msgid "" "SSSD can handle views and overrides which are offered by FreeIPA 4.1 and " "later version. Since all paths and objectclasses are fixed on the server " @@ -8714,19 +8912,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ipa.5.xml:690 +#: sssd-ipa.5.xml:709 msgid "SUBDOMAINS PROVIDER" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:692 +#: sssd-ipa.5.xml:711 msgid "" "The IPA subdomains provider behaves slightly differently if it is configured " "explicitly or implicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:696 +#: sssd-ipa.5.xml:715 msgid "" "If the option 'subdomains_provider = ipa' is found in the domain section of " "sssd.conf, the IPA subdomains provider is configured explicitly, and all " @@ -8734,7 +8932,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:702 +#: sssd-ipa.5.xml:721 msgid "" "If the option 'subdomains_provider' is not set in the domain section of sssd." "conf but there is the option 'id_provider = ipa', the IPA subdomains " @@ -8746,7 +8944,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:719 +#: sssd-ipa.5.xml:738 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -8754,7 +8952,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:726 +#: sssd-ipa.5.xml:745 #, no-wrap msgid "" "[domain/example.com]\n" @@ -8790,7 +8988,7 @@ msgid "" "This provider requires that the machine be joined to the AD domain and a " "keytab is available. Back end communication occurs over a GSSAPI-encrypted " "channel, SSL/TLS options should not be used with the AD provider and will be " -"superceded by Kerberos usage." +"superseded by Kerberos usage." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> @@ -8838,8 +9036,16 @@ msgid "" "side." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ad.5.xml:79 +msgid "" +"If <quote>auth_provider=ad</quote> or <quote>access_provider=ad</quote> is " +"configured in sssd.conf then the id_provider must also be set to <quote>ad</" +"quote>." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:85 +#: sssd-ad.5.xml:91 #, no-wrap msgid "" "ldap_id_mapping = False\n" @@ -8847,20 +9053,25 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:79 +#: sssd-ad.5.xml:85 msgid "" "By default, the AD provider will map UID and GID values from the objectSID " "parameter in Active Directory. For details on this, see the <quote>ID " "MAPPING</quote> section below. If you want to disable ID mapping and instead " "rely on POSIX attributes defined in Active Directory, you should set " -"<placeholder type=\"programlisting\" id=\"0\"/> In order to retrieve users " -"and groups using POSIX attributes from trusted domains, the AD administrator " -"must make sure that the POSIX attributes are replicated to the Global " -"Catalog." +"<placeholder type=\"programlisting\" id=\"0\"/> If POSIX attributes should " +"be used, it is recommended for performance reasons that the attributes are " +"also replicated to the Global Catalog. If POSIX attributes are replicated, " +"SSSD will attempt to locate the domain of a requested numerical ID with the " +"help of the Global Catalog and only search that domain. In contrast, if " +"POSIX attributes are not replicated to the Global Catalog, SSSD must search " +"all the domains in the forest sequentially. Please note that the " +"<quote>cache_first</quote> option might be also helpful in speeding up " +"domainless searches." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:92 +#: sssd-ad.5.xml:105 msgid "" "Users, groups and other entities served by SSSD are always treated as case-" "insensitive in the AD provider for compatibility with Active Directory's " @@ -8868,38 +9079,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:107 +#: sssd-ad.5.xml:120 msgid "ad_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:110 +#: sssd-ad.5.xml:123 msgid "" "Specifies the name of the Active Directory domain. This is optional. If not " "provided, the configuration domain name is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:115 +#: sssd-ad.5.xml:128 msgid "" "For proper operation, this option should be specified as the lower-case " "version of the long version of the Active Directory domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:120 +#: sssd-ad.5.xml:133 msgid "" "The short domain name (also known as the NetBIOS or the flat name) is " "autodetected by the SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:127 +#: sssd-ad.5.xml:140 msgid "ad_enabled_domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:130 +#: sssd-ad.5.xml:143 msgid "" "A comma-separated list of enabled Active Directory domains. If provided, " "SSSD will ignore any domains not listed in this option. If left unset, all " @@ -8907,7 +9118,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:140 +#: sssd-ad.5.xml:153 #, no-wrap msgid "" "ad_enabled_domains = sales.example.com, eng.example.com\n" @@ -8915,7 +9126,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:136 +#: sssd-ad.5.xml:149 msgid "" "For proper operation, this option must be specified in all lower-case and as " "the fully qualified domain name of the Active Directory domain. For example: " @@ -8923,19 +9134,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:144 +#: sssd-ad.5.xml:157 msgid "" "The short domain name (also known as the NetBIOS or the flat name) will be " "autodetected by SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:154 +#: sssd-ad.5.xml:167 msgid "ad_server, ad_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:157 +#: sssd-ad.5.xml:170 msgid "" "The comma-separated list of hostnames of the AD servers to which SSSD should " "connect in order of preference. For more information on failover and server " @@ -8943,26 +9154,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:164 +#: sssd-ad.5.xml:177 msgid "" "This is optional if autodiscovery is enabled. For more information on " "service discovery, refer to the <quote>SERVICE DISCOVERY</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:169 +#: sssd-ad.5.xml:182 msgid "" "Note: Trusted domains will always auto-discover servers even if the primary " "server is explicitly defined in the ad_server option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:177 +#: sssd-ad.5.xml:190 msgid "ad_hostname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:180 +#: sssd-ad.5.xml:193 msgid "" "Optional. May be set on machines where the hostname(5) does not reflect the " "fully qualified name used in the Active Directory domain to identify this " @@ -8970,19 +9181,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:186 +#: sssd-ad.5.xml:199 msgid "" "This field is used to determine the host principal in use in the keytab. It " "must match the hostname for which the keytab was issued." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:194 +#: sssd-ad.5.xml:207 msgid "ad_enable_dns_sites (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:201 +#: sssd-ad.5.xml:214 msgid "" "If true and service discovery (see Service Discovery paragraph at the bottom " "of the man page) is enabled, the SSSD will first attempt to discover the " @@ -8993,12 +9204,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:217 +#: sssd-ad.5.xml:230 msgid "ad_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:220 +#: sssd-ad.5.xml:233 msgid "" "This option specifies LDAP access control filter that the user must match in " "order to be allowed access. Please note that the <quote>access_provider</" @@ -9007,7 +9218,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:228 +#: sssd-ad.5.xml:241 msgid "" "The option also supports specifying different filters per domain or forest. " "This extended filter would consist of: <quote>KEYWORD:NAME:FILTER</quote>. " @@ -9016,7 +9227,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:236 +#: sssd-ad.5.xml:249 msgid "" "If the keyword equals to <quote>DOM</quote> or is missing, then <quote>NAME</" "quote> specifies the domain or subdomain the filter applies to. If the " @@ -9025,14 +9236,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:244 +#: sssd-ad.5.xml:257 msgid "" "Multiple filters can be separated with the <quote>?</quote> character, " "similarly to how search bases work." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:249 +#: sssd-ad.5.xml:262 msgid "" "Nested group membership must be searched for using a special OID " "<quote>:1.2.840.113556.1.4.1941:</quote> in addition to the full DOM:domain." @@ -9045,7 +9256,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:262 +#: sssd-ad.5.xml:275 msgid "" "The most specific match is always used. For example, if the option specified " "filter for a domain the user is a member of and a global filter, the per-" @@ -9054,7 +9265,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ad.5.xml:273 +#: sssd-ad.5.xml:286 #, no-wrap msgid "" "# apply filter on domain called dom1 only:\n" @@ -9072,24 +9283,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:292 +#: sssd-ad.5.xml:305 msgid "ad_site (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:295 +#: sssd-ad.5.xml:308 msgid "" "Specify AD site to which client should try to connect. If this option is " "not provided, the AD site will be auto-discovered." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:306 +#: sssd-ad.5.xml:319 msgid "ad_enable_gc (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:309 +#: sssd-ad.5.xml:322 msgid "" "By default, the SSSD connects to the Global Catalog first to retrieve users " "from trusted domains and uses the LDAP port to retrieve group memberships or " @@ -9098,7 +9309,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:317 +#: sssd-ad.5.xml:330 msgid "" "Please note that disabling Global Catalog support does not disable " "retrieving users from trusted domains. The SSSD would connect to the LDAP " @@ -9107,12 +9318,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:331 +#: sssd-ad.5.xml:344 msgid "ad_gpo_access_control (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:334 +#: sssd-ad.5.xml:347 msgid "" "This option specifies the operation mode for GPO-based access control " "functionality: whether it operates in disabled mode, enforcing mode, or " @@ -9122,14 +9333,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:343 +#: sssd-ad.5.xml:356 msgid "" "GPO-based access control functionality uses GPO policy settings to determine " "whether or not a particular user is allowed to logon to a particular host." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:349 +#: sssd-ad.5.xml:362 +msgid "" +"NOTE: The current version of SSSD does not support host (computer) entries " +"in the GPO 'Security Filtering' list. Only user and group entries are " +"supported. Host entries in the list have no effect." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:369 msgid "" "NOTE: If the operation mode is set to enforcing, it is possible that users " "that were previously allowed logon access will now be denied logon access " @@ -9142,23 +9361,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:362 +#: sssd-ad.5.xml:382 msgid "There are three supported values for this option:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:366 +#: sssd-ad.5.xml:386 msgid "" "disabled: GPO-based access control rules are neither evaluated nor enforced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:372 +#: sssd-ad.5.xml:392 msgid "enforcing: GPO-based access control rules are evaluated and enforced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:378 +#: sssd-ad.5.xml:398 msgid "" "permissive: GPO-based access control rules are evaluated, but not enforced. " "Instead, a syslog message will be emitted indicating that the user would " @@ -9166,22 +9385,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:389 +#: sssd-ad.5.xml:409 msgid "Default: permissive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:392 +#: sssd-ad.5.xml:412 msgid "Default: enforcing" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:398 +#: sssd-ad.5.xml:418 msgid "ad_gpo_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:401 +#: sssd-ad.5.xml:421 msgid "" "The amount of time between lookups of GPO policy files against the AD " "server. This will reduce the latency and load on the AD server if there are " @@ -9189,12 +9408,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:414 +#: sssd-ad.5.xml:434 msgid "ad_gpo_map_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:417 +#: sssd-ad.5.xml:437 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the InteractiveLogonRight and " @@ -9202,14 +9421,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:423 +#: sssd-ad.5.xml:443 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on locally\" and \"Deny log on locally\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:437 +#: sssd-ad.5.xml:457 #, no-wrap msgid "" "ad_gpo_map_interactive = +my_pam_service, -login\n" @@ -9217,7 +9436,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:428 +#: sssd-ad.5.xml:448 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9229,78 +9448,78 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:441 sssd-ad.5.xml:537 sssd-ad.5.xml:583 sssd-ad.5.xml:628 -#: sssd-ad.5.xml:694 +#: sssd-ad.5.xml:461 sssd-ad.5.xml:557 sssd-ad.5.xml:603 sssd-ad.5.xml:648 +#: sssd-ad.5.xml:714 msgid "Default: the default set of PAM service names includes:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:445 +#: sssd-ad.5.xml:465 msgid "login" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:450 +#: sssd-ad.5.xml:470 msgid "su" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:455 +#: sssd-ad.5.xml:475 msgid "su-l" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:460 +#: sssd-ad.5.xml:480 msgid "gdm-fingerprint" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:465 +#: sssd-ad.5.xml:485 msgid "gdm-password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:470 +#: sssd-ad.5.xml:490 msgid "gdm-smartcard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:475 +#: sssd-ad.5.xml:495 msgid "kdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:480 +#: sssd-ad.5.xml:500 msgid "lightdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:485 +#: sssd-ad.5.xml:505 msgid "lxdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:490 +#: sssd-ad.5.xml:510 msgid "sddm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:495 +#: sssd-ad.5.xml:515 msgid "unity" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:500 +#: sssd-ad.5.xml:520 msgid "xdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:509 +#: sssd-ad.5.xml:529 msgid "ad_gpo_map_remote_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:512 +#: sssd-ad.5.xml:532 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the RemoteInteractiveLogonRight and " @@ -9308,7 +9527,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:518 +#: sssd-ad.5.xml:538 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on through Remote Desktop Services\" and \"Deny log on through Remote " @@ -9316,7 +9535,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:533 +#: sssd-ad.5.xml:553 #, no-wrap msgid "" "ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n" @@ -9324,7 +9543,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:524 +#: sssd-ad.5.xml:544 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9336,22 +9555,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:541 +#: sssd-ad.5.xml:561 msgid "sshd" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:546 +#: sssd-ad.5.xml:566 msgid "cockpit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:555 +#: sssd-ad.5.xml:575 msgid "ad_gpo_map_network (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:558 +#: sssd-ad.5.xml:578 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the NetworkLogonRight and " @@ -9359,7 +9578,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:564 +#: sssd-ad.5.xml:584 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Access " "this computer from the network\" and \"Deny access to this computer from the " @@ -9367,7 +9586,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:579 +#: sssd-ad.5.xml:599 #, no-wrap msgid "" "ad_gpo_map_network = +my_pam_service, -ftp\n" @@ -9375,7 +9594,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:570 +#: sssd-ad.5.xml:590 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9387,22 +9606,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:587 +#: sssd-ad.5.xml:607 msgid "ftp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:592 +#: sssd-ad.5.xml:612 msgid "samba" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:601 +#: sssd-ad.5.xml:621 msgid "ad_gpo_map_batch (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:604 +#: sssd-ad.5.xml:624 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " @@ -9410,14 +9629,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:610 +#: sssd-ad.5.xml:630 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a batch job\" and \"Deny log on as a batch job\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:624 +#: sssd-ad.5.xml:644 #, no-wrap msgid "" "ad_gpo_map_batch = +my_pam_service, -crond\n" @@ -9425,7 +9644,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:615 +#: sssd-ad.5.xml:635 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9437,17 +9656,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:632 +#: sssd-ad.5.xml:652 msgid "crond" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:641 +#: sssd-ad.5.xml:661 msgid "ad_gpo_map_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:644 +#: sssd-ad.5.xml:664 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the ServiceLogonRight and " @@ -9455,14 +9674,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:650 +#: sssd-ad.5.xml:670 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a service\" and \"Deny log on as a service\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:663 +#: sssd-ad.5.xml:683 #, no-wrap msgid "" "ad_gpo_map_service = +my_pam_service\n" @@ -9470,7 +9689,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:655 sssd-ad.5.xml:730 +#: sssd-ad.5.xml:675 sssd-ad.5.xml:750 msgid "" "It is possible to add a PAM service name to the default set by using <quote>" "+service_name</quote>. Since the default set is empty, it is not possible " @@ -9481,19 +9700,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:673 +#: sssd-ad.5.xml:693 msgid "ad_gpo_map_permit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:676 +#: sssd-ad.5.xml:696 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always granted, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:690 +#: sssd-ad.5.xml:710 #, no-wrap msgid "" "ad_gpo_map_permit = +my_pam_service, -sudo\n" @@ -9501,7 +9720,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:681 +#: sssd-ad.5.xml:701 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9513,39 +9732,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:698 +#: sssd-ad.5.xml:718 msgid "polkit-1" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:703 +#: sssd-ad.5.xml:723 msgid "sudo" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:708 +#: sssd-ad.5.xml:728 msgid "sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:713 +#: sssd-ad.5.xml:733 msgid "systemd-user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:722 +#: sssd-ad.5.xml:742 msgid "ad_gpo_map_deny (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:725 +#: sssd-ad.5.xml:745 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always denied, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:738 +#: sssd-ad.5.xml:758 #, no-wrap msgid "" "ad_gpo_map_deny = +my_pam_service\n" @@ -9553,12 +9772,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:748 +#: sssd-ad.5.xml:768 msgid "ad_gpo_default_right (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:751 +#: sssd-ad.5.xml:771 msgid "" "This option defines how access control is evaluated for PAM service names " "that are not explicitly listed in one of the ad_gpo_map_* options. This " @@ -9571,57 +9790,57 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:764 +#: sssd-ad.5.xml:784 msgid "Supported values for this option include:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:768 +#: sssd-ad.5.xml:788 msgid "interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:773 +#: sssd-ad.5.xml:793 msgid "remote_interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:778 +#: sssd-ad.5.xml:798 msgid "network" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:783 +#: sssd-ad.5.xml:803 msgid "batch" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:788 +#: sssd-ad.5.xml:808 msgid "service" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:793 +#: sssd-ad.5.xml:813 msgid "permit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:798 +#: sssd-ad.5.xml:818 msgid "deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:804 +#: sssd-ad.5.xml:824 msgid "Default: deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:810 +#: sssd-ad.5.xml:830 msgid "ad_maximum_machine_account_password_age (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:813 +#: sssd-ad.5.xml:833 msgid "" "SSSD will check once a day if the machine account password is older than the " "given age in days and try to renew it. A value of 0 will disable the renewal " @@ -9629,17 +9848,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:819 +#: sssd-ad.5.xml:839 msgid "Default: 30 days" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:825 +#: sssd-ad.5.xml:845 msgid "ad_machine_account_password_renewal_opts (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:828 +#: sssd-ad.5.xml:848 msgid "" "This option should only be used to test the machine account renewal task. " "The option expects 2 integers separated by a colon (':'). The first integer " @@ -9649,12 +9868,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:837 +#: sssd-ad.5.xml:857 msgid "Default: 86400:750 (24h and 15m)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:846 +#: sssd-ad.5.xml:866 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -9665,19 +9884,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:876 +#: sssd-ad.5.xml:896 msgid "Default: 3600 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:892 +#: sssd-ad.5.xml:912 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:905 +#: sssd-ad.5.xml:925 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -9687,12 +9906,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:928 sss_rpcidmapd.5.xml:76 +#: sssd-ad.5.xml:948 sss_rpcidmapd.5.xml:76 msgid "Default: True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1020 +#: sssd-ad.5.xml:1040 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -9700,7 +9919,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1027 +#: sssd-ad.5.xml:1047 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -9715,7 +9934,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1047 +#: sssd-ad.5.xml:1067 #, no-wrap msgid "" "access_provider = ldap\n" @@ -9724,7 +9943,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1043 +#: sssd-ad.5.xml:1063 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -9732,7 +9951,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1053 +#: sssd-ad.5.xml:1073 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -9742,7 +9961,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1061 +#: sssd-ad.5.xml:1081 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " @@ -10052,33 +10271,73 @@ msgid "" "files for every SSSD service and domain." msgstr "" +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:94 +msgid "" +"This option is deprecated. It is replaced by <option>--logger=files</option>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sssd.8.xml:101 +msgid "<option>--logger=</option><replaceable>value</replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:105 +msgid "" +"Location where SSSD will send log messages. This option overrides the value " +"of the deprecated option <option>--debug-to-files</option>. The deprecated " +"option will still work if the <option>--logger</option> is not used." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:112 +msgid "" +"<emphasis>stderr</emphasis>: Redirect debug messages to standard error " +"output." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:116 +msgid "" +"<emphasis>files</emphasis>: Redirect debug messages to the log files. By " +"default, the log files are stored in <filename>/var/log/sssd</filename> and " +"there are separate log files for every SSSD service and domain." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:122 +msgid "" +"<emphasis>journald</emphasis>: Redirect debug messages to systemd-journald" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:97 +#: sssd.8.xml:132 msgid "<option>-D</option>,<option>--daemon</option>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:101 +#: sssd.8.xml:136 msgid "Become a daemon after starting up." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:107 sss_seed.8.xml:136 +#: sssd.8.xml:142 sss_seed.8.xml:136 msgid "<option>-i</option>,<option>--interactive</option>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:111 +#: sssd.8.xml:146 msgid "Run in the foreground, don't become a daemon." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:117 +#: sssd.8.xml:152 msgid "<option>-c</option>,<option>--config</option>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:121 +#: sssd.8.xml:156 msgid "" "Specify a non-default config file. The default is <filename>/etc/sssd/sssd." "conf</filename>. For reference on the config file syntax and options, " @@ -10087,39 +10346,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:135 +#: sssd.8.xml:170 msgid "<option>--version</option>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:139 +#: sssd.8.xml:174 msgid "Print version number and exit." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.8.xml:147 +#: sssd.8.xml:182 msgid "Signals" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:150 +#: sssd.8.xml:185 msgid "SIGTERM/SIGINT" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:153 +#: sssd.8.xml:188 msgid "" "Informs the SSSD to gracefully terminate all of its child processes and then " "shut down the monitor." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:159 +#: sssd.8.xml:194 msgid "SIGHUP" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:162 +#: sssd.8.xml:197 msgid "" "Tells the SSSD to stop writing to its current debug file descriptors and to " "close and reopen them. This is meant to facilitate log rolling with programs " @@ -10127,12 +10386,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:170 +#: sssd.8.xml:205 msgid "SIGUSR1" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:173 +#: sssd.8.xml:208 msgid "" "Tells the SSSD to simulate offline operation for the duration of the " "<quote>offline_timeout</quote> parameter. This is useful for testing. The " @@ -10141,12 +10400,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:182 +#: sssd.8.xml:217 msgid "SIGUSR2" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:185 +#: sssd.8.xml:220 msgid "" "Tells the SSSD to go online immediately. This is useful for testing. The " "signal can be sent to either the sssd process or any sssd_be process " @@ -10154,7 +10413,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.8.xml:197 +#: sssd.8.xml:232 msgid "" "If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", client " "applications will not use the fast in memory cache." @@ -12512,7 +12771,7 @@ msgid "" "project was born to deal with this problem in cloud like environments, but " "we found the idea compelling even at a single system level. As a security " "service, SSSD is ideal to host this capability while offering the same API " -"via a Unix Socket. This will make it possible to use local calls and have " +"via a UNIX Socket. This will make it possible to use local calls and have " "them transparently routed to a local or a remote key management store like " "IPA Vault for storage, escrow and recovery." msgstr "" diff --git a/src/man/po/ru.po b/src/man/po/ru.po index 4f93a289be9..e0f90a83090 100644 --- a/src/man/po/ru.po +++ b/src/man/po/ru.po @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: sssd-docs 1.15.3\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2017-10-20 16:15+0200\n" +"POT-Creation-Date: 2018-03-09 12:30+0100\n" "PO-Revision-Date: 2014-12-15 12:07-0500\n" "Last-Translator: Copied by Zanata <copied-by-zanata@zanata.org>\n" "Language-Team: Russian (http://www.transifex.com/projects/p/sssd/language/" @@ -295,9 +295,9 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:133 sssd.conf.5.xml:543 sssd.conf.5.xml:837 -#: sssd.conf.5.xml:1467 sssd-ldap.5.xml:1722 sssd-ldap.5.xml:1819 -#: sssd-ldap.5.xml:1881 sssd-ldap.5.xml:2447 sssd-ldap.5.xml:2512 -#: sssd-ldap.5.xml:2530 sssd-ad.5.xml:211 sssd-ad.5.xml:325 sssd-ad.5.xml:862 +#: sssd.conf.5.xml:1474 sssd-ldap.5.xml:1840 sssd-ldap.5.xml:1937 +#: sssd-ldap.5.xml:1999 sssd-ldap.5.xml:2565 sssd-ldap.5.xml:2630 +#: sssd-ldap.5.xml:2648 sssd-ad.5.xml:224 sssd-ad.5.xml:338 sssd-ad.5.xml:882 #: sssd-krb5.5.xml:499 sssd-secrets.5.xml:351 sssd-secrets.5.xml:364 msgid "Default: true" msgstr "" @@ -316,16 +316,16 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:146 sssd.conf.5.xml:540 sssd.conf.5.xml:721 -#: sssd.conf.5.xml:1400 sssd.conf.5.xml:2865 sssd-ldap.5.xml:708 -#: sssd-ldap.5.xml:1596 sssd-ldap.5.xml:1615 sssd-ldap.5.xml:1791 -#: sssd-ldap.5.xml:2217 sssd-ipa.5.xml:145 sssd-ipa.5.xml:232 -#: sssd-ipa.5.xml:540 sssd-krb5.5.xml:266 sssd-krb5.5.xml:300 +#: sssd.conf.5.xml:1407 sssd.conf.5.xml:2925 sssd-ldap.5.xml:708 +#: sssd-ldap.5.xml:1714 sssd-ldap.5.xml:1733 sssd-ldap.5.xml:1909 +#: sssd-ldap.5.xml:2335 sssd-ipa.5.xml:151 sssd-ipa.5.xml:238 +#: sssd-ipa.5.xml:559 sssd-krb5.5.xml:266 sssd-krb5.5.xml:300 #: sssd-krb5.5.xml:471 msgid "Default: false" msgstr "По умолчанию: false" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2255 +#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2373 #: sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 sssd-systemtap.5.xml:210 #: sssd-systemtap.5.xml:248 sssd-systemtap.5.xml:304 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" @@ -350,8 +350,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:169 sssd.conf.5.xml:1352 sssd.conf.5.xml:2881 -#: sssd-ldap.5.xml:1467 include/ldap_id_mapping.xml:264 +#: sssd.conf.5.xml:169 sssd.conf.5.xml:1359 sssd.conf.5.xml:2941 +#: sssd-ldap.5.xml:1585 include/ldap_id_mapping.xml:264 msgid "Default: 10" msgstr "По умолчанию: 10" @@ -366,7 +366,7 @@ msgid "The [sssd] section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:191 sssd.conf.5.xml:2970 +#: sssd.conf.5.xml:191 sssd.conf.5.xml:3030 msgid "Section parameters" msgstr "" @@ -392,7 +392,7 @@ msgstr "службы" msgid "" "Comma separated list of services that are started when sssd itself starts. " "<phrase condition=\"have_systemd\"> The services' list is optional on " -"platforms where systemd is supported, as they will either be socket or dbus " +"platforms where systemd is supported, as they will either be socket or D-Bus " "activated when needed. </phrase>" msgstr "" @@ -446,7 +446,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:259 sssd.conf.5.xml:2508 +#: sssd.conf.5.xml:259 sssd.conf.5.xml:2539 msgid "re_expression (string)" msgstr "" @@ -466,12 +466,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:276 sssd.conf.5.xml:2559 +#: sssd.conf.5.xml:276 sssd.conf.5.xml:2590 msgid "full_name_format (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:279 sssd.conf.5.xml:2562 +#: sssd.conf.5.xml:279 sssd.conf.5.xml:2593 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -479,39 +479,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:290 sssd.conf.5.xml:2573 +#: sssd.conf.5.xml:290 sssd.conf.5.xml:2604 msgid "%1$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:291 sssd.conf.5.xml:2574 +#: sssd.conf.5.xml:291 sssd.conf.5.xml:2605 msgid "user name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:294 sssd.conf.5.xml:2577 +#: sssd.conf.5.xml:294 sssd.conf.5.xml:2608 msgid "%2$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:297 sssd.conf.5.xml:2580 +#: sssd.conf.5.xml:297 sssd.conf.5.xml:2611 msgid "domain name as specified in the SSSD config file." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:303 sssd.conf.5.xml:2586 +#: sssd.conf.5.xml:303 sssd.conf.5.xml:2617 msgid "%3$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:306 sssd.conf.5.xml:2589 +#: sssd.conf.5.xml:306 sssd.conf.5.xml:2620 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:287 sssd.conf.5.xml:2570 +#: sssd.conf.5.xml:287 sssd.conf.5.xml:2601 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -635,12 +635,13 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:418 sssd.conf.5.xml:1156 sssd-ldap.5.xml:679 -#: sssd-ldap.5.xml:1555 sssd-ldap.5.xml:1567 sssd-ldap.5.xml:1649 -#: sssd-ad.5.xml:667 sssd-ad.5.xml:742 sssd-krb5.5.xml:410 sssd-krb5.5.xml:556 -#: sssd-secrets.5.xml:339 sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 -#: sssd-secrets.5.xml:404 sssd-secrets.5.xml:415 -#: include/ldap_id_mapping.xml:205 include/ldap_id_mapping.xml:216 +#: sssd.conf.5.xml:418 sssd.conf.5.xml:1163 sssd-ldap.5.xml:679 +#: sssd-ldap.5.xml:1319 sssd-ldap.5.xml:1673 sssd-ldap.5.xml:1685 +#: sssd-ldap.5.xml:1767 sssd-ad.5.xml:687 sssd-ad.5.xml:762 sssd.8.xml:126 +#: sssd-krb5.5.xml:410 sssd-krb5.5.xml:556 sssd-secrets.5.xml:339 +#: sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 sssd-secrets.5.xml:404 +#: sssd-secrets.5.xml:415 include/ldap_id_mapping.xml:205 +#: include/ldap_id_mapping.xml:216 msgid "Default: not set" msgstr "" @@ -827,8 +828,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:587 sssd.conf.5.xml:1364 sssd.conf.5.xml:2931 -#: sssd-ad.5.xml:148 sssd-ad.5.xml:286 sssd-ad.5.xml:300 +#: sssd.conf.5.xml:587 sssd.conf.5.xml:1371 sssd.conf.5.xml:2991 +#: sssd-ad.5.xml:161 sssd-ad.5.xml:299 sssd-ad.5.xml:313 msgid "Default: Not set" msgstr "" @@ -904,7 +905,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:655 sssd.conf.5.xml:687 sssd.conf.5.xml:968 -#: sssd.conf.5.xml:1222 sssd-ldap.5.xml:1294 +#: sssd.conf.5.xml:1229 sssd-ldap.5.xml:1412 msgid "Default: 60" msgstr "" @@ -959,12 +960,12 @@ msgid "" "resource exhaustion on the system. The minimum acceptable value for this " "option is 60 seconds. Setting this option to 0 (zero) means that no timeout " "will be set up to the responder. This option only has effect when SSSD is " -"built with systemd support and when services are either socket or dbus " +"built with systemd support and when services are either socket or D-Bus " "activated." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:709 sssd.conf.5.xml:980 sssd.conf.5.xml:1559 +#: sssd.conf.5.xml:709 sssd.conf.5.xml:981 sssd.conf.5.xml:1566 #: sssd-ldap.5.xml:722 msgid "Default: 300" msgstr "" @@ -1042,7 +1043,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:775 sssd.conf.5.xml:1421 +#: sssd.conf.5.xml:775 sssd.conf.5.xml:1428 msgid "Default: 50" msgstr "" @@ -1060,7 +1061,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:789 sssd.conf.5.xml:1445 +#: sssd.conf.5.xml:789 sssd.conf.5.xml:1452 msgid "Default: 15" msgstr "По умолчанию: 15" @@ -1077,7 +1078,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:802 sssd.conf.5.xml:1210 sssd.conf.5.xml:2815 sssd.8.xml:79 +#: sssd.conf.5.xml:802 sssd.conf.5.xml:1217 sssd.conf.5.xml:2846 sssd.8.xml:79 msgid "Default: 0" msgstr "" @@ -1147,7 +1148,7 @@ msgid "" msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:856 sssd.conf.5.xml:1289 sssd.conf.5.xml:1308 +#: sssd.conf.5.xml:856 sssd.conf.5.xml:1296 sssd.conf.5.xml:1315 #: sssd-krb5.5.xml:539 include/override_homedir.xml:59 msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" @@ -1281,12 +1282,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:961 sssd.conf.5.xml:1215 +#: sssd.conf.5.xml:961 sssd.conf.5.xml:1222 msgid "get_domains_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:964 sssd.conf.5.xml:1218 +#: sssd.conf.5.xml:964 sssd.conf.5.xml:1225 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." @@ -1301,23 +1302,30 @@ msgstr "" #: sssd.conf.5.xml:976 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " -"valid." +"valid. Setting this option to zero will disable the in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:983 +#: sssd.conf.5.xml:984 +msgid "" +"WARNING: Disabling the in-memory cache will have significant negative impact " +"on SSSD's performance and should only be used for testing." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:990 msgid "" "NOTE: If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", " "client applications will not use the fast in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:991 sssd-ifp.5.xml:74 +#: sssd.conf.5.xml:998 sssd-ifp.5.xml:74 msgid "user_attributes (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:994 +#: sssd.conf.5.xml:1001 msgid "" "Some of the additional NSS responder requests can return more attributes " "than just the POSIX ones defined by the NSS interface. The list of " @@ -1328,96 +1336,96 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1007 +#: sssd.conf.5.xml:1014 msgid "" "To make configuration more easy the NSS responder will check the InfoPipe " "option if it is not set for the NSS responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1012 +#: sssd.conf.5.xml:1019 msgid "Default: not set, fallback to InfoPipe option" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1017 +#: sssd.conf.5.xml:1024 msgid "pwfield (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1020 +#: sssd.conf.5.xml:1027 msgid "" "The value that NSS operations that return users or groups will return for " "the <quote>password</quote> field." msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:1025 include/override_homedir.xml:56 +#: sssd.conf.5.xml:1032 include/override_homedir.xml:56 msgid "This option can also be set per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1028 +#: sssd.conf.5.xml:1035 msgid "" "Default: <quote>*</quote> (remote domains) or <quote>x</quote> (the files " "domain)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1036 +#: sssd.conf.5.xml:1043 msgid "PAM configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1038 +#: sssd.conf.5.xml:1045 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1043 +#: sssd.conf.5.xml:1050 msgid "offline_credentials_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1046 +#: sssd.conf.5.xml:1053 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1051 sssd.conf.5.xml:1064 +#: sssd.conf.5.xml:1058 sssd.conf.5.xml:1071 msgid "Default: 0 (No limit)" msgstr "По умолчанию: 0 (неограничено)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1057 +#: sssd.conf.5.xml:1064 msgid "offline_failed_login_attempts (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1060 +#: sssd.conf.5.xml:1067 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1070 +#: sssd.conf.5.xml:1077 msgid "offline_failed_login_delay (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1073 +#: sssd.conf.5.xml:1080 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1078 +#: sssd.conf.5.xml:1085 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -1425,59 +1433,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1084 sssd.conf.5.xml:1182 +#: sssd.conf.5.xml:1091 sssd.conf.5.xml:1189 msgid "Default: 5" msgstr "По умолчанию: 5" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1090 +#: sssd.conf.5.xml:1097 msgid "pam_verbosity (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1093 +#: sssd.conf.5.xml:1100 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1098 +#: sssd.conf.5.xml:1105 msgid "Currently sssd supports the following values:" msgstr "В настоящее время sssd поддерживает следующие значения:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1101 +#: sssd.conf.5.xml:1108 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1104 +#: sssd.conf.5.xml:1111 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1108 +#: sssd.conf.5.xml:1115 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1111 +#: sssd.conf.5.xml:1118 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1115 sssd.8.xml:63 +#: sssd.conf.5.xml:1122 sssd.8.xml:63 msgid "Default: 1" msgstr "По умолчанию: 1" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1121 +#: sssd.conf.5.xml:1128 msgid "pam_response_filter (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1124 +#: sssd.conf.5.xml:1131 msgid "" "A comma separated list of strings which allows to remove (filter) data sent " "by the PAM responder to pam_sss PAM module. There are different kind of " @@ -1486,61 +1494,61 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1132 +#: sssd.conf.5.xml:1139 msgid "" "While messages already can be controlled with the help of the pam_verbosity " "option this option allows to filter out other kind of responses as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1139 +#: sssd.conf.5.xml:1146 msgid "ENV" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1140 +#: sssd.conf.5.xml:1147 msgid "Do not send any environment variables to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1143 +#: sssd.conf.5.xml:1150 msgid "ENV:var_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1144 +#: sssd.conf.5.xml:1151 msgid "Do not send environment variable var_name to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1148 +#: sssd.conf.5.xml:1155 msgid "ENV:var_name:service" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1149 +#: sssd.conf.5.xml:1156 msgid "Do not send environment variable var_name to service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1137 +#: sssd.conf.5.xml:1144 msgid "" "Currently the following filters are supported: <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1159 +#: sssd.conf.5.xml:1166 msgid "Example: ENV:KRB5CCNAME:sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1165 +#: sssd.conf.5.xml:1172 msgid "pam_id_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1168 +#: sssd.conf.5.xml:1175 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1548,7 +1556,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1174 +#: sssd.conf.5.xml:1181 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -1557,17 +1565,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1188 +#: sssd.conf.5.xml:1195 msgid "pam_pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1191 sssd.conf.5.xml:2010 +#: sssd.conf.5.xml:1198 sssd.conf.5.xml:2028 msgid "Display a warning N days before the password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1194 +#: sssd.conf.5.xml:1201 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1575,26 +1583,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1200 sssd.conf.5.xml:2013 +#: sssd.conf.5.xml:1207 sssd.conf.5.xml:2031 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1205 +#: sssd.conf.5.xml:1212 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:1234 msgid "pam_trusted_users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1230 +#: sssd.conf.5.xml:1237 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to run PAM conversations against trusted domains. Users not " @@ -1604,74 +1612,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1240 +#: sssd.conf.5.xml:1247 msgid "Default: All users are considered trusted by default" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1244 +#: sssd.conf.5.xml:1251 msgid "" "Please note that UID 0 is always allowed to access the PAM responder even in " "case it is not in the pam_trusted_users list." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1251 +#: sssd.conf.5.xml:1258 msgid "pam_public_domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1254 +#: sssd.conf.5.xml:1261 msgid "" "Specifies the comma-separated list of domain names that are accessible even " "to untrusted users." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1258 +#: sssd.conf.5.xml:1265 msgid "Two special values for pam_public_domains option are defined:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1262 +#: sssd.conf.5.xml:1269 msgid "" "all (Untrusted users are allowed to access all domains in PAM responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1266 +#: sssd.conf.5.xml:1273 msgid "" "none (Untrusted users are not allowed to access any domains PAM in " "responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1270 sssd.conf.5.xml:1295 sssd.conf.5.xml:1314 -#: sssd.conf.5.xml:1807 sssd.conf.5.xml:2751 sssd-ldap.5.xml:1850 +#: sssd.conf.5.xml:1277 sssd.conf.5.xml:1302 sssd.conf.5.xml:1321 +#: sssd.conf.5.xml:1825 sssd.conf.5.xml:2782 sssd-ldap.5.xml:1968 msgid "Default: none" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1275 +#: sssd.conf.5.xml:1282 msgid "pam_account_expired_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1278 +#: sssd.conf.5.xml:1285 msgid "" "Allows a custom expiration message to be set, replacing the default " "'Permission denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1283 +#: sssd.conf.5.xml:1290 msgid "" "Note: Please be aware that message is only printed for the SSH service " "unless pam_verbosity is set to 3 (show all messages and debug information)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1291 +#: sssd.conf.5.xml:1298 #, no-wrap msgid "" "pam_account_expired_message = Account expired, please contact help desk.\n" @@ -1679,19 +1687,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1300 +#: sssd.conf.5.xml:1307 msgid "pam_account_locked_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1303 +#: sssd.conf.5.xml:1310 msgid "" "Allows a custom lockout message to be set, replacing the default 'Permission " "denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1310 +#: sssd.conf.5.xml:1317 #, no-wrap msgid "" "pam_account_locked_message = Account locked, please contact help desk.\n" @@ -1699,12 +1707,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1319 +#: sssd.conf.5.xml:1326 msgid "pam_cert_auth (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1322 +#: sssd.conf.5.xml:1329 msgid "" "Enable certificate based Smartcard authentication. Since this requires " "additional communication with the Smartcard which will delay the " @@ -1712,58 +1720,58 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1328 sssd-ldap.5.xml:1078 sssd-ldap.5.xml:1105 -#: sssd-ldap.5.xml:1396 sssd-ldap.5.xml:1417 sssd-ldap.5.xml:1923 -#: include/ldap_id_mapping.xml:244 +#: sssd.conf.5.xml:1335 sssd.conf.5.xml:2875 sssd-ldap.5.xml:1087 +#: sssd-ldap.5.xml:1114 sssd-ldap.5.xml:1514 sssd-ldap.5.xml:1535 +#: sssd-ldap.5.xml:2041 include/ldap_id_mapping.xml:244 msgid "Default: False" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1333 +#: sssd.conf.5.xml:1340 msgid "pam_cert_db_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1336 +#: sssd.conf.5.xml:1343 msgid "" "The path to the certificate database which contain the PKCS#11 modules to " "access the Smartcard." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1340 +#: sssd.conf.5.xml:1347 msgid "Default: /etc/pki/nssdb (NSS version)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1345 +#: sssd.conf.5.xml:1352 msgid "p11_child_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1348 +#: sssd.conf.5.xml:1355 msgid "How many seconds will pam_sss wait for p11_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1357 +#: sssd.conf.5.xml:1364 msgid "pam_app_services (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1360 +#: sssd.conf.5.xml:1367 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1373 +#: sssd.conf.5.xml:1380 msgid "SUDO configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1375 +#: sssd.conf.5.xml:1382 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -1774,24 +1782,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1392 +#: sssd.conf.5.xml:1399 msgid "sudo_timed (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1395 +#: sssd.conf.5.xml:1402 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1407 +#: sssd.conf.5.xml:1414 msgid "sudo_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1410 +#: sssd.conf.5.xml:1417 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -1801,22 +1809,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1429 +#: sssd.conf.5.xml:1436 msgid "AUTOFS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1431 +#: sssd.conf.5.xml:1438 msgid "These options can be used to configure the autofs service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1435 +#: sssd.conf.5.xml:1442 msgid "autofs_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1438 +#: sssd.conf.5.xml:1445 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -1824,68 +1832,68 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1454 +#: sssd.conf.5.xml:1461 msgid "SSH configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1456 +#: sssd.conf.5.xml:1463 msgid "These options can be used to configure the SSH service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1460 +#: sssd.conf.5.xml:1467 msgid "ssh_hash_known_hosts (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1463 +#: sssd.conf.5.xml:1470 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1472 +#: sssd.conf.5.xml:1479 msgid "ssh_known_hosts_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1475 +#: sssd.conf.5.xml:1482 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1479 +#: sssd.conf.5.xml:1486 msgid "Default: 180" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1484 +#: sssd.conf.5.xml:1491 msgid "ca_db (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1487 +#: sssd.conf.5.xml:1494 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1492 +#: sssd.conf.5.xml:1499 msgid "Default: /etc/pki/nssdb" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1500 +#: sssd.conf.5.xml:1507 msgid "PAC responder configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1502 +#: sssd.conf.5.xml:1509 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -1896,7 +1904,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1511 +#: sssd.conf.5.xml:1518 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -1907,24 +1915,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1519 +#: sssd.conf.5.xml:1526 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1525 +#: sssd.conf.5.xml:1532 msgid "These options can be used to configure the PAC responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1529 sssd-ifp.5.xml:50 +#: sssd.conf.5.xml:1536 sssd-ifp.5.xml:50 msgid "allowed_uids (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1532 +#: sssd.conf.5.xml:1539 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -1932,12 +1940,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1538 +#: sssd.conf.5.xml:1545 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1542 +#: sssd.conf.5.xml:1549 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -1946,24 +1954,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1551 +#: sssd.conf.5.xml:1558 msgid "pac_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1554 +#: sssd.conf.5.xml:1561 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1567 +#: sssd.conf.5.xml:1574 msgid "Session recording configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1569 +#: sssd.conf.5.xml:1576 msgid "" "Session recording works in conjunction with <citerefentry> " "<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> </" @@ -1973,68 +1981,68 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1582 +#: sssd.conf.5.xml:1589 msgid "These options can be used to configure session recording." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1586 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:1593 sssd-session-recording.5.xml:64 msgid "scope (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1593 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:1600 sssd-session-recording.5.xml:71 msgid "\"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1596 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:1603 sssd-session-recording.5.xml:74 msgid "No users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1601 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:1608 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1604 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:1611 sssd-session-recording.5.xml:82 msgid "" "Users/groups specified by <replaceable>users</replaceable> and " "<replaceable>groups</replaceable> options are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1613 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:1620 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1616 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:1623 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1589 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:1596 sssd-session-recording.5.xml:67 msgid "" "One of the following strings specifying the scope of session recording: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1623 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:1630 sssd-session-recording.5.xml:101 #, fuzzy #| msgid "Default: 3" msgid "Default: \"none\"" msgstr "По умолчанию: 3" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1628 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:1635 sssd-session-recording.5.xml:106 msgid "users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1631 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:1638 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording enabled. " "Matches user names as returned by NSS. I.e. after the possible space " @@ -2042,17 +2050,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1637 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:1644 sssd-session-recording.5.xml:115 msgid "Default: Empty. Matches no users." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1642 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:1649 sssd-session-recording.5.xml:120 msgid "groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1645 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:1652 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " @@ -2060,7 +2068,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1651 sssd-session-recording.5.xml:129 +#: sssd.conf.5.xml:1658 sssd-session-recording.5.xml:129 msgid "" "NOTE: using this option (having it set to anything) has a considerable " "performance cost, because each uncached request for a user requires " @@ -2068,22 +2076,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1658 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:1665 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1668 +#: sssd.conf.5.xml:1675 msgid "DOMAIN SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1675 +#: sssd.conf.5.xml:1682 msgid "domain_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1678 +#: sssd.conf.5.xml:1685 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " @@ -2092,14 +2100,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1686 +#: sssd.conf.5.xml:1693 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1690 +#: sssd.conf.5.xml:1697 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " @@ -2108,38 +2116,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1698 +#: sssd.conf.5.xml:1705 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1702 +#: sssd.conf.5.xml:1709 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1706 +#: sssd.conf.5.xml:1713 msgid "Default: posix" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1712 +#: sssd.conf.5.xml:1719 msgid "min_id,max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1715 +#: sssd.conf.5.xml:1722 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1720 +#: sssd.conf.5.xml:1727 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -2148,46 +2156,55 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1727 +#: sssd.conf.5.xml:1734 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1731 +#: sssd.conf.5.xml:1738 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1737 +#: sssd.conf.5.xml:1744 msgid "enumerate (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1740 +#: sssd.conf.5.xml:1747 msgid "" -"Determines if a domain can be enumerated. This parameter can have one of the " -"following values:" +"Determines if a domain can be enumerated, that is, whether the domain can " +"list all the users and group it contains. Note that it is not required to " +"enable enumeration in order for secondary groups to be displayed. This " +"parameter can have one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1744 +#: sssd.conf.5.xml:1755 msgid "TRUE = Users and groups are enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1747 +#: sssd.conf.5.xml:1758 msgid "FALSE = No enumerations for this domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1750 sssd.conf.5.xml:1965 sssd.conf.5.xml:2132 +#: sssd.conf.5.xml:1761 sssd.conf.5.xml:1983 sssd.conf.5.xml:2150 msgid "Default: FALSE" msgstr "По умолчанию: FALSE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1753 +#: sssd.conf.5.xml:1764 +msgid "" +"Enumerating a domain requires SSSD to download and store ALL user and group " +"entries from the remote server." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1769 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -2195,18 +2212,20 @@ msgid "" "information will go directly to LDAP, though it may be slow, due to the " "heavy enumeration processing. Saving a large number of entries to cache " "after the enumeration completes might also be CPU intensive as the " -"memberships have to be recomputed." +"memberships have to be recomputed. This can lead to the <quote>sssd_be</" +"quote> process becoming unresponsive or even restarted by the internal " +"watchdog." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1766 +#: sssd.conf.5.xml:1784 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1771 +#: sssd.conf.5.xml:1789 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -2215,39 +2234,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1779 +#: sssd.conf.5.xml:1797 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1787 +#: sssd.conf.5.xml:1805 msgid "subdomain_enumerate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1794 +#: sssd.conf.5.xml:1812 msgid "all" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1795 +#: sssd.conf.5.xml:1813 msgid "All discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1798 +#: sssd.conf.5.xml:1816 msgid "none" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1799 +#: sssd.conf.5.xml:1817 msgid "No discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1790 +#: sssd.conf.5.xml:1808 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -2256,19 +2275,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1813 +#: sssd.conf.5.xml:1831 msgid "entry_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1816 +#: sssd.conf.5.xml:1834 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1820 +#: sssd.conf.5.xml:1838 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -2279,151 +2298,151 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1833 +#: sssd.conf.5.xml:1851 msgid "Default: 5400" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1839 +#: sssd.conf.5.xml:1857 msgid "entry_cache_user_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1842 +#: sssd.conf.5.xml:1860 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1846 sssd.conf.5.xml:1859 sssd.conf.5.xml:1872 -#: sssd.conf.5.xml:1885 sssd.conf.5.xml:1898 sssd.conf.5.xml:1912 -#: sssd.conf.5.xml:1926 +#: sssd.conf.5.xml:1864 sssd.conf.5.xml:1877 sssd.conf.5.xml:1890 +#: sssd.conf.5.xml:1903 sssd.conf.5.xml:1916 sssd.conf.5.xml:1930 +#: sssd.conf.5.xml:1944 msgid "Default: entry_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1852 +#: sssd.conf.5.xml:1870 msgid "entry_cache_group_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1855 +#: sssd.conf.5.xml:1873 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1865 +#: sssd.conf.5.xml:1883 msgid "entry_cache_netgroup_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1868 +#: sssd.conf.5.xml:1886 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1878 +#: sssd.conf.5.xml:1896 msgid "entry_cache_service_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1881 +#: sssd.conf.5.xml:1899 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1891 +#: sssd.conf.5.xml:1909 msgid "entry_cache_sudo_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1894 +#: sssd.conf.5.xml:1912 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1904 +#: sssd.conf.5.xml:1922 msgid "entry_cache_autofs_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1907 +#: sssd.conf.5.xml:1925 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1918 +#: sssd.conf.5.xml:1936 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1921 +#: sssd.conf.5.xml:1939 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1932 +#: sssd.conf.5.xml:1950 msgid "refresh_expired_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1935 +#: sssd.conf.5.xml:1953 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1940 +#: sssd.conf.5.xml:1958 msgid "" "The background refresh will process users, groups and netgroups in the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1944 +#: sssd.conf.5.xml:1962 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1948 sssd-ldap.5.xml:746 sssd-ipa.5.xml:248 +#: sssd.conf.5.xml:1966 sssd-ldap.5.xml:746 sssd-ipa.5.xml:254 msgid "Default: 0 (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1954 +#: sssd.conf.5.xml:1972 msgid "cache_credentials (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1957 +#: sssd.conf.5.xml:1975 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1961 +#: sssd.conf.5.xml:1979 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1971 +#: sssd.conf.5.xml:1989 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1974 +#: sssd.conf.5.xml:1992 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " @@ -2431,24 +2450,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1981 +#: sssd.conf.5.xml:1999 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1986 +#: sssd.conf.5.xml:2004 msgid "Default: 8" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1992 +#: sssd.conf.5.xml:2010 msgid "account_cache_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1995 +#: sssd.conf.5.xml:2013 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -2457,17 +2476,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2002 +#: sssd.conf.5.xml:2020 msgid "Default: 0 (unlimited)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2007 +#: sssd.conf.5.xml:2025 msgid "pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2018 +#: sssd.conf.5.xml:2036 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -2476,33 +2495,33 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2025 +#: sssd.conf.5.xml:2043 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2031 +#: sssd.conf.5.xml:2049 msgid "id_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2034 +#: sssd.conf.5.xml:2052 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2038 +#: sssd.conf.5.xml:2056 msgid "<quote>proxy</quote>: Support a legacy NSS provider" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2041 sssd.conf.5.xml:2178 +#: sssd.conf.5.xml:2059 sssd.conf.5.xml:2196 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2045 +#: sssd.conf.5.xml:2063 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -2510,8 +2529,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2053 sssd.conf.5.xml:2158 sssd.conf.5.xml:2213 -#: sssd.conf.5.xml:2276 +#: sssd.conf.5.xml:2071 sssd.conf.5.xml:2176 sssd.conf.5.xml:2231 +#: sssd.conf.5.xml:2294 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -2520,8 +2539,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2062 sssd.conf.5.xml:2167 sssd.conf.5.xml:2222 -#: sssd.conf.5.xml:2285 +#: sssd.conf.5.xml:2080 sssd.conf.5.xml:2185 sssd.conf.5.xml:2240 +#: sssd.conf.5.xml:2303 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2529,19 +2548,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2073 +#: sssd.conf.5.xml:2091 msgid "use_fully_qualified_names (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2076 +#: sssd.conf.5.xml:2094 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2081 +#: sssd.conf.5.xml:2099 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -2550,7 +2569,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2089 +#: sssd.conf.5.xml:2107 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -2558,22 +2577,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2096 +#: sssd.conf.5.xml:2114 msgid "Default: FALSE (TRUE if default_domain_suffix is used)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2102 +#: sssd.conf.5.xml:2120 msgid "ignore_group_members (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2105 +#: sssd.conf.5.xml:2123 msgid "Do not return group members for group lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2108 +#: sssd.conf.5.xml:2126 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -2585,7 +2604,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2126 +#: sssd.conf.5.xml:2144 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " @@ -2593,19 +2612,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2137 +#: sssd.conf.5.xml:2155 msgid "auth_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2140 +#: sssd.conf.5.xml:2158 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2144 sssd.conf.5.xml:2206 +#: sssd.conf.5.xml:2162 sssd.conf.5.xml:2224 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2613,7 +2632,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2151 +#: sssd.conf.5.xml:2169 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2621,30 +2640,30 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2175 +#: sssd.conf.5.xml:2193 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2182 +#: sssd.conf.5.xml:2200 msgid "<quote>none</quote> disables authentication explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2185 +#: sssd.conf.5.xml:2203 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2191 +#: sssd.conf.5.xml:2209 msgid "access_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2194 +#: sssd.conf.5.xml:2212 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -2652,19 +2671,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2200 +#: sssd.conf.5.xml:2218 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2203 +#: sssd.conf.5.xml:2221 msgid "<quote>deny</quote> always deny access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2230 +#: sssd.conf.5.xml:2248 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -2673,7 +2692,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2237 +#: sssd.conf.5.xml:2255 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum></" @@ -2681,29 +2700,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2244 +#: sssd.conf.5.xml:2262 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2247 +#: sssd.conf.5.xml:2265 msgid "Default: <quote>permit</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2252 +#: sssd.conf.5.xml:2270 msgid "chpass_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2255 +#: sssd.conf.5.xml:2273 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2260 +#: sssd.conf.5.xml:2278 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -2711,7 +2730,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2268 +#: sssd.conf.5.xml:2286 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2719,35 +2738,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2293 +#: sssd.conf.5.xml:2311 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2297 +#: sssd.conf.5.xml:2315 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2300 +#: sssd.conf.5.xml:2318 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2307 +#: sssd.conf.5.xml:2325 msgid "sudo_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2310 +#: sssd.conf.5.xml:2328 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2314 +#: sssd.conf.5.xml:2332 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2755,32 +2774,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2322 +#: sssd.conf.5.xml:2340 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2326 +#: sssd.conf.5.xml:2344 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2330 +#: sssd.conf.5.xml:2348 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2333 sssd.conf.5.xml:2411 sssd.conf.5.xml:2476 -#: sssd.conf.5.xml:2501 +#: sssd.conf.5.xml:2351 sssd.conf.5.xml:2437 sssd.conf.5.xml:2507 +#: sssd.conf.5.xml:2532 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2337 +#: sssd.conf.5.xml:2355 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -2790,13 +2809,22 @@ msgid "" "<manvolnum>5</manvolnum> </citerefentry>." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2370 +msgid "" +"<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " +"background unless the sudo provider is explicitly disabled. Set " +"<emphasis>sudo_provider = None</emphasis> to disable all sudo-related " +"activity in SSSD if you do not want to use sudo with SSSD at all." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2354 +#: sssd.conf.5.xml:2380 msgid "selinux_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2357 +#: sssd.conf.5.xml:2383 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -2804,7 +2832,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2363 +#: sssd.conf.5.xml:2389 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -2812,31 +2840,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2371 +#: sssd.conf.5.xml:2397 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2374 +#: sssd.conf.5.xml:2400 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2380 +#: sssd.conf.5.xml:2406 msgid "subdomains_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2383 +#: sssd.conf.5.xml:2409 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2389 +#: sssd.conf.5.xml:2415 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -2844,7 +2872,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2398 +#: sssd.conf.5.xml:2424 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -2853,17 +2881,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2407 +#: sssd.conf.5.xml:2433 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2417 +#: sssd.conf.5.xml:2443 msgid "session_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2420 +#: sssd.conf.5.xml:2446 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " @@ -2871,36 +2899,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2427 +#: sssd.conf.5.xml:2453 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2431 +#: sssd.conf.5.xml:2457 msgid "" "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2435 +#: sssd.conf.5.xml:2461 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can perform " "session related tasks." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2465 +msgid "" +"<emphasis>NOTE:</emphasis> In order to have this feature working as expected " +"SSSD must be running as \"root\" and not as the unprivileged user." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2442 +#: sssd.conf.5.xml:2473 msgid "autofs_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2445 +#: sssd.conf.5.xml:2476 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2449 +#: sssd.conf.5.xml:2480 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2908,7 +2943,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2456 +#: sssd.conf.5.xml:2487 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2916,7 +2951,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2464 +#: sssd.conf.5.xml:2495 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2924,24 +2959,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2473 +#: sssd.conf.5.xml:2504 msgid "<quote>none</quote> disables autofs explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2483 +#: sssd.conf.5.xml:2514 msgid "hostid_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2486 +#: sssd.conf.5.xml:2517 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2490 +#: sssd.conf.5.xml:2521 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -2949,12 +2984,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2498 +#: sssd.conf.5.xml:2529 msgid "<quote>none</quote> disables hostid explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2511 +#: sssd.conf.5.xml:2542 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -2964,7 +2999,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2520 +#: sssd.conf.5.xml:2551 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -2973,29 +3008,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2525 +#: sssd.conf.5.xml:2556 msgid "username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2528 +#: sssd.conf.5.xml:2559 msgid "username@domain.name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2531 +#: sssd.conf.5.xml:2562 msgid "domain\\username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2534 +#: sssd.conf.5.xml:2565 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2539 +#: sssd.conf.5.xml:2570 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -3003,7 +3038,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2545 +#: sssd.conf.5.xml:2576 msgid "" "PLEASE NOTE: the support for non-unique named subpatterns is not available " "on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre " @@ -3011,66 +3046,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2552 +#: sssd.conf.5.xml:2583 msgid "" "PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?" "P<name>) to label subpatterns." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2599 +#: sssd.conf.5.xml:2630 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "По умолчанию: <quote>%1$s@%2$s</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2605 +#: sssd.conf.5.xml:2636 msgid "lookup_family_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2608 +#: sssd.conf.5.xml:2639 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2612 +#: sssd.conf.5.xml:2643 msgid "Supported values:" msgstr "Поддерживаемые значения:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2615 +#: sssd.conf.5.xml:2646 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2618 +#: sssd.conf.5.xml:2649 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2621 +#: sssd.conf.5.xml:2652 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2624 +#: sssd.conf.5.xml:2655 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2627 +#: sssd.conf.5.xml:2658 msgid "Default: ipv4_first" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2633 +#: sssd.conf.5.xml:2664 msgid "dns_resolver_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2636 +#: sssd.conf.5.xml:2667 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the " "internal fail over service before assuming that the service is unreachable. " @@ -3079,77 +3114,77 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2643 +#: sssd.conf.5.xml:2674 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2648 sssd-ldap.5.xml:1278 sssd-ldap.5.xml:1320 -#: sssd-ldap.5.xml:1338 sssd-krb5.5.xml:248 +#: sssd.conf.5.xml:2679 sssd-ldap.5.xml:1396 sssd-ldap.5.xml:1438 +#: sssd-ldap.5.xml:1456 sssd-krb5.5.xml:248 msgid "Default: 6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2654 +#: sssd.conf.5.xml:2685 msgid "dns_discovery_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2657 +#: sssd.conf.5.xml:2688 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2661 +#: sssd.conf.5.xml:2692 msgid "Default: Use the domain part of machine's hostname" msgstr "По умолчанию: использовать доменное имя из hostname" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2667 +#: sssd.conf.5.xml:2698 msgid "override_gid (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2670 +#: sssd.conf.5.xml:2701 msgid "Override the primary GID value with the one specified." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2676 +#: sssd.conf.5.xml:2707 msgid "case_sensitive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2684 +#: sssd.conf.5.xml:2715 msgid "True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2687 +#: sssd.conf.5.xml:2718 msgid "Case sensitive. This value is invalid for AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2693 +#: sssd.conf.5.xml:2724 msgid "False" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2695 +#: sssd.conf.5.xml:2726 msgid "Case insensitive." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2699 +#: sssd.conf.5.xml:2730 msgid "Preserving" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2702 +#: sssd.conf.5.xml:2733 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " @@ -3157,7 +3192,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2679 +#: sssd.conf.5.xml:2710 msgid "" "Treat user and group names as case sensitive. At the moment, this option is " "not supported in the local provider. Possible option values are: " @@ -3165,17 +3200,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2714 +#: sssd.conf.5.xml:2745 msgid "Default: True (False for AD provider)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2720 +#: sssd.conf.5.xml:2751 msgid "subdomain_inherit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2723 +#: sssd.conf.5.xml:2754 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " @@ -3183,34 +3218,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2729 +#: sssd.conf.5.xml:2760 msgid "ignore_group_members" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2732 +#: sssd.conf.5.xml:2763 msgid "ldap_purge_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2735 sssd-ldap.5.xml:1111 +#: sssd.conf.5.xml:2766 sssd-ldap.5.xml:1120 msgid "ldap_use_tokengroups" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2738 +#: sssd.conf.5.xml:2769 msgid "ldap_user_principal" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2741 +#: sssd.conf.5.xml:2772 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:2747 +#: sssd.conf.5.xml:2778 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" @@ -3218,32 +3253,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2745 sssd-secrets.5.xml:448 +#: sssd.conf.5.xml:2776 sssd-secrets.5.xml:448 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2754 +#: sssd.conf.5.xml:2785 msgid "Note: This option only works with the IPA and AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2761 +#: sssd.conf.5.xml:2792 msgid "subdomain_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2772 +#: sssd.conf.5.xml:2803 msgid "%F" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2773 +#: sssd.conf.5.xml:2804 msgid "flat (NetBIOS) name of a subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2764 +#: sssd.conf.5.xml:2795 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -3253,34 +3288,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2778 +#: sssd.conf.5.xml:2809 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2782 +#: sssd.conf.5.xml:2813 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2787 +#: sssd.conf.5.xml:2818 msgid "realmd_tags (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2790 +#: sssd.conf.5.xml:2821 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2796 +#: sssd.conf.5.xml:2827 msgid "cached_auth_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2799 +#: sssd.conf.5.xml:2830 msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " @@ -3288,20 +3323,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2805 +#: sssd.conf.5.xml:2836 msgid "Special value 0 implies that this feature is disabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2809 +#: sssd.conf.5.xml:2840 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " "<quote>initgroups.</quote>" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2851 +msgid "auto_private_groups (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2854 +msgid "" +"If this option is enabled, SSSD will automatically create user private " +"groups based on user's UID number. The GID number is ignored in this case." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2859 +msgid "" +"For POSIX subdomains, setting the option in the main domain is inherited in " +"the subdomain." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2863 +msgid "" +"For ID-mapping subdomains, auto_private_groups is already enabled for the " +"subdomains and setting it to false will not have any effect for the " +"subdomain." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2868 +msgid "" +"NOTE: Because the GID number and the user private group are inferred from " +"the UID number, it is not supported to have multiple entries with the same " +"UID or GID number with this option. In other words, enabling this option " +"enforces uniqueness across the ID space." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1670 +#: sssd.conf.5.xml:1677 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -3309,29 +3380,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2827 +#: sssd.conf.5.xml:2887 msgid "proxy_pam_target (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2830 +#: sssd.conf.5.xml:2890 msgid "The proxy target PAM proxies to." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2833 +#: sssd.conf.5.xml:2893 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2841 +#: sssd.conf.5.xml:2901 msgid "proxy_lib_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2844 +#: sssd.conf.5.xml:2904 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -3339,12 +3410,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2854 +#: sssd.conf.5.xml:2914 msgid "proxy_fast_alias (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2857 +#: sssd.conf.5.xml:2917 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -3353,12 +3424,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2871 +#: sssd.conf.5.xml:2931 msgid "proxy_max_children (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2874 +#: sssd.conf.5.xml:2934 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " @@ -3366,19 +3437,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:2823 +#: sssd.conf.5.xml:2883 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2890 +#: sssd.conf.5.xml:2950 msgid "Application domains" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2892 +#: sssd.conf.5.xml:2952 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> <refentrytitle>sssd-ifp</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) is appealing to " @@ -3395,7 +3466,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2912 +#: sssd.conf.5.xml:2972 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " @@ -3403,17 +3474,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:2918 +#: sssd.conf.5.xml:2978 msgid "Application domain parameters" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2920 +#: sssd.conf.5.xml:2980 msgid "inherit_from (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2923 +#: sssd.conf.5.xml:2983 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " @@ -3422,7 +3493,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2937 +#: sssd.conf.5.xml:2997 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " @@ -3432,7 +3503,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:2945 +#: sssd.conf.5.xml:3005 #, no-wrap msgid "" "[sssd]\n" @@ -3452,12 +3523,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2963 +#: sssd.conf.5.xml:3023 msgid "The local domain section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2965 +#: sssd.conf.5.xml:3025 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -3465,73 +3536,73 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2972 +#: sssd.conf.5.xml:3032 msgid "default_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2975 +#: sssd.conf.5.xml:3035 msgid "The default shell for users created with SSSD userspace tools." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2979 +#: sssd.conf.5.xml:3039 msgid "Default: <filename>/bin/bash</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2984 +#: sssd.conf.5.xml:3044 msgid "base_directory (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2987 +#: sssd.conf.5.xml:3047 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2992 +#: sssd.conf.5.xml:3052 msgid "Default: <filename>/home</filename>" msgstr "По умолчанию: <filename>/home</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2997 +#: sssd.conf.5.xml:3057 msgid "create_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3000 +#: sssd.conf.5.xml:3060 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3004 sssd.conf.5.xml:3016 +#: sssd.conf.5.xml:3064 sssd.conf.5.xml:3076 msgid "Default: TRUE" msgstr "По умолчанию: TRUE" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3009 +#: sssd.conf.5.xml:3069 msgid "remove_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3012 +#: sssd.conf.5.xml:3072 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3021 +#: sssd.conf.5.xml:3081 msgid "homedir_umask (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3024 +#: sssd.conf.5.xml:3084 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -3539,17 +3610,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3032 +#: sssd.conf.5.xml:3092 msgid "Default: 077" msgstr "По умолчанию: 077" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3037 +#: sssd.conf.5.xml:3097 msgid "skel_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3040 +#: sssd.conf.5.xml:3100 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -3558,17 +3629,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3050 +#: sssd.conf.5.xml:3110 msgid "Default: <filename>/etc/skel</filename>" msgstr "По умолчанию: <filename>/etc/skel</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3055 +#: sssd.conf.5.xml:3115 msgid "mail_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3058 +#: sssd.conf.5.xml:3118 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -3576,17 +3647,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3065 +#: sssd.conf.5.xml:3125 msgid "Default: <filename>/var/mail</filename>" msgstr "По умолчанию: <filename>/var/mail</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3070 +#: sssd.conf.5.xml:3130 msgid "userdel_cmd (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3073 +#: sssd.conf.5.xml:3133 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -3594,17 +3665,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3079 +#: sssd.conf.5.xml:3139 msgid "Default: None, no command is run" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3089 +#: sssd.conf.5.xml:3149 msgid "TRUSTED DOMAIN SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3091 +#: sssd.conf.5.xml:3151 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called <quote>[domain/" @@ -3615,64 +3686,64 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3098 +#: sssd.conf.5.xml:3158 msgid "ldap_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3099 +#: sssd.conf.5.xml:3159 msgid "ldap_user_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3100 +#: sssd.conf.5.xml:3160 msgid "ldap_group_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3101 +#: sssd.conf.5.xml:3161 msgid "ldap_netgroup_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3102 +#: sssd.conf.5.xml:3162 msgid "ldap_service_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3103 +#: sssd.conf.5.xml:3163 msgid "ad_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3104 +#: sssd.conf.5.xml:3164 msgid "ad_backup_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3105 +#: sssd.conf.5.xml:3165 msgid "ad_site," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3106 +#: sssd.conf.5.xml:3166 msgid "use_fully_qualified_names" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3108 +#: sssd.conf.5.xml:3168 msgid "" "For more details about these options see their individual description in the " "manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3114 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:3174 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3120 +#: sssd.conf.5.xml:3180 #, no-wrap msgid "" "[sssd]\n" @@ -3702,7 +3773,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3116 +#: sssd.conf.5.xml:3176 msgid "" "1. The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -3711,7 +3782,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3153 +#: sssd.conf.5.xml:3213 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" @@ -3719,7 +3790,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3147 +#: sssd.conf.5.xml:3207 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -3767,7 +3838,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:75 sssd-ad.5.xml:99 +#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:81 sssd-ad.5.xml:112 #: sssd-krb5.5.xml:63 sssd-ifp.5.xml:44 sssd-files.5.xml:57 #: sssd-secrets.5.xml:120 sssd-session-recording.5.xml:58 sssd-kcm.8.xml:139 msgid "CONFIGURATION OPTIONS" @@ -3868,7 +3939,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:662 sssd-ad.5.xml:270 +#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:662 sssd-ad.5.xml:283 #: sss_override.8.xml:137 sss_override.8.xml:234 msgid "Examples:" msgstr "" @@ -4069,7 +4140,7 @@ msgid "The LDAP attribute that corresponds to the user's primary group id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:297 sssd-ldap.5.xml:920 +#: sssd-ldap.5.xml:297 sssd-ldap.5.xml:929 msgid "Default: gidNumber" msgstr "" @@ -4147,7 +4218,7 @@ msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:364 sssd-ldap.5.xml:946 +#: sssd-ldap.5.xml:364 sssd-ldap.5.xml:955 msgid "" "Default: not set in the general case, objectGUID for AD and ipaUniqueID for " "IPA" @@ -4166,7 +4237,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:379 sssd-ldap.5.xml:961 +#: sssd-ldap.5.xml:379 sssd-ldap.5.xml:970 msgid "Default: objectSid for ActiveDirectory, not set for other servers." msgstr "" @@ -4176,14 +4247,14 @@ msgid "ldap_user_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:389 sssd-ldap.5.xml:971 sssd-ldap.5.xml:1194 +#: sssd-ldap.5.xml:389 sssd-ldap.5.xml:980 sssd-ldap.5.xml:1203 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:393 sssd-ldap.5.xml:975 sssd-ldap.5.xml:1201 +#: sssd-ldap.5.xml:393 sssd-ldap.5.xml:984 sssd-ldap.5.xml:1210 msgid "Default: modifyTimestamp" msgstr "По умолчанию: modifyTimestamp" @@ -4515,7 +4586,7 @@ msgid "The LDAP attribute that contains the user's SSH public keys." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:692 +#: sssd-ldap.5.xml:692 sssd-ldap.5.xml:1306 msgid "Default: sshPublicKey" msgstr "" @@ -4578,8 +4649,8 @@ msgid "The LDAP attribute that corresponds to the user's full name." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:759 sssd-ldap.5.xml:1152 sssd-ldap.5.xml:1226 -#: sssd-ldap.5.xml:2276 sssd-ipa.5.xml:588 +#: sssd-ldap.5.xml:759 sssd-ldap.5.xml:1161 sssd-ldap.5.xml:1235 +#: sssd-ldap.5.xml:1344 sssd-ldap.5.xml:2394 sssd-ipa.5.xml:607 msgid "Default: cn" msgstr "" @@ -4594,7 +4665,7 @@ msgid "The LDAP attribute that lists the user's group memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:772 +#: sssd-ldap.5.xml:772 sssd-ldap.5.xml:1274 msgid "Default: memberOf" msgstr "" @@ -4728,105 +4799,115 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:881 +msgid "" +"Note: If an email address of a user conflicts with an email address or fully " +"qualified name of another user, then SSSD will not be able to serve those " +"users properly. If for some reason several users need to share the same " +"email address then set this option to a nonexistent attribute name in order " +"to disable user lookup/login by email." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:890 msgid "Default: mail" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:887 +#: sssd-ldap.5.xml:896 msgid "ldap_group_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:890 +#: sssd-ldap.5.xml:899 msgid "The object class of a group entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:893 +#: sssd-ldap.5.xml:902 msgid "Default: posixGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:899 +#: sssd-ldap.5.xml:908 msgid "ldap_group_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:902 +#: sssd-ldap.5.xml:911 msgid "The LDAP attribute that corresponds to the group name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:906 +#: sssd-ldap.5.xml:915 msgid "Default: cn (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:913 +#: sssd-ldap.5.xml:922 msgid "ldap_group_gid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:916 +#: sssd-ldap.5.xml:925 msgid "The LDAP attribute that corresponds to the group's id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:926 +#: sssd-ldap.5.xml:935 msgid "ldap_group_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:929 +#: sssd-ldap.5.xml:938 msgid "The LDAP attribute that contains the names of the group's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:933 +#: sssd-ldap.5.xml:942 msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:939 +#: sssd-ldap.5.xml:948 msgid "ldap_group_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:942 +#: sssd-ldap.5.xml:951 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:953 +#: sssd-ldap.5.xml:962 msgid "ldap_group_objectsid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:956 +#: sssd-ldap.5.xml:965 msgid "" "The LDAP attribute that contains the objectSID of an LDAP group object. This " "is usually only necessary for ActiveDirectory servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:968 +#: sssd-ldap.5.xml:977 msgid "ldap_group_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:981 +#: sssd-ldap.5.xml:990 msgid "ldap_group_type (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:984 +#: sssd-ldap.5.xml:993 msgid "" "The LDAP attribute that contains an integer value indicating the type of the " "group and maybe other flags." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:989 +#: sssd-ldap.5.xml:998 msgid "" "This attribute is currently only used by the AD provider to determine if a " "group is a domain local groups and has to be filtered out for trusted " @@ -4834,34 +4915,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:995 +#: sssd-ldap.5.xml:1004 msgid "Default: groupType in the AD provider, otherwise not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1002 +#: sssd-ldap.5.xml:1011 msgid "ldap_group_external_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1005 +#: sssd-ldap.5.xml:1014 msgid "" "The LDAP attribute that references group members that are defined in an " "external domain. At the moment, only IPA's external members are supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1011 +#: sssd-ldap.5.xml:1020 msgid "Default: ipaExternalMember in the IPA provider, otherwise unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1018 +#: sssd-ldap.5.xml:1027 msgid "ldap_group_nesting_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1021 +#: sssd-ldap.5.xml:1030 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -4869,7 +4950,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1028 +#: sssd-ldap.5.xml:1037 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -4879,7 +4960,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1037 +#: sssd-ldap.5.xml:1046 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " @@ -4889,17 +4970,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1046 +#: sssd-ldap.5.xml:1055 msgid "Default: 2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1052 +#: sssd-ldap.5.xml:1061 msgid "ldap_groups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1055 +#: sssd-ldap.5.xml:1064 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which may speed up group lookup operations on deployments with " @@ -4907,14 +4988,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1061 +#: sssd-ldap.5.xml:1070 msgid "" "In most common cases, it is best to leave this option disabled. It generally " "only provides a performance increase on very complex nestings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1066 sssd-ldap.5.xml:1093 +#: sssd-ldap.5.xml:1075 sssd-ldap.5.xml:1102 msgid "" "If this option is enabled, SSSD will use it if it detects that the server " "supports it during initial connection. So \"True\" here essentially means " @@ -4922,7 +5003,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1072 sssd-ldap.5.xml:1099 +#: sssd-ldap.5.xml:1081 sssd-ldap.5.xml:1108 msgid "" "Note: This feature is currently known to work only with Active Directory " "2008 R1 and later. See <ulink url=\"http://msdn.microsoft.com/en-us/library/" @@ -4931,12 +5012,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1084 +#: sssd-ldap.5.xml:1093 msgid "ldap_initgroups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1087 +#: sssd-ldap.5.xml:1096 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which might speed up initgroups operations (most notably when " @@ -4944,168 +5025,272 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1114 +#: sssd-ldap.5.xml:1123 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1119 +#: sssd-ldap.5.xml:1128 msgid "Default: True for AD and IPA otherwise False." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1125 +#: sssd-ldap.5.xml:1134 msgid "ldap_netgroup_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1128 +#: sssd-ldap.5.xml:1137 msgid "The object class of a netgroup entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1131 +#: sssd-ldap.5.xml:1140 msgid "In IPA provider, ipa_netgroup_object_class should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1135 +#: sssd-ldap.5.xml:1144 msgid "Default: nisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1141 +#: sssd-ldap.5.xml:1150 msgid "ldap_netgroup_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1144 +#: sssd-ldap.5.xml:1153 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1148 +#: sssd-ldap.5.xml:1157 msgid "In IPA provider, ipa_netgroup_name should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1158 +#: sssd-ldap.5.xml:1167 msgid "ldap_netgroup_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1161 +#: sssd-ldap.5.xml:1170 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1165 +#: sssd-ldap.5.xml:1174 msgid "In IPA provider, ipa_netgroup_member should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1169 +#: sssd-ldap.5.xml:1178 msgid "Default: memberNisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1175 +#: sssd-ldap.5.xml:1184 msgid "ldap_netgroup_triple (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1178 +#: sssd-ldap.5.xml:1187 msgid "" "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1182 sssd-ldap.5.xml:1198 +#: sssd-ldap.5.xml:1191 sssd-ldap.5.xml:1207 msgid "This option is not available in IPA provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1185 +#: sssd-ldap.5.xml:1194 msgid "Default: nisNetgroupTriple" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1191 +#: sssd-ldap.5.xml:1200 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1207 -msgid "ldap_service_object_class (string)" +#: sssd-ldap.5.xml:1216 +msgid "ldap_host_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1210 -msgid "The object class of a service entry in LDAP." +#: sssd-ldap.5.xml:1219 +msgid "The object class of a host entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1213 +#: sssd-ldap.5.xml:1222 sssd-ldap.5.xml:1331 msgid "Default: ipService" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1219 +#: sssd-ldap.5.xml:1228 +msgid "ldap_host_name (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1231 sssd-ldap.5.xml:1257 +msgid "The LDAP attribute that corresponds to the host's name." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1241 +msgid "ldap_host_fqdn (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1244 +msgid "" +"The LDAP attribute that corresponds to the host's fully-qualified domain " +"name." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1248 +#, fuzzy +#| msgid "Default: 3" +msgid "Default: fqdn" +msgstr "По умолчанию: 3" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1254 +msgid "ldap_host_serverhostname (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1261 +#, fuzzy +#| msgid "Default: root" +msgid "Default: serverHostname" +msgstr "По умолчанию: root" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1267 +msgid "ldap_host_member_of (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1270 +msgid "The LDAP attribute that lists the host's group memberships." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1280 +msgid "ldap_host_search_base (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1283 +msgid "Optional. Use the given string as search base for host objects." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1287 sssd-ipa.5.xml:359 sssd-ipa.5.xml:378 +#: sssd-ipa.5.xml:397 sssd-ipa.5.xml:416 +msgid "" +"See <quote>ldap_search_base</quote> for information about configuring " +"multiple search bases." +msgstr "" + +#. type: Content of: <listitem><para> +#: sssd-ldap.5.xml:1292 sssd-ipa.5.xml:364 include/ldap_search_bases.xml:27 +msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1299 +msgid "ldap_host_ssh_public_key (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1302 +msgid "The LDAP attribute that contains the host's SSH public keys." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1312 +msgid "ldap_host_uuid (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1315 +msgid "The LDAP attribute that contains the UUID/GUID of an LDAP host object." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1325 +msgid "ldap_service_object_class (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1328 +msgid "The object class of a service entry in LDAP." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1337 msgid "ldap_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1222 +#: sssd-ldap.5.xml:1340 msgid "" "The LDAP attribute that contains the name of service attributes and their " "aliases." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1232 +#: sssd-ldap.5.xml:1350 msgid "ldap_service_port (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1235 +#: sssd-ldap.5.xml:1353 msgid "The LDAP attribute that contains the port managed by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1239 +#: sssd-ldap.5.xml:1357 msgid "Default: ipServicePort" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1245 +#: sssd-ldap.5.xml:1363 msgid "ldap_service_proto (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1248 +#: sssd-ldap.5.xml:1366 msgid "" "The LDAP attribute that contains the protocols understood by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1252 +#: sssd-ldap.5.xml:1370 msgid "Default: ipServiceProtocol" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1258 +#: sssd-ldap.5.xml:1376 msgid "ldap_service_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1263 +#: sssd-ldap.5.xml:1381 msgid "ldap_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1266 +#: sssd-ldap.5.xml:1384 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -5113,7 +5298,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1272 +#: sssd-ldap.5.xml:1390 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -5121,12 +5306,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1284 +#: sssd-ldap.5.xml:1402 msgid "ldap_enumeration_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1287 +#: sssd-ldap.5.xml:1405 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -5134,12 +5319,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1300 +#: sssd-ldap.5.xml:1418 msgid "ldap_network_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1303 +#: sssd-ldap.5.xml:1421 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -5150,12 +5335,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1326 +#: sssd-ldap.5.xml:1444 msgid "ldap_opt_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1329 +#: sssd-ldap.5.xml:1447 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -5164,12 +5349,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1344 +#: sssd-ldap.5.xml:1462 msgid "ldap_connection_expire_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1347 +#: sssd-ldap.5.xml:1465 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -5178,34 +5363,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1355 sssd-ldap.5.xml:2433 +#: sssd-ldap.5.xml:1473 sssd-ldap.5.xml:2551 msgid "Default: 900 (15 minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1361 +#: sssd-ldap.5.xml:1479 msgid "ldap_page_size (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1364 +#: sssd-ldap.5.xml:1482 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1369 +#: sssd-ldap.5.xml:1487 msgid "Default: 1000" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1375 +#: sssd-ldap.5.xml:1493 msgid "ldap_disable_paging (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1378 +#: sssd-ldap.5.xml:1496 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -5213,14 +5398,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1384 +#: sssd-ldap.5.xml:1502 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1390 +#: sssd-ldap.5.xml:1508 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -5228,17 +5413,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1402 +#: sssd-ldap.5.xml:1520 msgid "ldap_disable_range_retrieval (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1405 +#: sssd-ldap.5.xml:1523 msgid "Disable Active Directory range retrieval." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1408 +#: sssd-ldap.5.xml:1526 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -5248,12 +5433,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1423 +#: sssd-ldap.5.xml:1541 msgid "ldap_sasl_minssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1426 +#: sssd-ldap.5.xml:1544 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -5261,17 +5446,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1432 +#: sssd-ldap.5.xml:1550 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1439 +#: sssd-ldap.5.xml:1557 msgid "ldap_deref_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1442 +#: sssd-ldap.5.xml:1560 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -5279,13 +5464,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1448 +#: sssd-ldap.5.xml:1566 msgid "" "You can turn off dereference lookups completely by setting the value to 0." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1452 +#: sssd-ldap.5.xml:1570 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -5294,7 +5479,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1460 +#: sssd-ldap.5.xml:1578 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -5302,26 +5487,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1473 +#: sssd-ldap.5.xml:1591 msgid "ldap_tls_reqcert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1476 +#: sssd-ldap.5.xml:1594 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1482 +#: sssd-ldap.5.xml:1600 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1486 +#: sssd-ldap.5.xml:1604 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5329,7 +5514,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1493 +#: sssd-ldap.5.xml:1611 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5337,7 +5522,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1499 +#: sssd-ldap.5.xml:1617 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -5345,41 +5530,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1505 +#: sssd-ldap.5.xml:1623 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1509 +#: sssd-ldap.5.xml:1627 msgid "Default: hard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1515 +#: sssd-ldap.5.xml:1633 msgid "ldap_tls_cacert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1518 +#: sssd-ldap.5.xml:1636 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1523 sssd-ldap.5.xml:1541 sssd-ldap.5.xml:1582 +#: sssd-ldap.5.xml:1641 sssd-ldap.5.xml:1659 sssd-ldap.5.xml:1700 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1530 +#: sssd-ldap.5.xml:1648 msgid "ldap_tls_cacertdir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1533 +#: sssd-ldap.5.xml:1651 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -5388,32 +5573,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1548 +#: sssd-ldap.5.xml:1666 msgid "ldap_tls_cert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1551 +#: sssd-ldap.5.xml:1669 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1561 +#: sssd-ldap.5.xml:1679 msgid "ldap_tls_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1564 +#: sssd-ldap.5.xml:1682 msgid "Specifies the file that contains the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1573 +#: sssd-ldap.5.xml:1691 msgid "ldap_tls_cipher_suite (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1576 +#: sssd-ldap.5.xml:1694 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -5421,24 +5606,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1589 +#: sssd-ldap.5.xml:1707 msgid "ldap_id_use_start_tls (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1592 +#: sssd-ldap.5.xml:1710 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1602 +#: sssd-ldap.5.xml:1720 msgid "ldap_id_mapping (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1605 +#: sssd-ldap.5.xml:1723 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -5446,17 +5631,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1611 +#: sssd-ldap.5.xml:1729 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1621 +#: sssd-ldap.5.xml:1739 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1624 +#: sssd-ldap.5.xml:1742 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -5467,29 +5652,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1636 +#: sssd-ldap.5.xml:1754 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1642 +#: sssd-ldap.5.xml:1760 msgid "ldap_sasl_mech (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1645 +#: sssd-ldap.5.xml:1763 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI is tested and " "supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1655 +#: sssd-ldap.5.xml:1773 msgid "ldap_sasl_authid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1658 +#: sssd-ldap.5.xml:1776 msgid "" "Specify the SASL authorization id to use. When GSSAPI is used, this " "represents the Kerberos principal used for authentication to the directory. " @@ -5498,17 +5683,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1666 +#: sssd-ldap.5.xml:1784 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1672 +#: sssd-ldap.5.xml:1790 msgid "ldap_sasl_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1675 +#: sssd-ldap.5.xml:1793 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -5516,49 +5701,49 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1681 +#: sssd-ldap.5.xml:1799 msgid "Default: the value of krb5_realm." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1687 +#: sssd-ldap.5.xml:1805 msgid "ldap_sasl_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1690 +#: sssd-ldap.5.xml:1808 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1695 +#: sssd-ldap.5.xml:1813 msgid "Default: false;" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1701 +#: sssd-ldap.5.xml:1819 msgid "ldap_krb5_keytab (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1704 +#: sssd-ldap.5.xml:1822 msgid "Specify the keytab to use when using SASL/GSSAPI." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1707 +#: sssd-ldap.5.xml:1825 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1713 +#: sssd-ldap.5.xml:1831 msgid "ldap_krb5_init_creds (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1716 +#: sssd-ldap.5.xml:1834 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -5566,27 +5751,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1728 +#: sssd-ldap.5.xml:1846 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1731 +#: sssd-ldap.5.xml:1849 msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1735 sssd-ad.5.xml:914 +#: sssd-ldap.5.xml:1853 sssd-ad.5.xml:934 msgid "Default: 86400 (24 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1741 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1859 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1744 +#: sssd-ldap.5.xml:1862 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -5598,7 +5783,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1756 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1874 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -5606,7 +5791,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1761 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1879 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -5614,39 +5799,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1770 sssd-ipa.5.xml:432 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1888 sssd-ipa.5.xml:428 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1773 +#: sssd-ldap.5.xml:1891 msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1776 +#: sssd-ldap.5.xml:1894 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1782 sssd-krb5.5.xml:462 +#: sssd-ldap.5.xml:1900 sssd-krb5.5.xml:462 msgid "krb5_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1785 +#: sssd-ldap.5.xml:1903 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1797 sssd-krb5.5.xml:477 +#: sssd-ldap.5.xml:1915 sssd-krb5.5.xml:477 msgid "krb5_use_kdcinfo (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1800 sssd-krb5.5.xml:480 +#: sssd-ldap.5.xml:1918 sssd-krb5.5.xml:480 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -5656,7 +5841,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1811 sssd-krb5.5.xml:491 +#: sssd-ldap.5.xml:1929 sssd-krb5.5.xml:491 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -5664,26 +5849,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1825 +#: sssd-ldap.5.xml:1943 msgid "ldap_pwd_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1828 +#: sssd-ldap.5.xml:1946 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1833 +#: sssd-ldap.5.xml:1951 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1838 +#: sssd-ldap.5.xml:1956 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -5691,7 +5876,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1844 +#: sssd-ldap.5.xml:1962 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -5699,31 +5884,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1853 +#: sssd-ldap.5.xml:1971 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1861 +#: sssd-ldap.5.xml:1979 msgid "ldap_referrals (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1864 +#: sssd-ldap.5.xml:1982 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1868 +#: sssd-ldap.5.xml:1986 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1873 +#: sssd-ldap.5.xml:1991 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -5732,56 +5917,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1887 +#: sssd-ldap.5.xml:2005 msgid "ldap_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1890 +#: sssd-ldap.5.xml:2008 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1894 +#: sssd-ldap.5.xml:2012 msgid "Default: ldap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1900 +#: sssd-ldap.5.xml:2018 msgid "ldap_chpass_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1903 +#: sssd-ldap.5.xml:2021 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1908 +#: sssd-ldap.5.xml:2026 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1914 +#: sssd-ldap.5.xml:2032 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1917 +#: sssd-ldap.5.xml:2035 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1929 +#: sssd-ldap.5.xml:2047 msgid "ldap_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1932 +#: sssd-ldap.5.xml:2050 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -5797,12 +5982,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1952 +#: sssd-ldap.5.xml:2070 msgid "Example:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1955 +#: sssd-ldap.5.xml:2073 #, no-wrap msgid "" "access_provider = ldap\n" @@ -5811,14 +5996,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1959 +#: sssd-ldap.5.xml:2077 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1964 +#: sssd-ldap.5.xml:2082 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -5827,24 +6012,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1972 sssd-ldap.5.xml:2029 +#: sssd-ldap.5.xml:2090 sssd-ldap.5.xml:2147 msgid "Default: Empty" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1978 +#: sssd-ldap.5.xml:2096 msgid "ldap_account_expire_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1981 +#: sssd-ldap.5.xml:2099 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1985 +#: sssd-ldap.5.xml:2103 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -5852,19 +6037,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1992 +#: sssd-ldap.5.xml:2110 msgid "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1995 +#: sssd-ldap.5.xml:2113 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2000 +#: sssd-ldap.5.xml:2118 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -5873,7 +6058,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2007 +#: sssd-ldap.5.xml:2125 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -5881,7 +6066,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2013 +#: sssd-ldap.5.xml:2131 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -5890,7 +6075,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2022 +#: sssd-ldap.5.xml:2140 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -5898,22 +6083,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2035 +#: sssd-ldap.5.xml:2153 msgid "ldap_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2038 +#: sssd-ldap.5.xml:2156 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2042 +#: sssd-ldap.5.xml:2160 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2045 +#: sssd-ldap.5.xml:2163 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -5923,14 +6108,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2055 +#: sssd-ldap.5.xml:2173 msgid "" "<emphasis> Please note that this option is superseded by the <quote>ppolicy</" "quote> option and might be removed in a future release. </emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2062 +#: sssd-ldap.5.xml:2180 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -5943,12 +6128,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2079 +#: sssd-ldap.5.xml:2197 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2083 +#: sssd-ldap.5.xml:2201 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " @@ -5958,7 +6143,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2093 +#: sssd-ldap.5.xml:2211 msgid "" "The difference between these options is the action taken if user password is " "expired: pwd_expire_policy_reject - user is denied to log in, " @@ -5968,63 +6153,63 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2101 +#: sssd-ldap.5.xml:2219 msgid "" "Note If user password is expired no explicit message is prompted by SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2105 +#: sssd-ldap.5.xml:2223 msgid "" "Please note that 'access_provider = ldap' must be set for this feature to " "work. Also 'ldap_pwd_policy' must be set to an appropriate password policy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2110 +#: sssd-ldap.5.xml:2228 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2115 +#: sssd-ldap.5.xml:2233 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2119 +#: sssd-ldap.5.xml:2237 msgid "" "<emphasis>rhost</emphasis>: use the rhost attribute to determine whether " "remote host can access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2123 +#: sssd-ldap.5.xml:2241 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control option" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2128 +#: sssd-ldap.5.xml:2246 msgid "Default: filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2131 +#: sssd-ldap.5.xml:2249 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2138 +#: sssd-ldap.5.xml:2256 msgid "ldap_pwdlockout_dn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2141 +#: sssd-ldap.5.xml:2259 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " @@ -6033,74 +6218,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2149 +#: sssd-ldap.5.xml:2267 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2152 +#: sssd-ldap.5.xml:2270 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2158 +#: sssd-ldap.5.xml:2276 msgid "ldap_deref (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2161 +#: sssd-ldap.5.xml:2279 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2166 +#: sssd-ldap.5.xml:2284 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2170 +#: sssd-ldap.5.xml:2288 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2175 +#: sssd-ldap.5.xml:2293 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2180 +#: sssd-ldap.5.xml:2298 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2185 +#: sssd-ldap.5.xml:2303 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2193 +#: sssd-ldap.5.xml:2311 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2196 +#: sssd-ldap.5.xml:2314 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2200 +#: sssd-ldap.5.xml:2318 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -6111,7 +6296,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2211 +#: sssd-ldap.5.xml:2329 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -6119,24 +6304,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2223 sssd-ifp.5.xml:136 +#: sssd-ldap.5.xml:2341 sssd-ifp.5.xml:136 msgid "wildcard_limit (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2226 +#: sssd-ldap.5.xml:2344 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2230 +#: sssd-ldap.5.xml:2348 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2234 +#: sssd-ldap.5.xml:2352 msgid "Default: 1000 (often the size of one page)" msgstr "" @@ -6151,12 +6336,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2244 +#: sssd-ldap.5.xml:2362 msgid "SUDO OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2246 +#: sssd-ldap.5.xml:2364 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -6164,208 +6349,208 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2257 +#: sssd-ldap.5.xml:2375 msgid "ldap_sudorule_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2260 +#: sssd-ldap.5.xml:2378 msgid "The object class of a sudo rule entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2263 +#: sssd-ldap.5.xml:2381 msgid "Default: sudoRole" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2269 +#: sssd-ldap.5.xml:2387 msgid "ldap_sudorule_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2272 +#: sssd-ldap.5.xml:2390 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2282 +#: sssd-ldap.5.xml:2400 msgid "ldap_sudorule_command (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2285 +#: sssd-ldap.5.xml:2403 msgid "The LDAP attribute that corresponds to the command name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2289 +#: sssd-ldap.5.xml:2407 msgid "Default: sudoCommand" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2295 +#: sssd-ldap.5.xml:2413 msgid "ldap_sudorule_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2298 +#: sssd-ldap.5.xml:2416 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2303 +#: sssd-ldap.5.xml:2421 msgid "Default: sudoHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2309 +#: sssd-ldap.5.xml:2427 msgid "ldap_sudorule_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2312 +#: sssd-ldap.5.xml:2430 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2316 +#: sssd-ldap.5.xml:2434 msgid "Default: sudoUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2322 +#: sssd-ldap.5.xml:2440 msgid "ldap_sudorule_option (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2325 +#: sssd-ldap.5.xml:2443 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2329 +#: sssd-ldap.5.xml:2447 msgid "Default: sudoOption" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2335 +#: sssd-ldap.5.xml:2453 msgid "ldap_sudorule_runasuser (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2338 +#: sssd-ldap.5.xml:2456 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2342 +#: sssd-ldap.5.xml:2460 msgid "Default: sudoRunAsUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2348 +#: sssd-ldap.5.xml:2466 msgid "ldap_sudorule_runasgroup (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2351 +#: sssd-ldap.5.xml:2469 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2355 +#: sssd-ldap.5.xml:2473 msgid "Default: sudoRunAsGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2361 +#: sssd-ldap.5.xml:2479 msgid "ldap_sudorule_notbefore (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2364 +#: sssd-ldap.5.xml:2482 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2368 +#: sssd-ldap.5.xml:2486 msgid "Default: sudoNotBefore" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2374 +#: sssd-ldap.5.xml:2492 msgid "ldap_sudorule_notafter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2377 +#: sssd-ldap.5.xml:2495 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2382 +#: sssd-ldap.5.xml:2500 msgid "Default: sudoNotAfter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2388 +#: sssd-ldap.5.xml:2506 msgid "ldap_sudorule_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2391 +#: sssd-ldap.5.xml:2509 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2395 +#: sssd-ldap.5.xml:2513 msgid "Default: sudoOrder" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2401 +#: sssd-ldap.5.xml:2519 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2404 +#: sssd-ldap.5.xml:2522 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2409 +#: sssd-ldap.5.xml:2527 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2414 +#: sssd-ldap.5.xml:2532 msgid "Default: 21600 (6 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2420 +#: sssd-ldap.5.xml:2538 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2423 +#: sssd-ldap.5.xml:2541 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest USN " @@ -6373,101 +6558,101 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2429 +#: sssd-ldap.5.xml:2547 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2439 +#: sssd-ldap.5.xml:2557 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2442 +#: sssd-ldap.5.xml:2560 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2453 +#: sssd-ldap.5.xml:2571 msgid "ldap_sudo_hostnames (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2456 +#: sssd-ldap.5.xml:2574 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2461 +#: sssd-ldap.5.xml:2579 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2466 sssd-ldap.5.xml:2489 sssd-ldap.5.xml:2507 -#: sssd-ldap.5.xml:2525 +#: sssd-ldap.5.xml:2584 sssd-ldap.5.xml:2607 sssd-ldap.5.xml:2625 +#: sssd-ldap.5.xml:2643 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2471 sssd-ldap.5.xml:2494 +#: sssd-ldap.5.xml:2589 sssd-ldap.5.xml:2612 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2477 +#: sssd-ldap.5.xml:2595 msgid "ldap_sudo_ip (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2480 +#: sssd-ldap.5.xml:2598 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2485 +#: sssd-ldap.5.xml:2603 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2500 +#: sssd-ldap.5.xml:2618 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2503 +#: sssd-ldap.5.xml:2621 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2518 +#: sssd-ldap.5.xml:2636 msgid "ldap_sudo_include_regexp (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2521 +#: sssd-ldap.5.xml:2639 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2537 +#: sssd-ldap.5.xml:2655 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -6476,111 +6661,111 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2547 +#: sssd-ldap.5.xml:2665 msgid "AUTOFS OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2549 +#: sssd-ldap.5.xml:2667 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2555 +#: sssd-ldap.5.xml:2673 msgid "ldap_autofs_map_master_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2558 +#: sssd-ldap.5.xml:2676 msgid "The name of the automount master map in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2561 +#: sssd-ldap.5.xml:2679 msgid "Default: auto.master" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2568 +#: sssd-ldap.5.xml:2686 msgid "ldap_autofs_map_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2571 +#: sssd-ldap.5.xml:2689 msgid "The object class of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2574 +#: sssd-ldap.5.xml:2692 msgid "Default: nisMap (rfc2307, autofs_provider=ad), otherwise automountMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2582 +#: sssd-ldap.5.xml:2700 msgid "ldap_autofs_map_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2585 +#: sssd-ldap.5.xml:2703 msgid "The name of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2588 +#: sssd-ldap.5.xml:2706 msgid "" "Default: nisMapName (rfc2307, autofs_provider=ad), otherwise automountMapName" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2596 +#: sssd-ldap.5.xml:2714 msgid "ldap_autofs_entry_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2599 +#: sssd-ldap.5.xml:2717 msgid "" "The object class of an automount entry in LDAP. The entry usually " "corresponds to a mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2604 +#: sssd-ldap.5.xml:2722 msgid "Default: nisObject (rfc2307, autofs_provider=ad), otherwise automount" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2612 +#: sssd-ldap.5.xml:2730 msgid "ldap_autofs_entry_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2615 sssd-ldap.5.xml:2630 +#: sssd-ldap.5.xml:2733 sssd-ldap.5.xml:2748 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2619 +#: sssd-ldap.5.xml:2737 msgid "Default: cn (rfc2307, autofs_provider=ad), otherwise automountKey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2627 +#: sssd-ldap.5.xml:2745 msgid "ldap_autofs_entry_value (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2634 +#: sssd-ldap.5.xml:2752 msgid "" "Default: nisMapEntry (rfc2307, autofs_provider=ad), otherwise " "automountInformation" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2553 +#: sssd-ldap.5.xml:2671 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " @@ -6589,32 +6774,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2645 +#: sssd-ldap.5.xml:2763 msgid "ADVANCED OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2652 +#: sssd-ldap.5.xml:2770 msgid "ldap_netgroup_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2657 +#: sssd-ldap.5.xml:2775 msgid "ldap_user_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2662 +#: sssd-ldap.5.xml:2780 msgid "ldap_group_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> -#: sssd-ldap.5.xml:2667 +#: sssd-ldap.5.xml:2785 msgid "<note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> -#: sssd-ldap.5.xml:2669 +#: sssd-ldap.5.xml:2787 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " @@ -6623,22 +6808,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist> -#: sssd-ldap.5.xml:2676 +#: sssd-ldap.5.xml:2794 msgid "</note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2678 +#: sssd-ldap.5.xml:2796 msgid "ldap_sudo_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2683 +#: sssd-ldap.5.xml:2801 msgid "ldap_autofs_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2647 +#: sssd-ldap.5.xml:2765 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -6647,14 +6832,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2698 sssd-simple.5.xml:131 sssd-ipa.5.xml:717 -#: sssd-ad.5.xml:1018 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 +#: sssd-ldap.5.xml:2816 sssd-simple.5.xml:131 sssd-ipa.5.xml:736 +#: sssd-ad.5.xml:1038 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 #: sssd-files.5.xml:71 sssd-session-recording.5.xml:144 msgid "EXAMPLE" msgstr "ПРИМЕР" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2700 +#: sssd-ldap.5.xml:2818 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -6662,7 +6847,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2706 +#: sssd-ldap.5.xml:2824 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -6675,27 +6860,27 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2705 sssd-ldap.5.xml:2723 sssd-simple.5.xml:139 -#: sssd-ipa.5.xml:725 sssd-ad.5.xml:1026 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 +#: sssd-ldap.5.xml:2823 sssd-ldap.5.xml:2841 sssd-simple.5.xml:139 +#: sssd-ipa.5.xml:744 sssd-ad.5.xml:1046 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 #: sssd-files.5.xml:78 sssd-session-recording.5.xml:150 #: include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2717 +#: sssd-ldap.5.xml:2835 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2719 +#: sssd-ldap.5.xml:2837 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2724 +#: sssd-ldap.5.xml:2842 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -6711,13 +6896,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2739 sssd_krb5_locator_plugin.8.xml:61 sssd-simple.5.xml:148 -#: sssd-ad.5.xml:1041 sssd.8.xml:195 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2857 sssd_krb5_locator_plugin.8.xml:61 sssd-simple.5.xml:148 +#: sssd-ad.5.xml:1061 sssd.8.xml:230 sss_seed.8.xml:163 msgid "NOTES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2741 +#: sssd-ldap.5.xml:2859 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -7123,7 +7308,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:70 sssd-ipa.5.xml:76 sssd-ad.5.xml:100 +#: sssd-simple.5.xml:70 sssd-ipa.5.xml:82 sssd-ad.5.xml:113 msgid "" "Refer to the section <quote>DOMAIN SECTIONS</quote> of the <citerefentry> " "<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" @@ -7973,7 +8158,7 @@ msgstr "" #: sss-certmap.5.xml:577 msgid "" "This template will add the OID which is stored in the registeredID component " -"of the SAN as as dotted-decimal string." +"of the SAN as a dotted-decimal string." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> @@ -8064,30 +8249,38 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:67 msgid "" +"If <quote>auth_provider=ipa</quote> or <quote>access_provider=ipa</quote> is " +"configured in sssd.conf then the id_provider must also be set to <quote>ipa</" +"quote>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:73 +msgid "" "The IPA provider will use the PAC responder if the Kerberos tickets of users " "from trusted realms contain a PAC. To make configuration easier the PAC " "responder is started automatically if the IPA ID provider is configured." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:83 +#: sssd-ipa.5.xml:89 msgid "ipa_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:86 +#: sssd-ipa.5.xml:92 msgid "" "Specifies the name of the IPA domain. This is optional. If not provided, " "the configuration domain name is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:94 +#: sssd-ipa.5.xml:100 msgid "ipa_server, ipa_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:97 +#: sssd-ipa.5.xml:103 msgid "" "The comma-separated list of IP addresses or hostnames of the IPA servers to " "which SSSD should connect in the order of preference. For more information " @@ -8097,12 +8290,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:110 +#: sssd-ipa.5.xml:116 msgid "ipa_hostname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:113 +#: sssd-ipa.5.xml:119 msgid "" "Optional. May be set on machines where the hostname(5) does not reflect the " "fully qualified name used in the IPA domain to identify this host. The " @@ -8110,12 +8303,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:122 sssd-ad.5.xml:843 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:863 msgid "dyndns_update (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:125 +#: sssd-ipa.5.xml:131 msgid "" "Optional. This option tells SSSD to automatically update the DNS server " "built into FreeIPA with the IP address of this client. The update is secured " @@ -8125,14 +8318,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:134 sssd-ad.5.xml:857 +#: sssd-ipa.5.xml:140 sssd-ad.5.xml:877 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:139 +#: sssd-ipa.5.xml:145 msgid "" "NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_update</" "emphasis> option, users should migrate to using <emphasis>dyndns_update</" @@ -8140,12 +8333,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:151 sssd-ad.5.xml:868 +#: sssd-ipa.5.xml:157 sssd-ad.5.xml:888 msgid "dyndns_ttl (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:154 sssd-ad.5.xml:871 +#: sssd-ipa.5.xml:160 sssd-ad.5.xml:891 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -8153,7 +8346,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:159 +#: sssd-ipa.5.xml:165 msgid "" "NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_ttl</" "emphasis> option, users should migrate to using <emphasis>dyndns_ttl</" @@ -8161,17 +8354,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:165 +#: sssd-ipa.5.xml:171 msgid "Default: 1200 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:171 sssd-ad.5.xml:882 +#: sssd-ipa.5.xml:177 sssd-ad.5.xml:902 msgid "dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:174 sssd-ad.5.xml:885 +#: sssd-ipa.5.xml:180 sssd-ad.5.xml:905 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " @@ -8180,7 +8373,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:181 +#: sssd-ipa.5.xml:187 msgid "" "NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_iface</" "emphasis> option, users should migrate to using <emphasis>dyndns_iface</" @@ -8188,24 +8381,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:187 +#: sssd-ipa.5.xml:193 msgid "" "Default: Use the IP addresses of the interface which is used for IPA LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:191 sssd-ad.5.xml:896 +#: sssd-ipa.5.xml:197 sssd-ad.5.xml:916 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:197 sssd-ad.5.xml:947 +#: sssd-ipa.5.xml:203 sssd-ad.5.xml:967 msgid "dyndns_auth (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:200 sssd-ad.5.xml:950 +#: sssd-ipa.5.xml:206 sssd-ad.5.xml:970 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " @@ -8213,22 +8406,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:206 sssd-ad.5.xml:956 +#: sssd-ipa.5.xml:212 sssd-ad.5.xml:976 msgid "Default: GSS-TSIG" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:212 +#: sssd-ipa.5.xml:218 msgid "ipa_enable_dns_sites (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:215 sssd-ad.5.xml:197 +#: sssd-ipa.5.xml:221 sssd-ad.5.xml:210 msgid "Enables DNS sites - location based service discovery." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:219 +#: sssd-ipa.5.xml:225 msgid "" "If true and service discovery (see Service Discovery paragraph at the bottom " "of the man page) is enabled, then the SSSD will first attempt location " @@ -8240,12 +8433,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:238 sssd-ad.5.xml:902 +#: sssd-ipa.5.xml:244 sssd-ad.5.xml:922 msgid "dyndns_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:241 +#: sssd-ipa.5.xml:247 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -8253,230 +8446,217 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:254 sssd-ad.5.xml:920 +#: sssd-ipa.5.xml:260 sssd-ad.5.xml:940 msgid "dyndns_update_ptr (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:257 sssd-ad.5.xml:923 +#: sssd-ipa.5.xml:263 sssd-ad.5.xml:943 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:262 +#: sssd-ipa.5.xml:268 msgid "" "This option should be False in most IPA deployments as the IPA server " "generates the PTR records automatically when forward records are changed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:268 +#: sssd-ipa.5.xml:274 msgid "Default: False (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:274 sssd-ad.5.xml:934 +#: sssd-ipa.5.xml:280 sssd-ad.5.xml:954 msgid "dyndns_force_tcp (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:277 sssd-ad.5.xml:937 +#: sssd-ipa.5.xml:283 sssd-ad.5.xml:957 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:281 sssd-ad.5.xml:941 +#: sssd-ipa.5.xml:287 sssd-ad.5.xml:961 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:287 sssd-ad.5.xml:962 +#: sssd-ipa.5.xml:293 sssd-ad.5.xml:982 msgid "dyndns_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:290 sssd-ad.5.xml:965 +#: sssd-ipa.5.xml:296 sssd-ad.5.xml:985 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:295 sssd-ad.5.xml:970 +#: sssd-ipa.5.xml:301 sssd-ad.5.xml:990 msgid "" "Setting this option makes sense for environments where the DNS server is " "different from the identity server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:300 sssd-ad.5.xml:975 +#: sssd-ipa.5.xml:306 sssd-ad.5.xml:995 msgid "" "Please note that this option will be only used in fallback attempt when " "previous attempt using autodetected settings failed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:305 sssd-ad.5.xml:980 +#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1000 msgid "Default: None (let nsupdate choose the server)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:311 +#: sssd-ipa.5.xml:317 msgid "ipa_deskprofile_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:314 +#: sssd-ipa.5.xml:320 msgid "" "Optional. Use the given string as search base for Desktop Profile related " "objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:318 sssd-ipa.5.xml:331 +#: sssd-ipa.5.xml:324 sssd-ipa.5.xml:337 msgid "Default: Use base DN" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:324 +#: sssd-ipa.5.xml:330 msgid "ipa_hbac_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:327 +#: sssd-ipa.5.xml:333 msgid "Optional. Use the given string as search base for HBAC related objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:337 +#: sssd-ipa.5.xml:343 msgid "ipa_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:340 -msgid "Optional. Use the given string as search base for host objects." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:344 sssd-ipa.5.xml:363 sssd-ipa.5.xml:382 sssd-ipa.5.xml:401 -#: sssd-ipa.5.xml:420 -msgid "" -"See <quote>ldap_search_base</quote> for information about configuring " -"multiple search bases." -msgstr "" - -#. type: Content of: <listitem><para> -#: sssd-ipa.5.xml:349 sssd-ipa.5.xml:368 include/ldap_search_bases.xml:27 -msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" +#: sssd-ipa.5.xml:346 +msgid "Deprecated. Use ldap_host_search_base instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:356 +#: sssd-ipa.5.xml:352 msgid "ipa_selinux_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:359 +#: sssd-ipa.5.xml:355 msgid "Optional. Use the given string as search base for SELinux user maps." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:375 +#: sssd-ipa.5.xml:371 msgid "ipa_subdomains_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:378 +#: sssd-ipa.5.xml:374 msgid "Optional. Use the given string as search base for trusted domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:387 +#: sssd-ipa.5.xml:383 msgid "Default: the value of <emphasis>cn=trusts,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:394 +#: sssd-ipa.5.xml:390 msgid "ipa_master_domain_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:397 +#: sssd-ipa.5.xml:393 msgid "Optional. Use the given string as search base for master domain object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:406 +#: sssd-ipa.5.xml:402 msgid "Default: the value of <emphasis>cn=ad,cn=etc,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:413 +#: sssd-ipa.5.xml:409 msgid "ipa_views_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:416 +#: sssd-ipa.5.xml:412 msgid "Optional. Use the given string as search base for views containers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:425 +#: sssd-ipa.5.xml:421 msgid "Default: the value of <emphasis>cn=views,cn=accounts,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:435 +#: sssd-ipa.5.xml:431 msgid "" "The name of the Kerberos realm. This is optional and defaults to the value " "of <quote>ipa_domain</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:439 +#: sssd-ipa.5.xml:435 msgid "" "The name of the Kerberos realm has a special meaning in IPA - it is " "converted into the base DN to use for performing LDAP operations." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:447 sssd-ad.5.xml:989 +#: sssd-ipa.5.xml:443 sssd-ad.5.xml:1009 msgid "krb5_confd_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:450 sssd-ad.5.xml:992 +#: sssd-ipa.5.xml:446 sssd-ad.5.xml:1012 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:454 sssd-ad.5.xml:996 +#: sssd-ipa.5.xml:450 sssd-ad.5.xml:1016 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:458 sssd-ad.5.xml:1000 +#: sssd-ipa.5.xml:454 sssd-ad.5.xml:1020 msgid "" "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:465 +#: sssd-ipa.5.xml:461 #, fuzzy #| msgid "reconnection_retries (integer)" msgid "ipa_deskprofile_refresh (integer)" msgstr "попыток_соединения (целое число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:468 +#: sssd-ipa.5.xml:464 msgid "" "The amount of time between lookups of the Desktop Profile rules against the " "IPA server. This will reduce the latency and load on the IPA server if there " @@ -8484,36 +8664,36 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:475 sssd-ipa.5.xml:505 sssd-ipa.5.xml:521 sssd-ad.5.xml:408 +#: sssd-ipa.5.xml:471 sssd-ipa.5.xml:501 sssd-ipa.5.xml:517 sssd-ad.5.xml:428 msgid "Default: 5 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:481 +#: sssd-ipa.5.xml:477 msgid "ipa_deskprofile_request_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:484 +#: sssd-ipa.5.xml:480 msgid "" "The amount of time between lookups of the Desktop Profile rules against the " "IPA server in case the last request did not return any rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:489 +#: sssd-ipa.5.xml:485 #, fuzzy #| msgid "Default: 0 (No limit)" msgid "Default: 60 (minutes)" msgstr "По умолчанию: 0 (неограничено)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:495 +#: sssd-ipa.5.xml:491 msgid "ipa_hbac_refresh (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:498 +#: sssd-ipa.5.xml:494 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server. " "This will reduce the latency and load on the IPA server if there are many " @@ -8521,12 +8701,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:511 +#: sssd-ipa.5.xml:507 msgid "ipa_hbac_selinux (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:514 +#: sssd-ipa.5.xml:510 msgid "" "The amount of time between lookups of the SELinux maps against the IPA " "server. This will reduce the latency and load on the IPA server if there are " @@ -8534,192 +8714,214 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:527 +#: sssd-ipa.5.xml:523 msgid "ipa_server_mode (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:530 +#: sssd-ipa.5.xml:526 msgid "" "This option will be set by the IPA installer (ipa-server-install) " "automatically and denotes if SSSD is running on an IPA server or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:535 +#: sssd-ipa.5.xml:531 msgid "" "On an IPA server SSSD will lookup users and groups from trusted domains " "directly while on a client it will ask an IPA server." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:536 +msgid "" +"NOTE: There are currently some assumptions that must be met when SSSD is " +"running on an IPA server." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ipa.5.xml:541 +msgid "" +"The <quote>ipa_server</quote> option must be configured to point to the IPA " +"server itself. This is already the default set by the IPA installer, so no " +"manual change is required." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ipa.5.xml:550 +msgid "" +"The <quote>full_name_format</quote> option must not be tweaked to only print " +"short names for users from trusted domains." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:546 +#: sssd-ipa.5.xml:565 msgid "ipa_automount_location (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:549 +#: sssd-ipa.5.xml:568 msgid "The automounter location this IPA client will be using" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:552 +#: sssd-ipa.5.xml:571 msgid "Default: The location named \"default\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:560 +#: sssd-ipa.5.xml:579 msgid "VIEWS AND OVERRIDES" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:569 +#: sssd-ipa.5.xml:588 msgid "ipa_view_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:572 +#: sssd-ipa.5.xml:591 msgid "Objectclass of the view container." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:575 +#: sssd-ipa.5.xml:594 msgid "Default: nsContainer" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:581 +#: sssd-ipa.5.xml:600 msgid "ipa_view_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:584 +#: sssd-ipa.5.xml:603 msgid "Name of the attribute holding the name of the view." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:594 +#: sssd-ipa.5.xml:613 msgid "ipa_override_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:597 +#: sssd-ipa.5.xml:616 msgid "Objectclass of the override objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:600 +#: sssd-ipa.5.xml:619 msgid "Default: ipaOverrideAnchor" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:606 +#: sssd-ipa.5.xml:625 msgid "ipa_anchor_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:609 +#: sssd-ipa.5.xml:628 msgid "" "Name of the attribute containing the reference to the original object in a " "remote domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:613 +#: sssd-ipa.5.xml:632 msgid "Default: ipaAnchorUUID" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:619 +#: sssd-ipa.5.xml:638 msgid "ipa_user_override_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:622 +#: sssd-ipa.5.xml:641 msgid "" "Name of the objectclass for user overrides. It is used to determine if the " "found override object is related to a user or a group." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:627 +#: sssd-ipa.5.xml:646 msgid "User overrides can contain attributes given by" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:630 +#: sssd-ipa.5.xml:649 msgid "ldap_user_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:633 +#: sssd-ipa.5.xml:652 msgid "ldap_user_uid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:636 +#: sssd-ipa.5.xml:655 msgid "ldap_user_gid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:639 +#: sssd-ipa.5.xml:658 msgid "ldap_user_gecos" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:642 +#: sssd-ipa.5.xml:661 msgid "ldap_user_home_directory" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:645 +#: sssd-ipa.5.xml:664 msgid "ldap_user_shell" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:648 +#: sssd-ipa.5.xml:667 msgid "ldap_user_ssh_public_key" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:653 +#: sssd-ipa.5.xml:672 msgid "Default: ipaUserOverride" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:659 +#: sssd-ipa.5.xml:678 msgid "ipa_group_override_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:662 +#: sssd-ipa.5.xml:681 msgid "" "Name of the objectclass for group overrides. It is used to determine if the " "found override object is related to a user or a group." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:667 +#: sssd-ipa.5.xml:686 msgid "Group overrides can contain attributes given by" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:670 +#: sssd-ipa.5.xml:689 msgid "ldap_group_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:673 +#: sssd-ipa.5.xml:692 msgid "ldap_group_gid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:678 +#: sssd-ipa.5.xml:697 msgid "Default: ipaGroupOverride" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:562 +#: sssd-ipa.5.xml:581 msgid "" "SSSD can handle views and overrides which are offered by FreeIPA 4.1 and " "later version. Since all paths and objectclasses are fixed on the server " @@ -8729,19 +8931,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ipa.5.xml:690 +#: sssd-ipa.5.xml:709 msgid "SUBDOMAINS PROVIDER" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:692 +#: sssd-ipa.5.xml:711 msgid "" "The IPA subdomains provider behaves slightly differently if it is configured " "explicitly or implicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:696 +#: sssd-ipa.5.xml:715 msgid "" "If the option 'subdomains_provider = ipa' is found in the domain section of " "sssd.conf, the IPA subdomains provider is configured explicitly, and all " @@ -8749,7 +8951,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:702 +#: sssd-ipa.5.xml:721 msgid "" "If the option 'subdomains_provider' is not set in the domain section of sssd." "conf but there is the option 'id_provider = ipa', the IPA subdomains " @@ -8761,7 +8963,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:719 +#: sssd-ipa.5.xml:738 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -8769,7 +8971,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:726 +#: sssd-ipa.5.xml:745 #, no-wrap msgid "" "[domain/example.com]\n" @@ -8805,7 +9007,7 @@ msgid "" "This provider requires that the machine be joined to the AD domain and a " "keytab is available. Back end communication occurs over a GSSAPI-encrypted " "channel, SSL/TLS options should not be used with the AD provider and will be " -"superceded by Kerberos usage." +"superseded by Kerberos usage." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> @@ -8853,8 +9055,16 @@ msgid "" "side." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ad.5.xml:79 +msgid "" +"If <quote>auth_provider=ad</quote> or <quote>access_provider=ad</quote> is " +"configured in sssd.conf then the id_provider must also be set to <quote>ad</" +"quote>." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:85 +#: sssd-ad.5.xml:91 #, no-wrap msgid "" "ldap_id_mapping = False\n" @@ -8862,20 +9072,25 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:79 +#: sssd-ad.5.xml:85 msgid "" "By default, the AD provider will map UID and GID values from the objectSID " "parameter in Active Directory. For details on this, see the <quote>ID " "MAPPING</quote> section below. If you want to disable ID mapping and instead " "rely on POSIX attributes defined in Active Directory, you should set " -"<placeholder type=\"programlisting\" id=\"0\"/> In order to retrieve users " -"and groups using POSIX attributes from trusted domains, the AD administrator " -"must make sure that the POSIX attributes are replicated to the Global " -"Catalog." +"<placeholder type=\"programlisting\" id=\"0\"/> If POSIX attributes should " +"be used, it is recommended for performance reasons that the attributes are " +"also replicated to the Global Catalog. If POSIX attributes are replicated, " +"SSSD will attempt to locate the domain of a requested numerical ID with the " +"help of the Global Catalog and only search that domain. In contrast, if " +"POSIX attributes are not replicated to the Global Catalog, SSSD must search " +"all the domains in the forest sequentially. Please note that the " +"<quote>cache_first</quote> option might be also helpful in speeding up " +"domainless searches." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:92 +#: sssd-ad.5.xml:105 msgid "" "Users, groups and other entities served by SSSD are always treated as case-" "insensitive in the AD provider for compatibility with Active Directory's " @@ -8883,38 +9098,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:107 +#: sssd-ad.5.xml:120 msgid "ad_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:110 +#: sssd-ad.5.xml:123 msgid "" "Specifies the name of the Active Directory domain. This is optional. If not " "provided, the configuration domain name is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:115 +#: sssd-ad.5.xml:128 msgid "" "For proper operation, this option should be specified as the lower-case " "version of the long version of the Active Directory domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:120 +#: sssd-ad.5.xml:133 msgid "" "The short domain name (also known as the NetBIOS or the flat name) is " "autodetected by the SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:127 +#: sssd-ad.5.xml:140 msgid "ad_enabled_domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:130 +#: sssd-ad.5.xml:143 msgid "" "A comma-separated list of enabled Active Directory domains. If provided, " "SSSD will ignore any domains not listed in this option. If left unset, all " @@ -8922,7 +9137,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:140 +#: sssd-ad.5.xml:153 #, no-wrap msgid "" "ad_enabled_domains = sales.example.com, eng.example.com\n" @@ -8930,7 +9145,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:136 +#: sssd-ad.5.xml:149 msgid "" "For proper operation, this option must be specified in all lower-case and as " "the fully qualified domain name of the Active Directory domain. For example: " @@ -8938,19 +9153,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:144 +#: sssd-ad.5.xml:157 msgid "" "The short domain name (also known as the NetBIOS or the flat name) will be " "autodetected by SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:154 +#: sssd-ad.5.xml:167 msgid "ad_server, ad_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:157 +#: sssd-ad.5.xml:170 msgid "" "The comma-separated list of hostnames of the AD servers to which SSSD should " "connect in order of preference. For more information on failover and server " @@ -8958,26 +9173,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:164 +#: sssd-ad.5.xml:177 msgid "" "This is optional if autodiscovery is enabled. For more information on " "service discovery, refer to the <quote>SERVICE DISCOVERY</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:169 +#: sssd-ad.5.xml:182 msgid "" "Note: Trusted domains will always auto-discover servers even if the primary " "server is explicitly defined in the ad_server option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:177 +#: sssd-ad.5.xml:190 msgid "ad_hostname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:180 +#: sssd-ad.5.xml:193 msgid "" "Optional. May be set on machines where the hostname(5) does not reflect the " "fully qualified name used in the Active Directory domain to identify this " @@ -8985,19 +9200,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:186 +#: sssd-ad.5.xml:199 msgid "" "This field is used to determine the host principal in use in the keytab. It " "must match the hostname for which the keytab was issued." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:194 +#: sssd-ad.5.xml:207 msgid "ad_enable_dns_sites (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:201 +#: sssd-ad.5.xml:214 msgid "" "If true and service discovery (see Service Discovery paragraph at the bottom " "of the man page) is enabled, the SSSD will first attempt to discover the " @@ -9008,12 +9223,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:217 +#: sssd-ad.5.xml:230 msgid "ad_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:220 +#: sssd-ad.5.xml:233 msgid "" "This option specifies LDAP access control filter that the user must match in " "order to be allowed access. Please note that the <quote>access_provider</" @@ -9022,7 +9237,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:228 +#: sssd-ad.5.xml:241 msgid "" "The option also supports specifying different filters per domain or forest. " "This extended filter would consist of: <quote>KEYWORD:NAME:FILTER</quote>. " @@ -9031,7 +9246,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:236 +#: sssd-ad.5.xml:249 msgid "" "If the keyword equals to <quote>DOM</quote> or is missing, then <quote>NAME</" "quote> specifies the domain or subdomain the filter applies to. If the " @@ -9040,14 +9255,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:244 +#: sssd-ad.5.xml:257 msgid "" "Multiple filters can be separated with the <quote>?</quote> character, " "similarly to how search bases work." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:249 +#: sssd-ad.5.xml:262 msgid "" "Nested group membership must be searched for using a special OID " "<quote>:1.2.840.113556.1.4.1941:</quote> in addition to the full DOM:domain." @@ -9060,7 +9275,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:262 +#: sssd-ad.5.xml:275 msgid "" "The most specific match is always used. For example, if the option specified " "filter for a domain the user is a member of and a global filter, the per-" @@ -9069,7 +9284,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ad.5.xml:273 +#: sssd-ad.5.xml:286 #, no-wrap msgid "" "# apply filter on domain called dom1 only:\n" @@ -9087,24 +9302,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:292 +#: sssd-ad.5.xml:305 msgid "ad_site (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:295 +#: sssd-ad.5.xml:308 msgid "" "Specify AD site to which client should try to connect. If this option is " "not provided, the AD site will be auto-discovered." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:306 +#: sssd-ad.5.xml:319 msgid "ad_enable_gc (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:309 +#: sssd-ad.5.xml:322 msgid "" "By default, the SSSD connects to the Global Catalog first to retrieve users " "from trusted domains and uses the LDAP port to retrieve group memberships or " @@ -9113,7 +9328,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:317 +#: sssd-ad.5.xml:330 msgid "" "Please note that disabling Global Catalog support does not disable " "retrieving users from trusted domains. The SSSD would connect to the LDAP " @@ -9122,12 +9337,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:331 +#: sssd-ad.5.xml:344 msgid "ad_gpo_access_control (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:334 +#: sssd-ad.5.xml:347 msgid "" "This option specifies the operation mode for GPO-based access control " "functionality: whether it operates in disabled mode, enforcing mode, or " @@ -9137,14 +9352,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:343 +#: sssd-ad.5.xml:356 msgid "" "GPO-based access control functionality uses GPO policy settings to determine " "whether or not a particular user is allowed to logon to a particular host." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:349 +#: sssd-ad.5.xml:362 +msgid "" +"NOTE: The current version of SSSD does not support host (computer) entries " +"in the GPO 'Security Filtering' list. Only user and group entries are " +"supported. Host entries in the list have no effect." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:369 msgid "" "NOTE: If the operation mode is set to enforcing, it is possible that users " "that were previously allowed logon access will now be denied logon access " @@ -9157,23 +9380,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:362 +#: sssd-ad.5.xml:382 msgid "There are three supported values for this option:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:366 +#: sssd-ad.5.xml:386 msgid "" "disabled: GPO-based access control rules are neither evaluated nor enforced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:372 +#: sssd-ad.5.xml:392 msgid "enforcing: GPO-based access control rules are evaluated and enforced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:378 +#: sssd-ad.5.xml:398 msgid "" "permissive: GPO-based access control rules are evaluated, but not enforced. " "Instead, a syslog message will be emitted indicating that the user would " @@ -9181,22 +9404,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:389 +#: sssd-ad.5.xml:409 msgid "Default: permissive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:392 +#: sssd-ad.5.xml:412 msgid "Default: enforcing" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:398 +#: sssd-ad.5.xml:418 msgid "ad_gpo_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:401 +#: sssd-ad.5.xml:421 msgid "" "The amount of time between lookups of GPO policy files against the AD " "server. This will reduce the latency and load on the AD server if there are " @@ -9204,12 +9427,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:414 +#: sssd-ad.5.xml:434 msgid "ad_gpo_map_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:417 +#: sssd-ad.5.xml:437 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the InteractiveLogonRight and " @@ -9217,14 +9440,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:423 +#: sssd-ad.5.xml:443 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on locally\" and \"Deny log on locally\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:437 +#: sssd-ad.5.xml:457 #, no-wrap msgid "" "ad_gpo_map_interactive = +my_pam_service, -login\n" @@ -9232,7 +9455,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:428 +#: sssd-ad.5.xml:448 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9244,78 +9467,78 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:441 sssd-ad.5.xml:537 sssd-ad.5.xml:583 sssd-ad.5.xml:628 -#: sssd-ad.5.xml:694 +#: sssd-ad.5.xml:461 sssd-ad.5.xml:557 sssd-ad.5.xml:603 sssd-ad.5.xml:648 +#: sssd-ad.5.xml:714 msgid "Default: the default set of PAM service names includes:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:445 +#: sssd-ad.5.xml:465 msgid "login" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:450 +#: sssd-ad.5.xml:470 msgid "su" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:455 +#: sssd-ad.5.xml:475 msgid "su-l" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:460 +#: sssd-ad.5.xml:480 msgid "gdm-fingerprint" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:465 +#: sssd-ad.5.xml:485 msgid "gdm-password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:470 +#: sssd-ad.5.xml:490 msgid "gdm-smartcard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:475 +#: sssd-ad.5.xml:495 msgid "kdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:480 +#: sssd-ad.5.xml:500 msgid "lightdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:485 +#: sssd-ad.5.xml:505 msgid "lxdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:490 +#: sssd-ad.5.xml:510 msgid "sddm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:495 +#: sssd-ad.5.xml:515 msgid "unity" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:500 +#: sssd-ad.5.xml:520 msgid "xdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:509 +#: sssd-ad.5.xml:529 msgid "ad_gpo_map_remote_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:512 +#: sssd-ad.5.xml:532 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the RemoteInteractiveLogonRight and " @@ -9323,7 +9546,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:518 +#: sssd-ad.5.xml:538 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on through Remote Desktop Services\" and \"Deny log on through Remote " @@ -9331,7 +9554,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:533 +#: sssd-ad.5.xml:553 #, no-wrap msgid "" "ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n" @@ -9339,7 +9562,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:524 +#: sssd-ad.5.xml:544 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9351,22 +9574,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:541 +#: sssd-ad.5.xml:561 msgid "sshd" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:546 +#: sssd-ad.5.xml:566 msgid "cockpit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:555 +#: sssd-ad.5.xml:575 msgid "ad_gpo_map_network (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:558 +#: sssd-ad.5.xml:578 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the NetworkLogonRight and " @@ -9374,7 +9597,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:564 +#: sssd-ad.5.xml:584 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Access " "this computer from the network\" and \"Deny access to this computer from the " @@ -9382,7 +9605,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:579 +#: sssd-ad.5.xml:599 #, no-wrap msgid "" "ad_gpo_map_network = +my_pam_service, -ftp\n" @@ -9390,7 +9613,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:570 +#: sssd-ad.5.xml:590 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9402,22 +9625,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:587 +#: sssd-ad.5.xml:607 msgid "ftp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:592 +#: sssd-ad.5.xml:612 msgid "samba" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:601 +#: sssd-ad.5.xml:621 msgid "ad_gpo_map_batch (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:604 +#: sssd-ad.5.xml:624 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " @@ -9425,14 +9648,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:610 +#: sssd-ad.5.xml:630 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a batch job\" and \"Deny log on as a batch job\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:624 +#: sssd-ad.5.xml:644 #, no-wrap msgid "" "ad_gpo_map_batch = +my_pam_service, -crond\n" @@ -9440,7 +9663,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:615 +#: sssd-ad.5.xml:635 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9452,17 +9675,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:632 +#: sssd-ad.5.xml:652 msgid "crond" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:641 +#: sssd-ad.5.xml:661 msgid "ad_gpo_map_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:644 +#: sssd-ad.5.xml:664 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the ServiceLogonRight and " @@ -9470,14 +9693,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:650 +#: sssd-ad.5.xml:670 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a service\" and \"Deny log on as a service\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:663 +#: sssd-ad.5.xml:683 #, no-wrap msgid "" "ad_gpo_map_service = +my_pam_service\n" @@ -9485,7 +9708,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:655 sssd-ad.5.xml:730 +#: sssd-ad.5.xml:675 sssd-ad.5.xml:750 msgid "" "It is possible to add a PAM service name to the default set by using <quote>" "+service_name</quote>. Since the default set is empty, it is not possible " @@ -9496,19 +9719,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:673 +#: sssd-ad.5.xml:693 msgid "ad_gpo_map_permit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:676 +#: sssd-ad.5.xml:696 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always granted, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:690 +#: sssd-ad.5.xml:710 #, no-wrap msgid "" "ad_gpo_map_permit = +my_pam_service, -sudo\n" @@ -9516,7 +9739,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:681 +#: sssd-ad.5.xml:701 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9528,39 +9751,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:698 +#: sssd-ad.5.xml:718 msgid "polkit-1" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:703 +#: sssd-ad.5.xml:723 msgid "sudo" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:708 +#: sssd-ad.5.xml:728 msgid "sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:713 +#: sssd-ad.5.xml:733 msgid "systemd-user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:722 +#: sssd-ad.5.xml:742 msgid "ad_gpo_map_deny (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:725 +#: sssd-ad.5.xml:745 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always denied, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:738 +#: sssd-ad.5.xml:758 #, no-wrap msgid "" "ad_gpo_map_deny = +my_pam_service\n" @@ -9568,12 +9791,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:748 +#: sssd-ad.5.xml:768 msgid "ad_gpo_default_right (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:751 +#: sssd-ad.5.xml:771 msgid "" "This option defines how access control is evaluated for PAM service names " "that are not explicitly listed in one of the ad_gpo_map_* options. This " @@ -9586,57 +9809,57 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:764 +#: sssd-ad.5.xml:784 msgid "Supported values for this option include:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:768 +#: sssd-ad.5.xml:788 msgid "interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:773 +#: sssd-ad.5.xml:793 msgid "remote_interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:778 +#: sssd-ad.5.xml:798 msgid "network" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:783 +#: sssd-ad.5.xml:803 msgid "batch" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:788 +#: sssd-ad.5.xml:808 msgid "service" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:793 +#: sssd-ad.5.xml:813 msgid "permit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:798 +#: sssd-ad.5.xml:818 msgid "deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:804 +#: sssd-ad.5.xml:824 msgid "Default: deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:810 +#: sssd-ad.5.xml:830 msgid "ad_maximum_machine_account_password_age (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:813 +#: sssd-ad.5.xml:833 msgid "" "SSSD will check once a day if the machine account password is older than the " "given age in days and try to renew it. A value of 0 will disable the renewal " @@ -9644,17 +9867,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:819 +#: sssd-ad.5.xml:839 msgid "Default: 30 days" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:825 +#: sssd-ad.5.xml:845 msgid "ad_machine_account_password_renewal_opts (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:828 +#: sssd-ad.5.xml:848 msgid "" "This option should only be used to test the machine account renewal task. " "The option expects 2 integers separated by a colon (':'). The first integer " @@ -9664,12 +9887,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:837 +#: sssd-ad.5.xml:857 msgid "Default: 86400:750 (24h and 15m)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:846 +#: sssd-ad.5.xml:866 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -9680,19 +9903,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:876 +#: sssd-ad.5.xml:896 msgid "Default: 3600 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:892 +#: sssd-ad.5.xml:912 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:905 +#: sssd-ad.5.xml:925 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -9702,12 +9925,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:928 sss_rpcidmapd.5.xml:76 +#: sssd-ad.5.xml:948 sss_rpcidmapd.5.xml:76 msgid "Default: True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1020 +#: sssd-ad.5.xml:1040 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -9715,7 +9938,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1027 +#: sssd-ad.5.xml:1047 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -9730,7 +9953,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1047 +#: sssd-ad.5.xml:1067 #, no-wrap msgid "" "access_provider = ldap\n" @@ -9739,7 +9962,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1043 +#: sssd-ad.5.xml:1063 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -9747,7 +9970,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1053 +#: sssd-ad.5.xml:1073 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -9757,7 +9980,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1061 +#: sssd-ad.5.xml:1081 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " @@ -10067,33 +10290,73 @@ msgid "" "files for every SSSD service and domain." msgstr "" +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:94 +msgid "" +"This option is deprecated. It is replaced by <option>--logger=files</option>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sssd.8.xml:101 +msgid "<option>--logger=</option><replaceable>value</replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:105 +msgid "" +"Location where SSSD will send log messages. This option overrides the value " +"of the deprecated option <option>--debug-to-files</option>. The deprecated " +"option will still work if the <option>--logger</option> is not used." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:112 +msgid "" +"<emphasis>stderr</emphasis>: Redirect debug messages to standard error " +"output." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:116 +msgid "" +"<emphasis>files</emphasis>: Redirect debug messages to the log files. By " +"default, the log files are stored in <filename>/var/log/sssd</filename> and " +"there are separate log files for every SSSD service and domain." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:122 +msgid "" +"<emphasis>journald</emphasis>: Redirect debug messages to systemd-journald" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:97 +#: sssd.8.xml:132 msgid "<option>-D</option>,<option>--daemon</option>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:101 +#: sssd.8.xml:136 msgid "Become a daemon after starting up." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:107 sss_seed.8.xml:136 +#: sssd.8.xml:142 sss_seed.8.xml:136 msgid "<option>-i</option>,<option>--interactive</option>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:111 +#: sssd.8.xml:146 msgid "Run in the foreground, don't become a daemon." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:117 +#: sssd.8.xml:152 msgid "<option>-c</option>,<option>--config</option>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:121 +#: sssd.8.xml:156 msgid "" "Specify a non-default config file. The default is <filename>/etc/sssd/sssd." "conf</filename>. For reference on the config file syntax and options, " @@ -10102,39 +10365,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:135 +#: sssd.8.xml:170 msgid "<option>--version</option>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:139 +#: sssd.8.xml:174 msgid "Print version number and exit." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.8.xml:147 +#: sssd.8.xml:182 msgid "Signals" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:150 +#: sssd.8.xml:185 msgid "SIGTERM/SIGINT" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:153 +#: sssd.8.xml:188 msgid "" "Informs the SSSD to gracefully terminate all of its child processes and then " "shut down the monitor." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:159 +#: sssd.8.xml:194 msgid "SIGHUP" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:162 +#: sssd.8.xml:197 msgid "" "Tells the SSSD to stop writing to its current debug file descriptors and to " "close and reopen them. This is meant to facilitate log rolling with programs " @@ -10142,12 +10405,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:170 +#: sssd.8.xml:205 msgid "SIGUSR1" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:173 +#: sssd.8.xml:208 msgid "" "Tells the SSSD to simulate offline operation for the duration of the " "<quote>offline_timeout</quote> parameter. This is useful for testing. The " @@ -10156,12 +10419,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:182 +#: sssd.8.xml:217 msgid "SIGUSR2" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:185 +#: sssd.8.xml:220 msgid "" "Tells the SSSD to go online immediately. This is useful for testing. The " "signal can be sent to either the sssd process or any sssd_be process " @@ -10169,7 +10432,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.8.xml:197 +#: sssd.8.xml:232 msgid "" "If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", client " "applications will not use the fast in memory cache." @@ -12527,7 +12790,7 @@ msgid "" "project was born to deal with this problem in cloud like environments, but " "we found the idea compelling even at a single system level. As a security " "service, SSSD is ideal to host this capability while offering the same API " -"via a Unix Socket. This will make it possible to use local calls and have " +"via a UNIX Socket. This will make it possible to use local calls and have " "them transparently routed to a local or a remote key management store like " "IPA Vault for storage, escrow and recovery." msgstr "" diff --git a/src/man/po/sssd-docs.pot b/src/man/po/sssd-docs.pot index d6f6ac3b732..2062228e573 100644 --- a/src/man/po/sssd-docs.pot +++ b/src/man/po/sssd-docs.pot @@ -6,9 +6,9 @@ #, fuzzy msgid "" msgstr "" -"Project-Id-Version: sssd-docs 1.15.4\n" +"Project-Id-Version: sssd-docs 1.16.1\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2017-10-20 16:15+0200\n" +"POT-Creation-Date: 2018-03-09 12:30+0100\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n" "Language-Team: LANGUAGE <LL@li.org>\n" @@ -254,7 +254,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:133 sssd.conf.5.xml:543 sssd.conf.5.xml:837 sssd.conf.5.xml:1467 sssd-ldap.5.xml:1722 sssd-ldap.5.xml:1819 sssd-ldap.5.xml:1881 sssd-ldap.5.xml:2447 sssd-ldap.5.xml:2512 sssd-ldap.5.xml:2530 sssd-ad.5.xml:211 sssd-ad.5.xml:325 sssd-ad.5.xml:862 sssd-krb5.5.xml:499 sssd-secrets.5.xml:351 sssd-secrets.5.xml:364 +#: sssd.conf.5.xml:133 sssd.conf.5.xml:543 sssd.conf.5.xml:837 sssd.conf.5.xml:1474 sssd-ldap.5.xml:1840 sssd-ldap.5.xml:1937 sssd-ldap.5.xml:1999 sssd-ldap.5.xml:2565 sssd-ldap.5.xml:2630 sssd-ldap.5.xml:2648 sssd-ad.5.xml:224 sssd-ad.5.xml:338 sssd-ad.5.xml:882 sssd-krb5.5.xml:499 sssd-secrets.5.xml:351 sssd-secrets.5.xml:364 msgid "Default: true" msgstr "" @@ -271,12 +271,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:146 sssd.conf.5.xml:540 sssd.conf.5.xml:721 sssd.conf.5.xml:1400 sssd.conf.5.xml:2865 sssd-ldap.5.xml:708 sssd-ldap.5.xml:1596 sssd-ldap.5.xml:1615 sssd-ldap.5.xml:1791 sssd-ldap.5.xml:2217 sssd-ipa.5.xml:145 sssd-ipa.5.xml:232 sssd-ipa.5.xml:540 sssd-krb5.5.xml:266 sssd-krb5.5.xml:300 sssd-krb5.5.xml:471 +#: sssd.conf.5.xml:146 sssd.conf.5.xml:540 sssd.conf.5.xml:721 sssd.conf.5.xml:1407 sssd.conf.5.xml:2925 sssd-ldap.5.xml:708 sssd-ldap.5.xml:1714 sssd-ldap.5.xml:1733 sssd-ldap.5.xml:1909 sssd-ldap.5.xml:2335 sssd-ipa.5.xml:151 sssd-ipa.5.xml:238 sssd-ipa.5.xml:559 sssd-krb5.5.xml:266 sssd-krb5.5.xml:300 sssd-krb5.5.xml:471 msgid "Default: false" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2255 sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 sssd-systemtap.5.xml:210 sssd-systemtap.5.xml:248 sssd-systemtap.5.xml:304 +#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2373 sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 sssd-systemtap.5.xml:210 sssd-systemtap.5.xml:248 sssd-systemtap.5.xml:304 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" @@ -299,7 +299,7 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:169 sssd.conf.5.xml:1352 sssd.conf.5.xml:2881 sssd-ldap.5.xml:1467 include/ldap_id_mapping.xml:264 +#: sssd.conf.5.xml:169 sssd.conf.5.xml:1359 sssd.conf.5.xml:2941 sssd-ldap.5.xml:1585 include/ldap_id_mapping.xml:264 msgid "Default: 10" msgstr "" @@ -314,7 +314,7 @@ msgid "The [sssd] section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:191 sssd.conf.5.xml:2970 +#: sssd.conf.5.xml:191 sssd.conf.5.xml:3030 msgid "Section parameters" msgstr "" @@ -340,7 +340,7 @@ msgstr "" msgid "" "Comma separated list of services that are started when sssd itself starts. " "<phrase condition=\"have_systemd\"> The services' list is optional on " -"platforms where systemd is supported, as they will either be socket or dbus " +"platforms where systemd is supported, as they will either be socket or D-Bus " "activated when needed. </phrase>" msgstr "" @@ -395,7 +395,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:259 sssd.conf.5.xml:2508 +#: sssd.conf.5.xml:259 sssd.conf.5.xml:2539 msgid "re_expression (string)" msgstr "" @@ -415,12 +415,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:276 sssd.conf.5.xml:2559 +#: sssd.conf.5.xml:276 sssd.conf.5.xml:2590 msgid "full_name_format (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:279 sssd.conf.5.xml:2562 +#: sssd.conf.5.xml:279 sssd.conf.5.xml:2593 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> " "<manvolnum>3</manvolnum> </citerefentry>-compatible format that describes " @@ -429,39 +429,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:290 sssd.conf.5.xml:2573 +#: sssd.conf.5.xml:290 sssd.conf.5.xml:2604 msgid "%1$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:291 sssd.conf.5.xml:2574 +#: sssd.conf.5.xml:291 sssd.conf.5.xml:2605 msgid "user name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:294 sssd.conf.5.xml:2577 +#: sssd.conf.5.xml:294 sssd.conf.5.xml:2608 msgid "%2$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:297 sssd.conf.5.xml:2580 +#: sssd.conf.5.xml:297 sssd.conf.5.xml:2611 msgid "domain name as specified in the SSSD config file." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:303 sssd.conf.5.xml:2586 +#: sssd.conf.5.xml:303 sssd.conf.5.xml:2617 msgid "%3$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:306 sssd.conf.5.xml:2589 +#: sssd.conf.5.xml:306 sssd.conf.5.xml:2620 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:287 sssd.conf.5.xml:2570 +#: sssd.conf.5.xml:287 sssd.conf.5.xml:2601 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -585,7 +585,7 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:418 sssd.conf.5.xml:1156 sssd-ldap.5.xml:679 sssd-ldap.5.xml:1555 sssd-ldap.5.xml:1567 sssd-ldap.5.xml:1649 sssd-ad.5.xml:667 sssd-ad.5.xml:742 sssd-krb5.5.xml:410 sssd-krb5.5.xml:556 sssd-secrets.5.xml:339 sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 sssd-secrets.5.xml:404 sssd-secrets.5.xml:415 include/ldap_id_mapping.xml:205 include/ldap_id_mapping.xml:216 +#: sssd.conf.5.xml:418 sssd.conf.5.xml:1163 sssd-ldap.5.xml:679 sssd-ldap.5.xml:1319 sssd-ldap.5.xml:1673 sssd-ldap.5.xml:1685 sssd-ldap.5.xml:1767 sssd-ad.5.xml:687 sssd-ad.5.xml:762 sssd.8.xml:126 sssd-krb5.5.xml:410 sssd-krb5.5.xml:556 sssd-secrets.5.xml:339 sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 sssd-secrets.5.xml:404 sssd-secrets.5.xml:415 include/ldap_id_mapping.xml:205 include/ldap_id_mapping.xml:216 msgid "Default: not set" msgstr "" @@ -772,7 +772,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:587 sssd.conf.5.xml:1364 sssd.conf.5.xml:2931 sssd-ad.5.xml:148 sssd-ad.5.xml:286 sssd-ad.5.xml:300 +#: sssd.conf.5.xml:587 sssd.conf.5.xml:1371 sssd.conf.5.xml:2991 sssd-ad.5.xml:161 sssd-ad.5.xml:299 sssd-ad.5.xml:313 msgid "Default: Not set" msgstr "" @@ -847,7 +847,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:655 sssd.conf.5.xml:687 sssd.conf.5.xml:968 sssd.conf.5.xml:1222 sssd-ldap.5.xml:1294 +#: sssd.conf.5.xml:655 sssd.conf.5.xml:687 sssd.conf.5.xml:968 sssd.conf.5.xml:1229 sssd-ldap.5.xml:1412 msgid "Default: 60" msgstr "" @@ -902,12 +902,12 @@ msgid "" "resource exhaustion on the system. The minimum acceptable value for this " "option is 60 seconds. Setting this option to 0 (zero) means that no timeout " "will be set up to the responder. This option only has effect when SSSD is " -"built with systemd support and when services are either socket or dbus " +"built with systemd support and when services are either socket or D-Bus " "activated." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:709 sssd.conf.5.xml:980 sssd.conf.5.xml:1559 sssd-ldap.5.xml:722 +#: sssd.conf.5.xml:709 sssd.conf.5.xml:981 sssd.conf.5.xml:1566 sssd-ldap.5.xml:722 msgid "Default: 300" msgstr "" @@ -985,7 +985,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:775 sssd.conf.5.xml:1421 +#: sssd.conf.5.xml:775 sssd.conf.5.xml:1428 msgid "Default: 50" msgstr "" @@ -1003,7 +1003,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:789 sssd.conf.5.xml:1445 +#: sssd.conf.5.xml:789 sssd.conf.5.xml:1452 msgid "Default: 15" msgstr "" @@ -1020,7 +1020,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:802 sssd.conf.5.xml:1210 sssd.conf.5.xml:2815 sssd.8.xml:79 +#: sssd.conf.5.xml:802 sssd.conf.5.xml:1217 sssd.conf.5.xml:2846 sssd.8.xml:79 msgid "Default: 0" msgstr "" @@ -1088,7 +1088,7 @@ msgid "" msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:856 sssd.conf.5.xml:1289 sssd.conf.5.xml:1308 sssd-krb5.5.xml:539 include/override_homedir.xml:59 +#: sssd.conf.5.xml:856 sssd.conf.5.xml:1296 sssd.conf.5.xml:1315 sssd-krb5.5.xml:539 include/override_homedir.xml:59 msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" @@ -1222,12 +1222,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:961 sssd.conf.5.xml:1215 +#: sssd.conf.5.xml:961 sssd.conf.5.xml:1222 msgid "get_domains_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:964 sssd.conf.5.xml:1218 +#: sssd.conf.5.xml:964 sssd.conf.5.xml:1225 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." @@ -1242,23 +1242,30 @@ msgstr "" #: sssd.conf.5.xml:976 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " -"valid." +"valid. Setting this option to zero will disable the in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:983 +#: sssd.conf.5.xml:984 +msgid "" +"WARNING: Disabling the in-memory cache will have significant negative impact " +"on SSSD's performance and should only be used for testing." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:990 msgid "" "NOTE: If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", " "client applications will not use the fast in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:991 sssd-ifp.5.xml:74 +#: sssd.conf.5.xml:998 sssd-ifp.5.xml:74 msgid "user_attributes (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:994 +#: sssd.conf.5.xml:1001 msgid "" "Some of the additional NSS responder requests can return more attributes " "than just the POSIX ones defined by the NSS interface. The list of " @@ -1270,96 +1277,96 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1007 +#: sssd.conf.5.xml:1014 msgid "" "To make configuration more easy the NSS responder will check the InfoPipe " "option if it is not set for the NSS responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1012 +#: sssd.conf.5.xml:1019 msgid "Default: not set, fallback to InfoPipe option" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1017 +#: sssd.conf.5.xml:1024 msgid "pwfield (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1020 +#: sssd.conf.5.xml:1027 msgid "" "The value that NSS operations that return users or groups will return for " "the <quote>password</quote> field." msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:1025 include/override_homedir.xml:56 +#: sssd.conf.5.xml:1032 include/override_homedir.xml:56 msgid "This option can also be set per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1028 +#: sssd.conf.5.xml:1035 msgid "" "Default: <quote>*</quote> (remote domains) or <quote>x</quote> (the files " "domain)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1036 +#: sssd.conf.5.xml:1043 msgid "PAM configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1038 +#: sssd.conf.5.xml:1045 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1043 +#: sssd.conf.5.xml:1050 msgid "offline_credentials_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1046 +#: sssd.conf.5.xml:1053 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1051 sssd.conf.5.xml:1064 +#: sssd.conf.5.xml:1058 sssd.conf.5.xml:1071 msgid "Default: 0 (No limit)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1057 +#: sssd.conf.5.xml:1064 msgid "offline_failed_login_attempts (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1060 +#: sssd.conf.5.xml:1067 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1070 +#: sssd.conf.5.xml:1077 msgid "offline_failed_login_delay (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1073 +#: sssd.conf.5.xml:1080 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1078 +#: sssd.conf.5.xml:1085 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -1367,59 +1374,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1084 sssd.conf.5.xml:1182 +#: sssd.conf.5.xml:1091 sssd.conf.5.xml:1189 msgid "Default: 5" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1090 +#: sssd.conf.5.xml:1097 msgid "pam_verbosity (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1093 +#: sssd.conf.5.xml:1100 msgid "" "Controls what kind of messages are shown to the user during " "authentication. The higher the number to more messages are displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1098 +#: sssd.conf.5.xml:1105 msgid "Currently sssd supports the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1101 +#: sssd.conf.5.xml:1108 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1104 +#: sssd.conf.5.xml:1111 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1108 +#: sssd.conf.5.xml:1115 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1111 +#: sssd.conf.5.xml:1118 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1115 sssd.8.xml:63 +#: sssd.conf.5.xml:1122 sssd.8.xml:63 msgid "Default: 1" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1121 +#: sssd.conf.5.xml:1128 msgid "pam_response_filter (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1124 +#: sssd.conf.5.xml:1131 msgid "" "A comma separated list of strings which allows to remove (filter) data sent " "by the PAM responder to pam_sss PAM module. There are different kind of " @@ -1428,61 +1435,61 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1132 +#: sssd.conf.5.xml:1139 msgid "" "While messages already can be controlled with the help of the pam_verbosity " "option this option allows to filter out other kind of responses as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1139 +#: sssd.conf.5.xml:1146 msgid "ENV" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1140 +#: sssd.conf.5.xml:1147 msgid "Do not send any environment variables to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1143 +#: sssd.conf.5.xml:1150 msgid "ENV:var_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1144 +#: sssd.conf.5.xml:1151 msgid "Do not send environment variable var_name to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1148 +#: sssd.conf.5.xml:1155 msgid "ENV:var_name:service" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1149 +#: sssd.conf.5.xml:1156 msgid "Do not send environment variable var_name to service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1137 +#: sssd.conf.5.xml:1144 msgid "" "Currently the following filters are supported: <placeholder " "type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1159 +#: sssd.conf.5.xml:1166 msgid "Example: ENV:KRB5CCNAME:sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1165 +#: sssd.conf.5.xml:1172 msgid "pam_id_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1168 +#: sssd.conf.5.xml:1175 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1490,7 +1497,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1174 +#: sssd.conf.5.xml:1181 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a " @@ -1500,17 +1507,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1188 +#: sssd.conf.5.xml:1195 msgid "pam_pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1191 sssd.conf.5.xml:2010 +#: sssd.conf.5.xml:1198 sssd.conf.5.xml:2028 msgid "Display a warning N days before the password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1194 +#: sssd.conf.5.xml:1201 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1518,7 +1525,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1200 sssd.conf.5.xml:2013 +#: sssd.conf.5.xml:1207 sssd.conf.5.xml:2031 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be " @@ -1526,19 +1533,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1205 +#: sssd.conf.5.xml:1212 msgid "" "This setting can be overridden by setting " "<emphasis>pwd_expiration_warning</emphasis> for a particular domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:1234 msgid "pam_trusted_users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1230 +#: sssd.conf.5.xml:1237 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to run PAM conversations against trusted domains. Users not " @@ -1548,72 +1555,72 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1240 +#: sssd.conf.5.xml:1247 msgid "Default: All users are considered trusted by default" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1244 +#: sssd.conf.5.xml:1251 msgid "" "Please note that UID 0 is always allowed to access the PAM responder even in " "case it is not in the pam_trusted_users list." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1251 +#: sssd.conf.5.xml:1258 msgid "pam_public_domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1254 +#: sssd.conf.5.xml:1261 msgid "" "Specifies the comma-separated list of domain names that are accessible even " "to untrusted users." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1258 +#: sssd.conf.5.xml:1265 msgid "Two special values for pam_public_domains option are defined:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1262 +#: sssd.conf.5.xml:1269 msgid "all (Untrusted users are allowed to access all domains in PAM responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1266 +#: sssd.conf.5.xml:1273 msgid "" "none (Untrusted users are not allowed to access any domains PAM in " "responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1270 sssd.conf.5.xml:1295 sssd.conf.5.xml:1314 sssd.conf.5.xml:1807 sssd.conf.5.xml:2751 sssd-ldap.5.xml:1850 +#: sssd.conf.5.xml:1277 sssd.conf.5.xml:1302 sssd.conf.5.xml:1321 sssd.conf.5.xml:1825 sssd.conf.5.xml:2782 sssd-ldap.5.xml:1968 msgid "Default: none" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1275 +#: sssd.conf.5.xml:1282 msgid "pam_account_expired_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1278 +#: sssd.conf.5.xml:1285 msgid "" "Allows a custom expiration message to be set, replacing the default " "'Permission denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1283 +#: sssd.conf.5.xml:1290 msgid "" "Note: Please be aware that message is only printed for the SSH service " "unless pam_verbosity is set to 3 (show all messages and debug information)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1291 +#: sssd.conf.5.xml:1298 #, no-wrap msgid "" "pam_account_expired_message = Account expired, please contact help desk.\n" @@ -1621,19 +1628,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1300 +#: sssd.conf.5.xml:1307 msgid "pam_account_locked_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1303 +#: sssd.conf.5.xml:1310 msgid "" "Allows a custom lockout message to be set, replacing the default 'Permission " "denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1310 +#: sssd.conf.5.xml:1317 #, no-wrap msgid "" "pam_account_locked_message = Account locked, please contact help desk.\n" @@ -1641,12 +1648,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1319 +#: sssd.conf.5.xml:1326 msgid "pam_cert_auth (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1322 +#: sssd.conf.5.xml:1329 msgid "" "Enable certificate based Smartcard authentication. Since this requires " "additional communication with the Smartcard which will delay the " @@ -1654,56 +1661,56 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1328 sssd-ldap.5.xml:1078 sssd-ldap.5.xml:1105 sssd-ldap.5.xml:1396 sssd-ldap.5.xml:1417 sssd-ldap.5.xml:1923 include/ldap_id_mapping.xml:244 +#: sssd.conf.5.xml:1335 sssd.conf.5.xml:2875 sssd-ldap.5.xml:1087 sssd-ldap.5.xml:1114 sssd-ldap.5.xml:1514 sssd-ldap.5.xml:1535 sssd-ldap.5.xml:2041 include/ldap_id_mapping.xml:244 msgid "Default: False" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1333 +#: sssd.conf.5.xml:1340 msgid "pam_cert_db_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1336 +#: sssd.conf.5.xml:1343 msgid "" "The path to the certificate database which contain the PKCS#11 modules to " "access the Smartcard." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1340 +#: sssd.conf.5.xml:1347 msgid "Default: /etc/pki/nssdb (NSS version)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1345 +#: sssd.conf.5.xml:1352 msgid "p11_child_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1348 +#: sssd.conf.5.xml:1355 msgid "How many seconds will pam_sss wait for p11_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1357 +#: sssd.conf.5.xml:1364 msgid "pam_app_services (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1360 +#: sssd.conf.5.xml:1367 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1373 +#: sssd.conf.5.xml:1380 msgid "SUDO configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1375 +#: sssd.conf.5.xml:1382 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> " @@ -1715,24 +1722,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1392 +#: sssd.conf.5.xml:1399 msgid "sudo_timed (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1395 +#: sssd.conf.5.xml:1402 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1407 +#: sssd.conf.5.xml:1414 msgid "sudo_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1410 +#: sssd.conf.5.xml:1417 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -1743,22 +1750,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1429 +#: sssd.conf.5.xml:1436 msgid "AUTOFS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1431 +#: sssd.conf.5.xml:1438 msgid "These options can be used to configure the autofs service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1435 +#: sssd.conf.5.xml:1442 msgid "autofs_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1438 +#: sssd.conf.5.xml:1445 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -1766,68 +1773,68 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1454 +#: sssd.conf.5.xml:1461 msgid "SSH configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1456 +#: sssd.conf.5.xml:1463 msgid "These options can be used to configure the SSH service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1460 +#: sssd.conf.5.xml:1467 msgid "ssh_hash_known_hosts (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1463 +#: sssd.conf.5.xml:1470 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1472 +#: sssd.conf.5.xml:1479 msgid "ssh_known_hosts_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1475 +#: sssd.conf.5.xml:1482 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1479 +#: sssd.conf.5.xml:1486 msgid "Default: 180" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1484 +#: sssd.conf.5.xml:1491 msgid "ca_db (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1487 +#: sssd.conf.5.xml:1494 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1492 +#: sssd.conf.5.xml:1499 msgid "Default: /etc/pki/nssdb" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1500 +#: sssd.conf.5.xml:1507 msgid "PAC responder configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1502 +#: sssd.conf.5.xml:1509 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -1838,7 +1845,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1511 +#: sssd.conf.5.xml:1518 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -1849,24 +1856,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1519 +#: sssd.conf.5.xml:1526 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1525 +#: sssd.conf.5.xml:1532 msgid "These options can be used to configure the PAC responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1529 sssd-ifp.5.xml:50 +#: sssd.conf.5.xml:1536 sssd-ifp.5.xml:50 msgid "allowed_uids (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1532 +#: sssd.conf.5.xml:1539 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -1874,12 +1881,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1538 +#: sssd.conf.5.xml:1545 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1542 +#: sssd.conf.5.xml:1549 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -1888,24 +1895,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1551 +#: sssd.conf.5.xml:1558 msgid "pac_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1554 +#: sssd.conf.5.xml:1561 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1567 +#: sssd.conf.5.xml:1574 msgid "Session recording configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1569 +#: sssd.conf.5.xml:1576 msgid "" "Session recording works in conjunction with <citerefentry> " "<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> " @@ -1916,66 +1923,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1582 +#: sssd.conf.5.xml:1589 msgid "These options can be used to configure session recording." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1586 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:1593 sssd-session-recording.5.xml:64 msgid "scope (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1593 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:1600 sssd-session-recording.5.xml:71 msgid "\"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1596 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:1603 sssd-session-recording.5.xml:74 msgid "No users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1601 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:1608 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1604 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:1611 sssd-session-recording.5.xml:82 msgid "" "Users/groups specified by <replaceable>users</replaceable> and " "<replaceable>groups</replaceable> options are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1613 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:1620 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1616 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:1623 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1589 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:1596 sssd-session-recording.5.xml:67 msgid "" "One of the following strings specifying the scope of session recording: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1623 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:1630 sssd-session-recording.5.xml:101 msgid "Default: \"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1628 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:1635 sssd-session-recording.5.xml:106 msgid "users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1631 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:1638 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording " "enabled. Matches user names as returned by NSS. I.e. after the possible " @@ -1983,17 +1990,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1637 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:1644 sssd-session-recording.5.xml:115 msgid "Default: Empty. Matches no users." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1642 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:1649 sssd-session-recording.5.xml:120 msgid "groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1645 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:1652 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " @@ -2001,7 +2008,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1651 sssd-session-recording.5.xml:129 +#: sssd.conf.5.xml:1658 sssd-session-recording.5.xml:129 msgid "" "NOTE: using this option (having it set to anything) has a considerable " "performance cost, because each uncached request for a user requires " @@ -2009,22 +2016,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1658 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:1665 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1668 +#: sssd.conf.5.xml:1675 msgid "DOMAIN SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1675 +#: sssd.conf.5.xml:1682 msgid "domain_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1678 +#: sssd.conf.5.xml:1685 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " @@ -2033,14 +2040,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1686 +#: sssd.conf.5.xml:1693 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1690 +#: sssd.conf.5.xml:1697 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " @@ -2049,38 +2056,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1698 +#: sssd.conf.5.xml:1705 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1702 +#: sssd.conf.5.xml:1709 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1706 +#: sssd.conf.5.xml:1713 msgid "Default: posix" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1712 +#: sssd.conf.5.xml:1719 msgid "min_id,max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1715 +#: sssd.conf.5.xml:1722 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1720 +#: sssd.conf.5.xml:1727 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For " @@ -2089,46 +2096,55 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1727 +#: sssd.conf.5.xml:1734 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1731 +#: sssd.conf.5.xml:1738 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1737 +#: sssd.conf.5.xml:1744 msgid "enumerate (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1740 +#: sssd.conf.5.xml:1747 msgid "" -"Determines if a domain can be enumerated. This parameter can have one of the " -"following values:" +"Determines if a domain can be enumerated, that is, whether the domain can " +"list all the users and group it contains. Note that it is not required to " +"enable enumeration in order for secondary groups to be displayed. This " +"parameter can have one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1744 +#: sssd.conf.5.xml:1755 msgid "TRUE = Users and groups are enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1747 +#: sssd.conf.5.xml:1758 msgid "FALSE = No enumerations for this domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1750 sssd.conf.5.xml:1965 sssd.conf.5.xml:2132 +#: sssd.conf.5.xml:1761 sssd.conf.5.xml:1983 sssd.conf.5.xml:2150 msgid "Default: FALSE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1753 +#: sssd.conf.5.xml:1764 +msgid "" +"Enumerating a domain requires SSSD to download and store ALL user and group " +"entries from the remote server." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1769 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -2136,18 +2152,20 @@ msgid "" "information will go directly to LDAP, though it may be slow, due to the " "heavy enumeration processing. Saving a large number of entries to cache " "after the enumeration completes might also be CPU intensive as the " -"memberships have to be recomputed." +"memberships have to be recomputed. This can lead to the " +"<quote>sssd_be</quote> process becoming unresponsive or even restarted by " +"the internal watchdog." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1766 +#: sssd.conf.5.xml:1784 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1771 +#: sssd.conf.5.xml:1789 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -2156,39 +2174,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1779 +#: sssd.conf.5.xml:1797 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1787 +#: sssd.conf.5.xml:1805 msgid "subdomain_enumerate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1794 +#: sssd.conf.5.xml:1812 msgid "all" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1795 +#: sssd.conf.5.xml:1813 msgid "All discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1798 +#: sssd.conf.5.xml:1816 msgid "none" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1799 +#: sssd.conf.5.xml:1817 msgid "No discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1790 +#: sssd.conf.5.xml:1808 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -2197,19 +2215,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1813 +#: sssd.conf.5.xml:1831 msgid "entry_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1816 +#: sssd.conf.5.xml:1834 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1820 +#: sssd.conf.5.xml:1838 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -2220,150 +2238,150 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1833 +#: sssd.conf.5.xml:1851 msgid "Default: 5400" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1839 +#: sssd.conf.5.xml:1857 msgid "entry_cache_user_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1842 +#: sssd.conf.5.xml:1860 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1846 sssd.conf.5.xml:1859 sssd.conf.5.xml:1872 sssd.conf.5.xml:1885 sssd.conf.5.xml:1898 sssd.conf.5.xml:1912 sssd.conf.5.xml:1926 +#: sssd.conf.5.xml:1864 sssd.conf.5.xml:1877 sssd.conf.5.xml:1890 sssd.conf.5.xml:1903 sssd.conf.5.xml:1916 sssd.conf.5.xml:1930 sssd.conf.5.xml:1944 msgid "Default: entry_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1852 +#: sssd.conf.5.xml:1870 msgid "entry_cache_group_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1855 +#: sssd.conf.5.xml:1873 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1865 +#: sssd.conf.5.xml:1883 msgid "entry_cache_netgroup_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1868 +#: sssd.conf.5.xml:1886 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1878 +#: sssd.conf.5.xml:1896 msgid "entry_cache_service_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1881 +#: sssd.conf.5.xml:1899 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1891 +#: sssd.conf.5.xml:1909 msgid "entry_cache_sudo_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1894 +#: sssd.conf.5.xml:1912 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1904 +#: sssd.conf.5.xml:1922 msgid "entry_cache_autofs_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1907 +#: sssd.conf.5.xml:1925 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1918 +#: sssd.conf.5.xml:1936 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1921 +#: sssd.conf.5.xml:1939 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1932 +#: sssd.conf.5.xml:1950 msgid "refresh_expired_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1935 +#: sssd.conf.5.xml:1953 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1940 +#: sssd.conf.5.xml:1958 msgid "" "The background refresh will process users, groups and netgroups in the " "cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1944 +#: sssd.conf.5.xml:1962 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1948 sssd-ldap.5.xml:746 sssd-ipa.5.xml:248 +#: sssd.conf.5.xml:1966 sssd-ldap.5.xml:746 sssd-ipa.5.xml:254 msgid "Default: 0 (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1954 +#: sssd.conf.5.xml:1972 msgid "cache_credentials (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1957 +#: sssd.conf.5.xml:1975 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1961 +#: sssd.conf.5.xml:1979 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1971 +#: sssd.conf.5.xml:1989 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1974 +#: sssd.conf.5.xml:1992 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " @@ -2371,24 +2389,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1981 +#: sssd.conf.5.xml:1999 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1986 +#: sssd.conf.5.xml:2004 msgid "Default: 8" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1992 +#: sssd.conf.5.xml:2010 msgid "account_cache_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1995 +#: sssd.conf.5.xml:2013 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -2397,17 +2415,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2002 +#: sssd.conf.5.xml:2020 msgid "Default: 0 (unlimited)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2007 +#: sssd.conf.5.xml:2025 msgid "pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2018 +#: sssd.conf.5.xml:2036 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -2416,34 +2434,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2025 +#: sssd.conf.5.xml:2043 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2031 +#: sssd.conf.5.xml:2049 msgid "id_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2034 +#: sssd.conf.5.xml:2052 msgid "" "The identification provider used for the domain. Supported ID providers " "are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2038 +#: sssd.conf.5.xml:2056 msgid "<quote>proxy</quote>: Support a legacy NSS provider" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2041 sssd.conf.5.xml:2178 +#: sssd.conf.5.xml:2059 sssd.conf.5.xml:2196 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2045 +#: sssd.conf.5.xml:2063 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> " @@ -2451,7 +2469,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2053 sssd.conf.5.xml:2158 sssd.conf.5.xml:2213 sssd.conf.5.xml:2276 +#: sssd.conf.5.xml:2071 sssd.conf.5.xml:2176 sssd.conf.5.xml:2231 sssd.conf.5.xml:2294 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -2460,7 +2478,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2062 sssd.conf.5.xml:2167 sssd.conf.5.xml:2222 sssd.conf.5.xml:2285 +#: sssd.conf.5.xml:2080 sssd.conf.5.xml:2185 sssd.conf.5.xml:2240 sssd.conf.5.xml:2303 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> " @@ -2468,19 +2486,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2073 +#: sssd.conf.5.xml:2091 msgid "use_fully_qualified_names (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2076 +#: sssd.conf.5.xml:2094 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2081 +#: sssd.conf.5.xml:2099 msgid "" "If set to TRUE, all requests to this domain must use fully qualified " "names. For example, if used in LOCAL domain that contains a \"test\" user, " @@ -2489,7 +2507,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2089 +#: sssd.conf.5.xml:2107 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -2497,22 +2515,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2096 +#: sssd.conf.5.xml:2114 msgid "Default: FALSE (TRUE if default_domain_suffix is used)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2102 +#: sssd.conf.5.xml:2120 msgid "ignore_group_members (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2105 +#: sssd.conf.5.xml:2123 msgid "Do not return group members for group lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2108 +#: sssd.conf.5.xml:2126 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -2524,7 +2542,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2126 +#: sssd.conf.5.xml:2144 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " @@ -2532,19 +2550,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2137 +#: sssd.conf.5.xml:2155 msgid "auth_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2140 +#: sssd.conf.5.xml:2158 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2144 sssd.conf.5.xml:2206 +#: sssd.conf.5.xml:2162 sssd.conf.5.xml:2224 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> " @@ -2552,7 +2570,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2151 +#: sssd.conf.5.xml:2169 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> " @@ -2560,29 +2578,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2175 +#: sssd.conf.5.xml:2193 msgid "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2182 +#: sssd.conf.5.xml:2200 msgid "<quote>none</quote> disables authentication explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2185 +#: sssd.conf.5.xml:2203 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2191 +#: sssd.conf.5.xml:2209 msgid "access_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2194 +#: sssd.conf.5.xml:2212 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -2590,19 +2608,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2200 +#: sssd.conf.5.xml:2218 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2203 +#: sssd.conf.5.xml:2221 msgid "<quote>deny</quote> always deny access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2230 +#: sssd.conf.5.xml:2248 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> " @@ -2611,7 +2629,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2237 +#: sssd.conf.5.xml:2255 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> " @@ -2620,29 +2638,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2244 +#: sssd.conf.5.xml:2262 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2247 +#: sssd.conf.5.xml:2265 msgid "Default: <quote>permit</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2252 +#: sssd.conf.5.xml:2270 msgid "chpass_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2255 +#: sssd.conf.5.xml:2273 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2260 +#: sssd.conf.5.xml:2278 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> " @@ -2651,7 +2669,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2268 +#: sssd.conf.5.xml:2286 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> " @@ -2659,34 +2677,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2293 +#: sssd.conf.5.xml:2311 msgid "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2297 +#: sssd.conf.5.xml:2315 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2300 +#: sssd.conf.5.xml:2318 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2307 +#: sssd.conf.5.xml:2325 msgid "sudo_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2310 +#: sssd.conf.5.xml:2328 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2314 +#: sssd.conf.5.xml:2332 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> " @@ -2694,31 +2712,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2322 +#: sssd.conf.5.xml:2340 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2326 +#: sssd.conf.5.xml:2344 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2330 +#: sssd.conf.5.xml:2348 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2333 sssd.conf.5.xml:2411 sssd.conf.5.xml:2476 sssd.conf.5.xml:2501 +#: sssd.conf.5.xml:2351 sssd.conf.5.xml:2437 sssd.conf.5.xml:2507 sssd.conf.5.xml:2532 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2337 +#: sssd.conf.5.xml:2355 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -2728,13 +2746,22 @@ msgid "" "<manvolnum>5</manvolnum> </citerefentry>." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2370 +msgid "" +"<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " +"background unless the sudo provider is explicitly disabled. Set " +"<emphasis>sudo_provider = None</emphasis> to disable all sudo-related " +"activity in SSSD if you do not want to use sudo with SSSD at all." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2354 +#: sssd.conf.5.xml:2380 msgid "selinux_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2357 +#: sssd.conf.5.xml:2383 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -2742,7 +2769,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2363 +#: sssd.conf.5.xml:2389 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -2751,31 +2778,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2371 +#: sssd.conf.5.xml:2397 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2374 +#: sssd.conf.5.xml:2400 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2380 +#: sssd.conf.5.xml:2406 msgid "subdomains_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2383 +#: sssd.conf.5.xml:2409 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2389 +#: sssd.conf.5.xml:2415 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -2784,7 +2811,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2398 +#: sssd.conf.5.xml:2424 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -2793,17 +2820,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2407 +#: sssd.conf.5.xml:2433 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2417 +#: sssd.conf.5.xml:2443 msgid "session_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2420 +#: sssd.conf.5.xml:2446 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " @@ -2811,34 +2838,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2427 +#: sssd.conf.5.xml:2453 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2431 +#: sssd.conf.5.xml:2457 msgid "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2435 +#: sssd.conf.5.xml:2461 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can perform " "session related tasks." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2465 +msgid "" +"<emphasis>NOTE:</emphasis> In order to have this feature working as expected " +"SSSD must be running as \"root\" and not as the unprivileged user." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2442 +#: sssd.conf.5.xml:2473 msgid "autofs_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2445 +#: sssd.conf.5.xml:2476 msgid "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2449 +#: sssd.conf.5.xml:2480 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> " @@ -2846,7 +2880,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2456 +#: sssd.conf.5.xml:2487 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> " @@ -2854,7 +2888,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2464 +#: sssd.conf.5.xml:2495 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> " @@ -2862,24 +2896,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2473 +#: sssd.conf.5.xml:2504 msgid "<quote>none</quote> disables autofs explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2483 +#: sssd.conf.5.xml:2514 msgid "hostid_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2486 +#: sssd.conf.5.xml:2517 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2490 +#: sssd.conf.5.xml:2521 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -2888,12 +2922,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2498 +#: sssd.conf.5.xml:2529 msgid "<quote>none</quote> disables hostid explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2511 +#: sssd.conf.5.xml:2542 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -2903,7 +2937,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2520 +#: sssd.conf.5.xml:2551 msgid "" "Default for the AD and IPA provider: " "<quote>(((?P<domain>[^\\\\]+)\\\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?P<name>[^@\\\\]+)$))</quote> " @@ -2911,29 +2945,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2525 +#: sssd.conf.5.xml:2556 msgid "username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2528 +#: sssd.conf.5.xml:2559 msgid "username@domain.name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2531 +#: sssd.conf.5.xml:2562 msgid "domain\\username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2534 +#: sssd.conf.5.xml:2565 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2539 +#: sssd.conf.5.xml:2570 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -2941,7 +2975,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2545 +#: sssd.conf.5.xml:2576 msgid "" "PLEASE NOTE: the support for non-unique named subpatterns is not available " "on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre " @@ -2949,66 +2983,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2552 +#: sssd.conf.5.xml:2583 msgid "" "PLEASE NOTE ALSO: older version of libpcre only support the Python syntax " "(?P<name>) to label subpatterns." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2599 +#: sssd.conf.5.xml:2630 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2605 +#: sssd.conf.5.xml:2636 msgid "lookup_family_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2608 +#: sssd.conf.5.xml:2639 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2612 +#: sssd.conf.5.xml:2643 msgid "Supported values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2615 +#: sssd.conf.5.xml:2646 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2618 +#: sssd.conf.5.xml:2649 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2621 +#: sssd.conf.5.xml:2652 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2624 +#: sssd.conf.5.xml:2655 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2627 +#: sssd.conf.5.xml:2658 msgid "Default: ipv4_first" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2633 +#: sssd.conf.5.xml:2664 msgid "dns_resolver_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2636 +#: sssd.conf.5.xml:2667 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the " "internal fail over service before assuming that the service is " @@ -3017,76 +3051,76 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2643 +#: sssd.conf.5.xml:2674 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2648 sssd-ldap.5.xml:1278 sssd-ldap.5.xml:1320 sssd-ldap.5.xml:1338 sssd-krb5.5.xml:248 +#: sssd.conf.5.xml:2679 sssd-ldap.5.xml:1396 sssd-ldap.5.xml:1438 sssd-ldap.5.xml:1456 sssd-krb5.5.xml:248 msgid "Default: 6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2654 +#: sssd.conf.5.xml:2685 msgid "dns_discovery_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2657 +#: sssd.conf.5.xml:2688 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2661 +#: sssd.conf.5.xml:2692 msgid "Default: Use the domain part of machine's hostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2667 +#: sssd.conf.5.xml:2698 msgid "override_gid (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2670 +#: sssd.conf.5.xml:2701 msgid "Override the primary GID value with the one specified." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2676 +#: sssd.conf.5.xml:2707 msgid "case_sensitive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2684 +#: sssd.conf.5.xml:2715 msgid "True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2687 +#: sssd.conf.5.xml:2718 msgid "Case sensitive. This value is invalid for AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2693 +#: sssd.conf.5.xml:2724 msgid "False" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2695 +#: sssd.conf.5.xml:2726 msgid "Case insensitive." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2699 +#: sssd.conf.5.xml:2730 msgid "Preserving" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2702 +#: sssd.conf.5.xml:2733 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " @@ -3094,7 +3128,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2679 +#: sssd.conf.5.xml:2710 msgid "" "Treat user and group names as case sensitive. At the moment, this option is " "not supported in the local provider. Possible option values are: " @@ -3102,17 +3136,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2714 +#: sssd.conf.5.xml:2745 msgid "Default: True (False for AD provider)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2720 +#: sssd.conf.5.xml:2751 msgid "subdomain_inherit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2723 +#: sssd.conf.5.xml:2754 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " @@ -3120,34 +3154,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2729 +#: sssd.conf.5.xml:2760 msgid "ignore_group_members" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2732 +#: sssd.conf.5.xml:2763 msgid "ldap_purge_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2735 sssd-ldap.5.xml:1111 +#: sssd.conf.5.xml:2766 sssd-ldap.5.xml:1120 msgid "ldap_use_tokengroups" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2738 +#: sssd.conf.5.xml:2769 msgid "ldap_user_principal" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2741 +#: sssd.conf.5.xml:2772 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:2747 +#: sssd.conf.5.xml:2778 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" @@ -3155,32 +3189,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2745 sssd-secrets.5.xml:448 +#: sssd.conf.5.xml:2776 sssd-secrets.5.xml:448 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2754 +#: sssd.conf.5.xml:2785 msgid "Note: This option only works with the IPA and AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2761 +#: sssd.conf.5.xml:2792 msgid "subdomain_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2772 +#: sssd.conf.5.xml:2803 msgid "%F" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2773 +#: sssd.conf.5.xml:2804 msgid "flat (NetBIOS) name of a subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2764 +#: sssd.conf.5.xml:2795 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -3190,32 +3224,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2778 +#: sssd.conf.5.xml:2809 msgid "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2782 +#: sssd.conf.5.xml:2813 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2787 +#: sssd.conf.5.xml:2818 msgid "realmd_tags (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2790 +#: sssd.conf.5.xml:2821 msgid "Various tags stored by the realmd configuration service for this domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2796 +#: sssd.conf.5.xml:2827 msgid "cached_auth_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2799 +#: sssd.conf.5.xml:2830 msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " @@ -3223,20 +3257,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2805 +#: sssd.conf.5.xml:2836 msgid "Special value 0 implies that this feature is disabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2809 +#: sssd.conf.5.xml:2840 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " "<quote>initgroups.</quote>" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2851 +msgid "auto_private_groups (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2854 +msgid "" +"If this option is enabled, SSSD will automatically create user private " +"groups based on user's UID number. The GID number is ignored in this case." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2859 +msgid "" +"For POSIX subdomains, setting the option in the main domain is inherited in " +"the subdomain." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2863 +msgid "" +"For ID-mapping subdomains, auto_private_groups is already enabled for the " +"subdomains and setting it to false will not have any effect for the " +"subdomain." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2868 +msgid "" +"NOTE: Because the GID number and the user private group are inferred from " +"the UID number, it is not supported to have multiple entries with the same " +"UID or GID number with this option. In other words, enabling this option " +"enforces uniqueness across the ID space." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1670 +#: sssd.conf.5.xml:1677 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called " @@ -3245,29 +3315,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2827 +#: sssd.conf.5.xml:2887 msgid "proxy_pam_target (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2830 +#: sssd.conf.5.xml:2890 msgid "The proxy target PAM proxies to." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2833 +#: sssd.conf.5.xml:2893 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2841 +#: sssd.conf.5.xml:2901 msgid "proxy_lib_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2844 +#: sssd.conf.5.xml:2904 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -3275,12 +3345,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2854 +#: sssd.conf.5.xml:2914 msgid "proxy_fast_alias (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2857 +#: sssd.conf.5.xml:2917 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -3289,12 +3359,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2871 +#: sssd.conf.5.xml:2931 msgid "proxy_max_children (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2874 +#: sssd.conf.5.xml:2934 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " @@ -3302,19 +3372,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:2823 +#: sssd.conf.5.xml:2883 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" " "id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2890 +#: sssd.conf.5.xml:2950 msgid "Application domains" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2892 +#: sssd.conf.5.xml:2952 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> " "<refentrytitle>sssd-ifp</refentrytitle> <manvolnum>5</manvolnum> " @@ -3332,7 +3402,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2912 +#: sssd.conf.5.xml:2972 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " @@ -3340,17 +3410,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:2918 +#: sssd.conf.5.xml:2978 msgid "Application domain parameters" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2920 +#: sssd.conf.5.xml:2980 msgid "inherit_from (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2923 +#: sssd.conf.5.xml:2983 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " @@ -3359,7 +3429,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2937 +#: sssd.conf.5.xml:2997 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " @@ -3369,7 +3439,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:2945 +#: sssd.conf.5.xml:3005 #, no-wrap msgid "" "[sssd]\n" @@ -3389,12 +3459,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2963 +#: sssd.conf.5.xml:3023 msgid "The local domain section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2965 +#: sssd.conf.5.xml:3025 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -3402,73 +3472,73 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2972 +#: sssd.conf.5.xml:3032 msgid "default_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2975 +#: sssd.conf.5.xml:3035 msgid "The default shell for users created with SSSD userspace tools." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2979 +#: sssd.conf.5.xml:3039 msgid "Default: <filename>/bin/bash</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2984 +#: sssd.conf.5.xml:3044 msgid "base_directory (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2987 +#: sssd.conf.5.xml:3047 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2992 +#: sssd.conf.5.xml:3052 msgid "Default: <filename>/home</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2997 +#: sssd.conf.5.xml:3057 msgid "create_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3000 +#: sssd.conf.5.xml:3060 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3004 sssd.conf.5.xml:3016 +#: sssd.conf.5.xml:3064 sssd.conf.5.xml:3076 msgid "Default: TRUE" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3009 +#: sssd.conf.5.xml:3069 msgid "remove_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3012 +#: sssd.conf.5.xml:3072 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3021 +#: sssd.conf.5.xml:3081 msgid "homedir_umask (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3024 +#: sssd.conf.5.xml:3084 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -3476,17 +3546,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3032 +#: sssd.conf.5.xml:3092 msgid "Default: 077" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3037 +#: sssd.conf.5.xml:3097 msgid "skel_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3040 +#: sssd.conf.5.xml:3100 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -3495,17 +3565,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3050 +#: sssd.conf.5.xml:3110 msgid "Default: <filename>/etc/skel</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3055 +#: sssd.conf.5.xml:3115 msgid "mail_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3058 +#: sssd.conf.5.xml:3118 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -3513,17 +3583,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3065 +#: sssd.conf.5.xml:3125 msgid "Default: <filename>/var/mail</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3070 +#: sssd.conf.5.xml:3130 msgid "userdel_cmd (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3073 +#: sssd.conf.5.xml:3133 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -3531,17 +3601,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3079 +#: sssd.conf.5.xml:3139 msgid "Default: None, no command is run" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3089 +#: sssd.conf.5.xml:3149 msgid "TRUSTED DOMAIN SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3091 +#: sssd.conf.5.xml:3151 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called " @@ -3552,64 +3622,64 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3098 +#: sssd.conf.5.xml:3158 msgid "ldap_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3099 +#: sssd.conf.5.xml:3159 msgid "ldap_user_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3100 +#: sssd.conf.5.xml:3160 msgid "ldap_group_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3101 +#: sssd.conf.5.xml:3161 msgid "ldap_netgroup_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3102 +#: sssd.conf.5.xml:3162 msgid "ldap_service_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3103 +#: sssd.conf.5.xml:3163 msgid "ad_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3104 +#: sssd.conf.5.xml:3164 msgid "ad_backup_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3105 +#: sssd.conf.5.xml:3165 msgid "ad_site," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3106 +#: sssd.conf.5.xml:3166 msgid "use_fully_qualified_names" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3108 +#: sssd.conf.5.xml:3168 msgid "" "For more details about these options see their individual description in the " "manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3114 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:3174 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3120 +#: sssd.conf.5.xml:3180 #, no-wrap msgid "" "[sssd]\n" @@ -3639,7 +3709,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3116 +#: sssd.conf.5.xml:3176 msgid "" "1. The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -3648,7 +3718,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3153 +#: sssd.conf.5.xml:3213 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" @@ -3656,7 +3726,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3147 +#: sssd.conf.5.xml:3207 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -3705,7 +3775,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:75 sssd-ad.5.xml:99 sssd-krb5.5.xml:63 sssd-ifp.5.xml:44 sssd-files.5.xml:57 sssd-secrets.5.xml:120 sssd-session-recording.5.xml:58 sssd-kcm.8.xml:139 +#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:81 sssd-ad.5.xml:112 sssd-krb5.5.xml:63 sssd-ifp.5.xml:44 sssd-files.5.xml:57 sssd-secrets.5.xml:120 sssd-session-recording.5.xml:58 sssd-kcm.8.xml:139 msgid "CONFIGURATION OPTIONS" msgstr "" @@ -3804,7 +3874,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:662 sssd-ad.5.xml:270 sss_override.8.xml:137 sss_override.8.xml:234 +#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:662 sssd-ad.5.xml:283 sss_override.8.xml:137 sss_override.8.xml:234 msgid "Examples:" msgstr "" @@ -4004,7 +4074,7 @@ msgid "The LDAP attribute that corresponds to the user's primary group id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:297 sssd-ldap.5.xml:920 +#: sssd-ldap.5.xml:297 sssd-ldap.5.xml:929 msgid "Default: gidNumber" msgstr "" @@ -4082,7 +4152,7 @@ msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:364 sssd-ldap.5.xml:946 +#: sssd-ldap.5.xml:364 sssd-ldap.5.xml:955 msgid "" "Default: not set in the general case, objectGUID for AD and ipaUniqueID for " "IPA" @@ -4101,7 +4171,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:379 sssd-ldap.5.xml:961 +#: sssd-ldap.5.xml:379 sssd-ldap.5.xml:970 msgid "Default: objectSid for ActiveDirectory, not set for other servers." msgstr "" @@ -4111,14 +4181,14 @@ msgid "ldap_user_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:389 sssd-ldap.5.xml:971 sssd-ldap.5.xml:1194 +#: sssd-ldap.5.xml:389 sssd-ldap.5.xml:980 sssd-ldap.5.xml:1203 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:393 sssd-ldap.5.xml:975 sssd-ldap.5.xml:1201 +#: sssd-ldap.5.xml:393 sssd-ldap.5.xml:984 sssd-ldap.5.xml:1210 msgid "Default: modifyTimestamp" msgstr "" @@ -4452,7 +4522,7 @@ msgid "The LDAP attribute that contains the user's SSH public keys." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:692 +#: sssd-ldap.5.xml:692 sssd-ldap.5.xml:1306 msgid "Default: sshPublicKey" msgstr "" @@ -4515,7 +4585,7 @@ msgid "The LDAP attribute that corresponds to the user's full name." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:759 sssd-ldap.5.xml:1152 sssd-ldap.5.xml:1226 sssd-ldap.5.xml:2276 sssd-ipa.5.xml:588 +#: sssd-ldap.5.xml:759 sssd-ldap.5.xml:1161 sssd-ldap.5.xml:1235 sssd-ldap.5.xml:1344 sssd-ldap.5.xml:2394 sssd-ipa.5.xml:607 msgid "Default: cn" msgstr "" @@ -4530,7 +4600,7 @@ msgid "The LDAP attribute that lists the user's group memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:772 +#: sssd-ldap.5.xml:772 sssd-ldap.5.xml:1274 msgid "Default: memberOf" msgstr "" @@ -4660,105 +4730,115 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:881 +msgid "" +"Note: If an email address of a user conflicts with an email address or fully " +"qualified name of another user, then SSSD will not be able to serve those " +"users properly. If for some reason several users need to share the same " +"email address then set this option to a nonexistent attribute name in order " +"to disable user lookup/login by email." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:890 msgid "Default: mail" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:887 +#: sssd-ldap.5.xml:896 msgid "ldap_group_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:890 +#: sssd-ldap.5.xml:899 msgid "The object class of a group entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:893 +#: sssd-ldap.5.xml:902 msgid "Default: posixGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:899 +#: sssd-ldap.5.xml:908 msgid "ldap_group_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:902 +#: sssd-ldap.5.xml:911 msgid "The LDAP attribute that corresponds to the group name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:906 +#: sssd-ldap.5.xml:915 msgid "Default: cn (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:913 +#: sssd-ldap.5.xml:922 msgid "ldap_group_gid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:916 +#: sssd-ldap.5.xml:925 msgid "The LDAP attribute that corresponds to the group's id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:926 +#: sssd-ldap.5.xml:935 msgid "ldap_group_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:929 +#: sssd-ldap.5.xml:938 msgid "The LDAP attribute that contains the names of the group's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:933 +#: sssd-ldap.5.xml:942 msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:939 +#: sssd-ldap.5.xml:948 msgid "ldap_group_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:942 +#: sssd-ldap.5.xml:951 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:953 +#: sssd-ldap.5.xml:962 msgid "ldap_group_objectsid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:956 +#: sssd-ldap.5.xml:965 msgid "" "The LDAP attribute that contains the objectSID of an LDAP group object. This " "is usually only necessary for ActiveDirectory servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:968 +#: sssd-ldap.5.xml:977 msgid "ldap_group_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:981 +#: sssd-ldap.5.xml:990 msgid "ldap_group_type (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:984 +#: sssd-ldap.5.xml:993 msgid "" "The LDAP attribute that contains an integer value indicating the type of the " "group and maybe other flags." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:989 +#: sssd-ldap.5.xml:998 msgid "" "This attribute is currently only used by the AD provider to determine if a " "group is a domain local groups and has to be filtered out for trusted " @@ -4766,34 +4846,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:995 +#: sssd-ldap.5.xml:1004 msgid "Default: groupType in the AD provider, otherwise not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1002 +#: sssd-ldap.5.xml:1011 msgid "ldap_group_external_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1005 +#: sssd-ldap.5.xml:1014 msgid "" "The LDAP attribute that references group members that are defined in an " "external domain. At the moment, only IPA's external members are supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1011 +#: sssd-ldap.5.xml:1020 msgid "Default: ipaExternalMember in the IPA provider, otherwise unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1018 +#: sssd-ldap.5.xml:1027 msgid "ldap_group_nesting_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1021 +#: sssd-ldap.5.xml:1030 msgid "" "If ldap_schema is set to a schema format that supports nested groups " "(e.g. RFC2307bis), then this option controls how many levels of nesting SSSD " @@ -4801,7 +4881,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1028 +#: sssd-ldap.5.xml:1037 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -4811,7 +4891,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1037 +#: sssd-ldap.5.xml:1046 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " @@ -4821,17 +4901,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1046 +#: sssd-ldap.5.xml:1055 msgid "Default: 2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1052 +#: sssd-ldap.5.xml:1061 msgid "ldap_groups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1055 +#: sssd-ldap.5.xml:1064 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which may speed up group lookup operations on deployments with " @@ -4839,14 +4919,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1061 +#: sssd-ldap.5.xml:1070 msgid "" "In most common cases, it is best to leave this option disabled. It generally " "only provides a performance increase on very complex nestings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1066 sssd-ldap.5.xml:1093 +#: sssd-ldap.5.xml:1075 sssd-ldap.5.xml:1102 msgid "" "If this option is enabled, SSSD will use it if it detects that the server " "supports it during initial connection. So \"True\" here essentially means " @@ -4854,7 +4934,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1072 sssd-ldap.5.xml:1099 +#: sssd-ldap.5.xml:1081 sssd-ldap.5.xml:1108 msgid "" "Note: This feature is currently known to work only with Active Directory " "2008 R1 and later. See <ulink " @@ -4863,12 +4943,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1084 +#: sssd-ldap.5.xml:1093 msgid "ldap_initgroups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1087 +#: sssd-ldap.5.xml:1096 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which might speed up initgroups operations (most notably when " @@ -4876,166 +4956,265 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1114 +#: sssd-ldap.5.xml:1123 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1119 +#: sssd-ldap.5.xml:1128 msgid "Default: True for AD and IPA otherwise False." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1125 +#: sssd-ldap.5.xml:1134 msgid "ldap_netgroup_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1128 +#: sssd-ldap.5.xml:1137 msgid "The object class of a netgroup entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1131 +#: sssd-ldap.5.xml:1140 msgid "In IPA provider, ipa_netgroup_object_class should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1135 +#: sssd-ldap.5.xml:1144 msgid "Default: nisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1141 +#: sssd-ldap.5.xml:1150 msgid "ldap_netgroup_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1144 +#: sssd-ldap.5.xml:1153 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1148 +#: sssd-ldap.5.xml:1157 msgid "In IPA provider, ipa_netgroup_name should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1158 +#: sssd-ldap.5.xml:1167 msgid "ldap_netgroup_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1161 +#: sssd-ldap.5.xml:1170 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1165 +#: sssd-ldap.5.xml:1174 msgid "In IPA provider, ipa_netgroup_member should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1169 +#: sssd-ldap.5.xml:1178 msgid "Default: memberNisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1175 +#: sssd-ldap.5.xml:1184 msgid "ldap_netgroup_triple (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1178 +#: sssd-ldap.5.xml:1187 msgid "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1182 sssd-ldap.5.xml:1198 +#: sssd-ldap.5.xml:1191 sssd-ldap.5.xml:1207 msgid "This option is not available in IPA provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1185 +#: sssd-ldap.5.xml:1194 msgid "Default: nisNetgroupTriple" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1191 +#: sssd-ldap.5.xml:1200 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1207 -msgid "ldap_service_object_class (string)" +#: sssd-ldap.5.xml:1216 +msgid "ldap_host_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1210 -msgid "The object class of a service entry in LDAP." +#: sssd-ldap.5.xml:1219 +msgid "The object class of a host entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1213 +#: sssd-ldap.5.xml:1222 sssd-ldap.5.xml:1331 msgid "Default: ipService" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1219 +#: sssd-ldap.5.xml:1228 +msgid "ldap_host_name (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1231 sssd-ldap.5.xml:1257 +msgid "The LDAP attribute that corresponds to the host's name." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1241 +msgid "ldap_host_fqdn (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1244 +msgid "" +"The LDAP attribute that corresponds to the host's fully-qualified domain " +"name." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1248 +msgid "Default: fqdn" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1254 +msgid "ldap_host_serverhostname (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1261 +msgid "Default: serverHostname" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1267 +msgid "ldap_host_member_of (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1270 +msgid "The LDAP attribute that lists the host's group memberships." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1280 +msgid "ldap_host_search_base (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1283 +msgid "Optional. Use the given string as search base for host objects." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1287 sssd-ipa.5.xml:359 sssd-ipa.5.xml:378 sssd-ipa.5.xml:397 sssd-ipa.5.xml:416 +msgid "" +"See <quote>ldap_search_base</quote> for information about configuring " +"multiple search bases." +msgstr "" + +#. type: Content of: <listitem><para> +#: sssd-ldap.5.xml:1292 sssd-ipa.5.xml:364 include/ldap_search_bases.xml:27 +msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1299 +msgid "ldap_host_ssh_public_key (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1302 +msgid "The LDAP attribute that contains the host's SSH public keys." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1312 +msgid "ldap_host_uuid (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1315 +msgid "The LDAP attribute that contains the UUID/GUID of an LDAP host object." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1325 +msgid "ldap_service_object_class (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1328 +msgid "The object class of a service entry in LDAP." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1337 msgid "ldap_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1222 +#: sssd-ldap.5.xml:1340 msgid "" "The LDAP attribute that contains the name of service attributes and their " "aliases." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1232 +#: sssd-ldap.5.xml:1350 msgid "ldap_service_port (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1235 +#: sssd-ldap.5.xml:1353 msgid "The LDAP attribute that contains the port managed by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1239 +#: sssd-ldap.5.xml:1357 msgid "Default: ipServicePort" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1245 +#: sssd-ldap.5.xml:1363 msgid "ldap_service_proto (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1248 +#: sssd-ldap.5.xml:1366 msgid "The LDAP attribute that contains the protocols understood by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1252 +#: sssd-ldap.5.xml:1370 msgid "Default: ipServiceProtocol" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1258 +#: sssd-ldap.5.xml:1376 msgid "ldap_service_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1263 +#: sssd-ldap.5.xml:1381 msgid "ldap_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1266 +#: sssd-ldap.5.xml:1384 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -5043,7 +5222,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1272 +#: sssd-ldap.5.xml:1390 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -5051,12 +5230,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1284 +#: sssd-ldap.5.xml:1402 msgid "ldap_enumeration_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1287 +#: sssd-ldap.5.xml:1405 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -5064,12 +5243,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1300 +#: sssd-ldap.5.xml:1418 msgid "ldap_network_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1303 +#: sssd-ldap.5.xml:1421 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> " @@ -5080,12 +5259,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1326 +#: sssd-ldap.5.xml:1444 msgid "ldap_opt_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1329 +#: sssd-ldap.5.xml:1447 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -5094,12 +5273,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1344 +#: sssd-ldap.5.xml:1462 msgid "ldap_connection_expire_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1347 +#: sssd-ldap.5.xml:1465 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -5108,34 +5287,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1355 sssd-ldap.5.xml:2433 +#: sssd-ldap.5.xml:1473 sssd-ldap.5.xml:2551 msgid "Default: 900 (15 minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1361 +#: sssd-ldap.5.xml:1479 msgid "ldap_page_size (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1364 +#: sssd-ldap.5.xml:1482 msgid "" "Specify the number of records to retrieve from LDAP in a single " "request. Some LDAP servers enforce a maximum limit per-request." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1369 +#: sssd-ldap.5.xml:1487 msgid "Default: 1000" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1375 +#: sssd-ldap.5.xml:1493 msgid "ldap_disable_paging (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1378 +#: sssd-ldap.5.xml:1496 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -5143,7 +5322,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1384 +#: sssd-ldap.5.xml:1502 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use " @@ -5151,7 +5330,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1390 +#: sssd-ldap.5.xml:1508 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -5159,17 +5338,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1402 +#: sssd-ldap.5.xml:1520 msgid "ldap_disable_range_retrieval (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1405 +#: sssd-ldap.5.xml:1523 msgid "Disable Active Directory range retrieval." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1408 +#: sssd-ldap.5.xml:1526 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -5179,12 +5358,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1423 +#: sssd-ldap.5.xml:1541 msgid "ldap_sasl_minssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1426 +#: sssd-ldap.5.xml:1544 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -5192,17 +5371,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1432 +#: sssd-ldap.5.xml:1550 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1439 +#: sssd-ldap.5.xml:1557 msgid "ldap_deref_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1442 +#: sssd-ldap.5.xml:1560 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -5210,12 +5389,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1448 +#: sssd-ldap.5.xml:1566 msgid "You can turn off dereference lookups completely by setting the value to 0." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1452 +#: sssd-ldap.5.xml:1570 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -5224,7 +5403,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1460 +#: sssd-ldap.5.xml:1578 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -5232,26 +5411,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1473 +#: sssd-ldap.5.xml:1591 msgid "ldap_tls_reqcert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1476 +#: sssd-ldap.5.xml:1594 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1482 +#: sssd-ldap.5.xml:1600 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1486 +#: sssd-ldap.5.xml:1604 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5259,7 +5438,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1493 +#: sssd-ldap.5.xml:1611 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5267,7 +5446,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1499 +#: sssd-ldap.5.xml:1617 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -5275,41 +5454,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1505 +#: sssd-ldap.5.xml:1623 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1509 +#: sssd-ldap.5.xml:1627 msgid "Default: hard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1515 +#: sssd-ldap.5.xml:1633 msgid "ldap_tls_cacert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1518 +#: sssd-ldap.5.xml:1636 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1523 sssd-ldap.5.xml:1541 sssd-ldap.5.xml:1582 +#: sssd-ldap.5.xml:1641 sssd-ldap.5.xml:1659 sssd-ldap.5.xml:1700 msgid "" "Default: use OpenLDAP defaults, typically in " "<filename>/etc/openldap/ldap.conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1530 +#: sssd-ldap.5.xml:1648 msgid "ldap_tls_cacertdir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1533 +#: sssd-ldap.5.xml:1651 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -5318,32 +5497,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1548 +#: sssd-ldap.5.xml:1666 msgid "ldap_tls_cert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1551 +#: sssd-ldap.5.xml:1669 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1561 +#: sssd-ldap.5.xml:1679 msgid "ldap_tls_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1564 +#: sssd-ldap.5.xml:1682 msgid "Specifies the file that contains the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1573 +#: sssd-ldap.5.xml:1691 msgid "ldap_tls_cipher_suite (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1576 +#: sssd-ldap.5.xml:1694 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -5351,24 +5530,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1589 +#: sssd-ldap.5.xml:1707 msgid "ldap_id_use_start_tls (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1592 +#: sssd-ldap.5.xml:1710 msgid "" "Specifies that the id_provider connection must also use <systemitem " "class=\"protocol\">tls</systemitem> to protect the channel." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1602 +#: sssd-ldap.5.xml:1720 msgid "ldap_id_mapping (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1605 +#: sssd-ldap.5.xml:1723 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -5376,17 +5555,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1611 +#: sssd-ldap.5.xml:1729 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1621 +#: sssd-ldap.5.xml:1739 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1624 +#: sssd-ldap.5.xml:1742 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -5397,29 +5576,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1636 +#: sssd-ldap.5.xml:1754 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1642 +#: sssd-ldap.5.xml:1760 msgid "ldap_sasl_mech (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1645 +#: sssd-ldap.5.xml:1763 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI is tested and " "supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1655 +#: sssd-ldap.5.xml:1773 msgid "ldap_sasl_authid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1658 +#: sssd-ldap.5.xml:1776 msgid "" "Specify the SASL authorization id to use. When GSSAPI is used, this " "represents the Kerberos principal used for authentication to the directory. " @@ -5429,17 +5608,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1666 +#: sssd-ldap.5.xml:1784 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1672 +#: sssd-ldap.5.xml:1790 msgid "ldap_sasl_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1675 +#: sssd-ldap.5.xml:1793 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -5447,49 +5626,49 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1681 +#: sssd-ldap.5.xml:1799 msgid "Default: the value of krb5_realm." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1687 +#: sssd-ldap.5.xml:1805 msgid "ldap_sasl_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1690 +#: sssd-ldap.5.xml:1808 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1695 +#: sssd-ldap.5.xml:1813 msgid "Default: false;" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1701 +#: sssd-ldap.5.xml:1819 msgid "ldap_krb5_keytab (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1704 +#: sssd-ldap.5.xml:1822 msgid "Specify the keytab to use when using SASL/GSSAPI." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1707 +#: sssd-ldap.5.xml:1825 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1713 +#: sssd-ldap.5.xml:1831 msgid "ldap_krb5_init_creds (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1716 +#: sssd-ldap.5.xml:1834 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -5497,27 +5676,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1728 +#: sssd-ldap.5.xml:1846 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1731 +#: sssd-ldap.5.xml:1849 msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1735 sssd-ad.5.xml:914 +#: sssd-ldap.5.xml:1853 sssd-ad.5.xml:934 msgid "Default: 86400 (24 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1741 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1859 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1744 +#: sssd-ldap.5.xml:1862 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of " @@ -5529,7 +5708,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1756 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1874 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -5537,7 +5716,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1761 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1879 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of " "SSSD. While the legacy name is recognized for the time being, users are " @@ -5546,39 +5725,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1770 sssd-ipa.5.xml:432 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1888 sssd-ipa.5.xml:428 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1773 +#: sssd-ldap.5.xml:1891 msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1776 +#: sssd-ldap.5.xml:1894 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1782 sssd-krb5.5.xml:462 +#: sssd-ldap.5.xml:1900 sssd-krb5.5.xml:462 msgid "krb5_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1785 +#: sssd-ldap.5.xml:1903 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1797 sssd-krb5.5.xml:477 +#: sssd-ldap.5.xml:1915 sssd-krb5.5.xml:477 msgid "krb5_use_kdcinfo (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1800 sssd-krb5.5.xml:480 +#: sssd-ldap.5.xml:1918 sssd-krb5.5.xml:480 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -5588,7 +5767,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1811 sssd-krb5.5.xml:491 +#: sssd-ldap.5.xml:1929 sssd-krb5.5.xml:491 msgid "" "See the <citerefentry> " "<refentrytitle>sssd_krb5_locator_plugin</refentrytitle> " @@ -5597,26 +5776,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1825 +#: sssd-ldap.5.xml:1943 msgid "ldap_pwd_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1828 +#: sssd-ldap.5.xml:1946 msgid "" "Select the policy to evaluate the password expiration on the client " "side. The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1833 +#: sssd-ldap.5.xml:1951 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1838 +#: sssd-ldap.5.xml:1956 msgid "" "<emphasis>shadow</emphasis> - Use " "<citerefentry><refentrytitle>shadow</refentrytitle> " @@ -5625,7 +5804,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1844 +#: sssd-ldap.5.xml:1962 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -5633,31 +5812,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1853 +#: sssd-ldap.5.xml:1971 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1861 +#: sssd-ldap.5.xml:1979 msgid "ldap_referrals (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1864 +#: sssd-ldap.5.xml:1982 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1868 +#: sssd-ldap.5.xml:1986 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1873 +#: sssd-ldap.5.xml:1991 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -5666,56 +5845,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1887 +#: sssd-ldap.5.xml:2005 msgid "ldap_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1890 +#: sssd-ldap.5.xml:2008 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1894 +#: sssd-ldap.5.xml:2012 msgid "Default: ldap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1900 +#: sssd-ldap.5.xml:2018 msgid "ldap_chpass_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1903 +#: sssd-ldap.5.xml:2021 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1908 +#: sssd-ldap.5.xml:2026 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1914 +#: sssd-ldap.5.xml:2032 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1917 +#: sssd-ldap.5.xml:2035 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1929 +#: sssd-ldap.5.xml:2047 msgid "ldap_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1932 +#: sssd-ldap.5.xml:2050 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -5732,12 +5911,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1952 +#: sssd-ldap.5.xml:2070 msgid "Example:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1955 +#: sssd-ldap.5.xml:2073 #, no-wrap msgid "" "access_provider = ldap\n" @@ -5746,14 +5925,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1959 +#: sssd-ldap.5.xml:2077 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1964 +#: sssd-ldap.5.xml:2082 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -5762,24 +5941,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1972 sssd-ldap.5.xml:2029 +#: sssd-ldap.5.xml:2090 sssd-ldap.5.xml:2147 msgid "Default: Empty" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1978 +#: sssd-ldap.5.xml:2096 msgid "ldap_account_expire_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1981 +#: sssd-ldap.5.xml:2099 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1985 +#: sssd-ldap.5.xml:2103 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -5787,19 +5966,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1992 +#: sssd-ldap.5.xml:2110 msgid "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1995 +#: sssd-ldap.5.xml:2113 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2000 +#: sssd-ldap.5.xml:2118 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -5808,7 +5987,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2007 +#: sssd-ldap.5.xml:2125 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, " "<emphasis>389ds</emphasis>: use the value of ldap_ns_account_lock to check " @@ -5816,7 +5995,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2013 +#: sssd-ldap.5.xml:2131 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -5825,7 +6004,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2022 +#: sssd-ldap.5.xml:2140 msgid "" "Please note that the ldap_access_order configuration option " "<emphasis>must</emphasis> include <quote>expire</quote> in order for the " @@ -5833,22 +6012,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2035 +#: sssd-ldap.5.xml:2153 msgid "ldap_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2038 +#: sssd-ldap.5.xml:2156 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2042 +#: sssd-ldap.5.xml:2160 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2045 +#: sssd-ldap.5.xml:2163 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -5858,7 +6037,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2055 +#: sssd-ldap.5.xml:2173 msgid "" "<emphasis> Please note that this option is superseded by the " "<quote>ppolicy</quote> option and might be removed in a future release. " @@ -5866,7 +6045,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2062 +#: sssd-ldap.5.xml:2180 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -5879,12 +6058,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2079 +#: sssd-ldap.5.xml:2197 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2083 +#: sssd-ldap.5.xml:2201 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " @@ -5894,7 +6073,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2093 +#: sssd-ldap.5.xml:2211 msgid "" "The difference between these options is the action taken if user password is " "expired: pwd_expire_policy_reject - user is denied to log in, " @@ -5904,38 +6083,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2101 +#: sssd-ldap.5.xml:2219 msgid "Note If user password is expired no explicit message is prompted by SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2105 +#: sssd-ldap.5.xml:2223 msgid "" "Please note that 'access_provider = ldap' must be set for this feature to " "work. Also 'ldap_pwd_policy' must be set to an appropriate password policy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2110 +#: sssd-ldap.5.xml:2228 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2115 +#: sssd-ldap.5.xml:2233 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2119 +#: sssd-ldap.5.xml:2237 msgid "" "<emphasis>rhost</emphasis>: use the rhost attribute to determine whether " "remote host can access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2123 +#: sssd-ldap.5.xml:2241 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control " @@ -5943,24 +6122,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2128 +#: sssd-ldap.5.xml:2246 msgid "Default: filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2131 +#: sssd-ldap.5.xml:2249 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2138 +#: sssd-ldap.5.xml:2256 msgid "ldap_pwdlockout_dn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2141 +#: sssd-ldap.5.xml:2259 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " @@ -5969,74 +6148,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2149 +#: sssd-ldap.5.xml:2267 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2152 +#: sssd-ldap.5.xml:2270 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2158 +#: sssd-ldap.5.xml:2276 msgid "ldap_deref (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2161 +#: sssd-ldap.5.xml:2279 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2166 +#: sssd-ldap.5.xml:2284 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2170 +#: sssd-ldap.5.xml:2288 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2175 +#: sssd-ldap.5.xml:2293 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2180 +#: sssd-ldap.5.xml:2298 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2185 +#: sssd-ldap.5.xml:2303 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2193 +#: sssd-ldap.5.xml:2311 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2196 +#: sssd-ldap.5.xml:2314 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2200 +#: sssd-ldap.5.xml:2318 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -6047,7 +6226,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2211 +#: sssd-ldap.5.xml:2329 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -6055,24 +6234,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2223 sssd-ifp.5.xml:136 +#: sssd-ldap.5.xml:2341 sssd-ifp.5.xml:136 msgid "wildcard_limit (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2226 +#: sssd-ldap.5.xml:2344 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2230 +#: sssd-ldap.5.xml:2348 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2234 +#: sssd-ldap.5.xml:2352 msgid "Default: 1000 (often the size of one page)" msgstr "" @@ -6087,12 +6266,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2244 +#: sssd-ldap.5.xml:2362 msgid "SUDO OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2246 +#: sssd-ldap.5.xml:2364 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -6100,208 +6279,208 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2257 +#: sssd-ldap.5.xml:2375 msgid "ldap_sudorule_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2260 +#: sssd-ldap.5.xml:2378 msgid "The object class of a sudo rule entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2263 +#: sssd-ldap.5.xml:2381 msgid "Default: sudoRole" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2269 +#: sssd-ldap.5.xml:2387 msgid "ldap_sudorule_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2272 +#: sssd-ldap.5.xml:2390 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2282 +#: sssd-ldap.5.xml:2400 msgid "ldap_sudorule_command (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2285 +#: sssd-ldap.5.xml:2403 msgid "The LDAP attribute that corresponds to the command name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2289 +#: sssd-ldap.5.xml:2407 msgid "Default: sudoCommand" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2295 +#: sssd-ldap.5.xml:2413 msgid "ldap_sudorule_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2298 +#: sssd-ldap.5.xml:2416 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2303 +#: sssd-ldap.5.xml:2421 msgid "Default: sudoHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2309 +#: sssd-ldap.5.xml:2427 msgid "ldap_sudorule_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2312 +#: sssd-ldap.5.xml:2430 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2316 +#: sssd-ldap.5.xml:2434 msgid "Default: sudoUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2322 +#: sssd-ldap.5.xml:2440 msgid "ldap_sudorule_option (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2325 +#: sssd-ldap.5.xml:2443 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2329 +#: sssd-ldap.5.xml:2447 msgid "Default: sudoOption" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2335 +#: sssd-ldap.5.xml:2453 msgid "ldap_sudorule_runasuser (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2338 +#: sssd-ldap.5.xml:2456 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2342 +#: sssd-ldap.5.xml:2460 msgid "Default: sudoRunAsUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2348 +#: sssd-ldap.5.xml:2466 msgid "ldap_sudorule_runasgroup (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2351 +#: sssd-ldap.5.xml:2469 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2355 +#: sssd-ldap.5.xml:2473 msgid "Default: sudoRunAsGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2361 +#: sssd-ldap.5.xml:2479 msgid "ldap_sudorule_notbefore (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2364 +#: sssd-ldap.5.xml:2482 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2368 +#: sssd-ldap.5.xml:2486 msgid "Default: sudoNotBefore" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2374 +#: sssd-ldap.5.xml:2492 msgid "ldap_sudorule_notafter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2377 +#: sssd-ldap.5.xml:2495 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2382 +#: sssd-ldap.5.xml:2500 msgid "Default: sudoNotAfter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2388 +#: sssd-ldap.5.xml:2506 msgid "ldap_sudorule_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2391 +#: sssd-ldap.5.xml:2509 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2395 +#: sssd-ldap.5.xml:2513 msgid "Default: sudoOrder" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2401 +#: sssd-ldap.5.xml:2519 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2404 +#: sssd-ldap.5.xml:2522 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2409 +#: sssd-ldap.5.xml:2527 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval " "</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2414 +#: sssd-ldap.5.xml:2532 msgid "Default: 21600 (6 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2420 +#: sssd-ldap.5.xml:2538 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2423 +#: sssd-ldap.5.xml:2541 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest USN " @@ -6309,100 +6488,100 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2429 +#: sssd-ldap.5.xml:2547 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2439 +#: sssd-ldap.5.xml:2557 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2442 +#: sssd-ldap.5.xml:2560 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2453 +#: sssd-ldap.5.xml:2571 msgid "ldap_sudo_hostnames (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2456 +#: sssd-ldap.5.xml:2574 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2461 +#: sssd-ldap.5.xml:2579 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2466 sssd-ldap.5.xml:2489 sssd-ldap.5.xml:2507 sssd-ldap.5.xml:2525 +#: sssd-ldap.5.xml:2584 sssd-ldap.5.xml:2607 sssd-ldap.5.xml:2625 sssd-ldap.5.xml:2643 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is " "<emphasis>false</emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2471 sssd-ldap.5.xml:2494 +#: sssd-ldap.5.xml:2589 sssd-ldap.5.xml:2612 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2477 +#: sssd-ldap.5.xml:2595 msgid "ldap_sudo_ip (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2480 +#: sssd-ldap.5.xml:2598 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2485 +#: sssd-ldap.5.xml:2603 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2500 +#: sssd-ldap.5.xml:2618 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2503 +#: sssd-ldap.5.xml:2621 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2518 +#: sssd-ldap.5.xml:2636 msgid "ldap_sudo_include_regexp (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2521 +#: sssd-ldap.5.xml:2639 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2537 +#: sssd-ldap.5.xml:2655 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -6411,112 +6590,112 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2547 +#: sssd-ldap.5.xml:2665 msgid "AUTOFS OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2549 +#: sssd-ldap.5.xml:2667 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2555 +#: sssd-ldap.5.xml:2673 msgid "ldap_autofs_map_master_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2558 +#: sssd-ldap.5.xml:2676 msgid "The name of the automount master map in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2561 +#: sssd-ldap.5.xml:2679 msgid "Default: auto.master" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2568 +#: sssd-ldap.5.xml:2686 msgid "ldap_autofs_map_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2571 +#: sssd-ldap.5.xml:2689 msgid "The object class of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2574 +#: sssd-ldap.5.xml:2692 msgid "Default: nisMap (rfc2307, autofs_provider=ad), otherwise automountMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2582 +#: sssd-ldap.5.xml:2700 msgid "ldap_autofs_map_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2585 +#: sssd-ldap.5.xml:2703 msgid "The name of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2588 +#: sssd-ldap.5.xml:2706 msgid "" "Default: nisMapName (rfc2307, autofs_provider=ad), otherwise " "automountMapName" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2596 +#: sssd-ldap.5.xml:2714 msgid "ldap_autofs_entry_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2599 +#: sssd-ldap.5.xml:2717 msgid "" "The object class of an automount entry in LDAP. The entry usually " "corresponds to a mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2604 +#: sssd-ldap.5.xml:2722 msgid "Default: nisObject (rfc2307, autofs_provider=ad), otherwise automount" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2612 +#: sssd-ldap.5.xml:2730 msgid "ldap_autofs_entry_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2615 sssd-ldap.5.xml:2630 +#: sssd-ldap.5.xml:2733 sssd-ldap.5.xml:2748 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2619 +#: sssd-ldap.5.xml:2737 msgid "Default: cn (rfc2307, autofs_provider=ad), otherwise automountKey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2627 +#: sssd-ldap.5.xml:2745 msgid "ldap_autofs_entry_value (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2634 +#: sssd-ldap.5.xml:2752 msgid "" "Default: nisMapEntry (rfc2307, autofs_provider=ad), otherwise " "automountInformation" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2553 +#: sssd-ldap.5.xml:2671 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder " "type=\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" " @@ -6526,32 +6705,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2645 +#: sssd-ldap.5.xml:2763 msgid "ADVANCED OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2652 +#: sssd-ldap.5.xml:2770 msgid "ldap_netgroup_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2657 +#: sssd-ldap.5.xml:2775 msgid "ldap_user_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2662 +#: sssd-ldap.5.xml:2780 msgid "ldap_group_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> -#: sssd-ldap.5.xml:2667 +#: sssd-ldap.5.xml:2785 msgid "<note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> -#: sssd-ldap.5.xml:2669 +#: sssd-ldap.5.xml:2787 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " @@ -6560,22 +6739,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist> -#: sssd-ldap.5.xml:2676 +#: sssd-ldap.5.xml:2794 msgid "</note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2678 +#: sssd-ldap.5.xml:2796 msgid "ldap_sudo_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2683 +#: sssd-ldap.5.xml:2801 msgid "ldap_autofs_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2647 +#: sssd-ldap.5.xml:2765 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -6584,12 +6763,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2698 sssd-simple.5.xml:131 sssd-ipa.5.xml:717 sssd-ad.5.xml:1018 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 sssd-files.5.xml:71 sssd-session-recording.5.xml:144 +#: sssd-ldap.5.xml:2816 sssd-simple.5.xml:131 sssd-ipa.5.xml:736 sssd-ad.5.xml:1038 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 sssd-files.5.xml:71 sssd-session-recording.5.xml:144 msgid "EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2700 +#: sssd-ldap.5.xml:2818 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -6597,7 +6776,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2706 +#: sssd-ldap.5.xml:2824 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -6610,24 +6789,24 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2705 sssd-ldap.5.xml:2723 sssd-simple.5.xml:139 sssd-ipa.5.xml:725 sssd-ad.5.xml:1026 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 sssd-files.5.xml:78 sssd-session-recording.5.xml:150 include/ldap_id_mapping.xml:105 +#: sssd-ldap.5.xml:2823 sssd-ldap.5.xml:2841 sssd-simple.5.xml:139 sssd-ipa.5.xml:744 sssd-ad.5.xml:1046 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 sssd-files.5.xml:78 sssd-session-recording.5.xml:150 include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2717 +#: sssd-ldap.5.xml:2835 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2719 +#: sssd-ldap.5.xml:2837 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2724 +#: sssd-ldap.5.xml:2842 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -6643,12 +6822,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2739 sssd_krb5_locator_plugin.8.xml:61 sssd-simple.5.xml:148 sssd-ad.5.xml:1041 sssd.8.xml:195 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2857 sssd_krb5_locator_plugin.8.xml:61 sssd-simple.5.xml:148 sssd-ad.5.xml:1061 sssd.8.xml:230 sss_seed.8.xml:163 msgid "NOTES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2741 +#: sssd-ldap.5.xml:2859 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -7058,7 +7237,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:70 sssd-ipa.5.xml:76 sssd-ad.5.xml:100 +#: sssd-simple.5.xml:70 sssd-ipa.5.xml:82 sssd-ad.5.xml:113 msgid "" "Refer to the section <quote>DOMAIN SECTIONS</quote> of the <citerefentry> " "<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> " @@ -7906,7 +8085,7 @@ msgstr "" #: sss-certmap.5.xml:577 msgid "" "This template will add the OID which is stored in the registeredID component " -"of the SAN as as dotted-decimal string." +"of the SAN as a dotted-decimal string." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> @@ -7999,30 +8178,38 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:67 msgid "" +"If <quote>auth_provider=ipa</quote> or <quote>access_provider=ipa</quote> is " +"configured in sssd.conf then the id_provider must also be set to " +"<quote>ipa</quote>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:73 +msgid "" "The IPA provider will use the PAC responder if the Kerberos tickets of users " "from trusted realms contain a PAC. To make configuration easier the PAC " "responder is started automatically if the IPA ID provider is configured." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:83 +#: sssd-ipa.5.xml:89 msgid "ipa_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:86 +#: sssd-ipa.5.xml:92 msgid "" "Specifies the name of the IPA domain. This is optional. If not provided, " "the configuration domain name is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:94 +#: sssd-ipa.5.xml:100 msgid "ipa_server, ipa_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:97 +#: sssd-ipa.5.xml:103 msgid "" "The comma-separated list of IP addresses or hostnames of the IPA servers to " "which SSSD should connect in the order of preference. For more information " @@ -8032,12 +8219,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:110 +#: sssd-ipa.5.xml:116 msgid "ipa_hostname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:113 +#: sssd-ipa.5.xml:119 msgid "" "Optional. May be set on machines where the hostname(5) does not reflect the " "fully qualified name used in the IPA domain to identify this host. The " @@ -8045,12 +8232,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:122 sssd-ad.5.xml:843 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:863 msgid "dyndns_update (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:125 +#: sssd-ipa.5.xml:131 msgid "" "Optional. This option tells SSSD to automatically update the DNS server " "built into FreeIPA with the IP address of this client. The update is secured " @@ -8060,14 +8247,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:134 sssd-ad.5.xml:857 +#: sssd-ipa.5.xml:140 sssd-ad.5.xml:877 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:139 +#: sssd-ipa.5.xml:145 msgid "" "NOTE: While it is still possible to use the old " "<emphasis>ipa_dyndns_update</emphasis> option, users should migrate to using " @@ -8075,12 +8262,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:151 sssd-ad.5.xml:868 +#: sssd-ipa.5.xml:157 sssd-ad.5.xml:888 msgid "dyndns_ttl (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:154 sssd-ad.5.xml:871 +#: sssd-ipa.5.xml:160 sssd-ad.5.xml:891 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -8088,7 +8275,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:159 +#: sssd-ipa.5.xml:165 msgid "" "NOTE: While it is still possible to use the old " "<emphasis>ipa_dyndns_ttl</emphasis> option, users should migrate to using " @@ -8096,17 +8283,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:165 +#: sssd-ipa.5.xml:171 msgid "Default: 1200 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:171 sssd-ad.5.xml:882 +#: sssd-ipa.5.xml:177 sssd-ad.5.xml:902 msgid "dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:174 sssd-ad.5.xml:885 +#: sssd-ipa.5.xml:180 sssd-ad.5.xml:905 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " @@ -8115,7 +8302,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:181 +#: sssd-ipa.5.xml:187 msgid "" "NOTE: While it is still possible to use the old " "<emphasis>ipa_dyndns_iface</emphasis> option, users should migrate to using " @@ -8123,24 +8310,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:187 +#: sssd-ipa.5.xml:193 msgid "" "Default: Use the IP addresses of the interface which is used for IPA LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:191 sssd-ad.5.xml:896 +#: sssd-ipa.5.xml:197 sssd-ad.5.xml:916 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:197 sssd-ad.5.xml:947 +#: sssd-ipa.5.xml:203 sssd-ad.5.xml:967 msgid "dyndns_auth (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:200 sssd-ad.5.xml:950 +#: sssd-ipa.5.xml:206 sssd-ad.5.xml:970 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " @@ -8148,22 +8335,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:206 sssd-ad.5.xml:956 +#: sssd-ipa.5.xml:212 sssd-ad.5.xml:976 msgid "Default: GSS-TSIG" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:212 +#: sssd-ipa.5.xml:218 msgid "ipa_enable_dns_sites (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:215 sssd-ad.5.xml:197 +#: sssd-ipa.5.xml:221 sssd-ad.5.xml:210 msgid "Enables DNS sites - location based service discovery." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:219 +#: sssd-ipa.5.xml:225 msgid "" "If true and service discovery (see Service Discovery paragraph at the bottom " "of the man page) is enabled, then the SSSD will first attempt location " @@ -8176,12 +8363,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:238 sssd-ad.5.xml:902 +#: sssd-ipa.5.xml:244 sssd-ad.5.xml:922 msgid "dyndns_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:241 +#: sssd-ipa.5.xml:247 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -8189,226 +8376,214 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:254 sssd-ad.5.xml:920 +#: sssd-ipa.5.xml:260 sssd-ad.5.xml:940 msgid "dyndns_update_ptr (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:257 sssd-ad.5.xml:923 +#: sssd-ipa.5.xml:263 sssd-ad.5.xml:943 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:262 +#: sssd-ipa.5.xml:268 msgid "" "This option should be False in most IPA deployments as the IPA server " "generates the PTR records automatically when forward records are changed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:268 +#: sssd-ipa.5.xml:274 msgid "Default: False (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:274 sssd-ad.5.xml:934 +#: sssd-ipa.5.xml:280 sssd-ad.5.xml:954 msgid "dyndns_force_tcp (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:277 sssd-ad.5.xml:937 +#: sssd-ipa.5.xml:283 sssd-ad.5.xml:957 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:281 sssd-ad.5.xml:941 +#: sssd-ipa.5.xml:287 sssd-ad.5.xml:961 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:287 sssd-ad.5.xml:962 +#: sssd-ipa.5.xml:293 sssd-ad.5.xml:982 msgid "dyndns_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:290 sssd-ad.5.xml:965 +#: sssd-ipa.5.xml:296 sssd-ad.5.xml:985 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:295 sssd-ad.5.xml:970 +#: sssd-ipa.5.xml:301 sssd-ad.5.xml:990 msgid "" "Setting this option makes sense for environments where the DNS server is " "different from the identity server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:300 sssd-ad.5.xml:975 +#: sssd-ipa.5.xml:306 sssd-ad.5.xml:995 msgid "" "Please note that this option will be only used in fallback attempt when " "previous attempt using autodetected settings failed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:305 sssd-ad.5.xml:980 +#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1000 msgid "Default: None (let nsupdate choose the server)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:311 +#: sssd-ipa.5.xml:317 msgid "ipa_deskprofile_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:314 +#: sssd-ipa.5.xml:320 msgid "" "Optional. Use the given string as search base for Desktop Profile related " "objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:318 sssd-ipa.5.xml:331 +#: sssd-ipa.5.xml:324 sssd-ipa.5.xml:337 msgid "Default: Use base DN" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:324 +#: sssd-ipa.5.xml:330 msgid "ipa_hbac_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:327 +#: sssd-ipa.5.xml:333 msgid "Optional. Use the given string as search base for HBAC related objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:337 +#: sssd-ipa.5.xml:343 msgid "ipa_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:340 -msgid "Optional. Use the given string as search base for host objects." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:344 sssd-ipa.5.xml:363 sssd-ipa.5.xml:382 sssd-ipa.5.xml:401 sssd-ipa.5.xml:420 -msgid "" -"See <quote>ldap_search_base</quote> for information about configuring " -"multiple search bases." -msgstr "" - -#. type: Content of: <listitem><para> -#: sssd-ipa.5.xml:349 sssd-ipa.5.xml:368 include/ldap_search_bases.xml:27 -msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" +#: sssd-ipa.5.xml:346 +msgid "Deprecated. Use ldap_host_search_base instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:356 +#: sssd-ipa.5.xml:352 msgid "ipa_selinux_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:359 +#: sssd-ipa.5.xml:355 msgid "Optional. Use the given string as search base for SELinux user maps." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:375 +#: sssd-ipa.5.xml:371 msgid "ipa_subdomains_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:378 +#: sssd-ipa.5.xml:374 msgid "Optional. Use the given string as search base for trusted domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:387 +#: sssd-ipa.5.xml:383 msgid "Default: the value of <emphasis>cn=trusts,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:394 +#: sssd-ipa.5.xml:390 msgid "ipa_master_domain_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:397 +#: sssd-ipa.5.xml:393 msgid "Optional. Use the given string as search base for master domain object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:406 +#: sssd-ipa.5.xml:402 msgid "Default: the value of <emphasis>cn=ad,cn=etc,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:413 +#: sssd-ipa.5.xml:409 msgid "ipa_views_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:416 +#: sssd-ipa.5.xml:412 msgid "Optional. Use the given string as search base for views containers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:425 +#: sssd-ipa.5.xml:421 msgid "Default: the value of <emphasis>cn=views,cn=accounts,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:435 +#: sssd-ipa.5.xml:431 msgid "" "The name of the Kerberos realm. This is optional and defaults to the value " "of <quote>ipa_domain</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:439 +#: sssd-ipa.5.xml:435 msgid "" "The name of the Kerberos realm has a special meaning in IPA - it is " "converted into the base DN to use for performing LDAP operations." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:447 sssd-ad.5.xml:989 +#: sssd-ipa.5.xml:443 sssd-ad.5.xml:1009 msgid "krb5_confd_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:450 sssd-ad.5.xml:992 +#: sssd-ipa.5.xml:446 sssd-ad.5.xml:1012 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:454 sssd-ad.5.xml:996 +#: sssd-ipa.5.xml:450 sssd-ad.5.xml:1016 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:458 sssd-ad.5.xml:1000 +#: sssd-ipa.5.xml:454 sssd-ad.5.xml:1020 msgid "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:465 +#: sssd-ipa.5.xml:461 msgid "ipa_deskprofile_refresh (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:468 +#: sssd-ipa.5.xml:464 msgid "" "The amount of time between lookups of the Desktop Profile rules against the " "IPA server. This will reduce the latency and load on the IPA server if there " @@ -8416,34 +8591,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:475 sssd-ipa.5.xml:505 sssd-ipa.5.xml:521 sssd-ad.5.xml:408 +#: sssd-ipa.5.xml:471 sssd-ipa.5.xml:501 sssd-ipa.5.xml:517 sssd-ad.5.xml:428 msgid "Default: 5 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:481 +#: sssd-ipa.5.xml:477 msgid "ipa_deskprofile_request_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:484 +#: sssd-ipa.5.xml:480 msgid "" "The amount of time between lookups of the Desktop Profile rules against the " "IPA server in case the last request did not return any rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:489 +#: sssd-ipa.5.xml:485 msgid "Default: 60 (minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:495 +#: sssd-ipa.5.xml:491 msgid "ipa_hbac_refresh (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:498 +#: sssd-ipa.5.xml:494 msgid "" "The amount of time between lookups of the HBAC rules against the IPA " "server. This will reduce the latency and load on the IPA server if there are " @@ -8451,12 +8626,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:511 +#: sssd-ipa.5.xml:507 msgid "ipa_hbac_selinux (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:514 +#: sssd-ipa.5.xml:510 msgid "" "The amount of time between lookups of the SELinux maps against the IPA " "server. This will reduce the latency and load on the IPA server if there are " @@ -8464,192 +8639,214 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:527 +#: sssd-ipa.5.xml:523 msgid "ipa_server_mode (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:530 +#: sssd-ipa.5.xml:526 msgid "" "This option will be set by the IPA installer (ipa-server-install) " "automatically and denotes if SSSD is running on an IPA server or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:535 +#: sssd-ipa.5.xml:531 msgid "" "On an IPA server SSSD will lookup users and groups from trusted domains " "directly while on a client it will ask an IPA server." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:536 +msgid "" +"NOTE: There are currently some assumptions that must be met when SSSD is " +"running on an IPA server." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ipa.5.xml:541 +msgid "" +"The <quote>ipa_server</quote> option must be configured to point to the IPA " +"server itself. This is already the default set by the IPA installer, so no " +"manual change is required." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ipa.5.xml:550 +msgid "" +"The <quote>full_name_format</quote> option must not be tweaked to only print " +"short names for users from trusted domains." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:546 +#: sssd-ipa.5.xml:565 msgid "ipa_automount_location (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:549 +#: sssd-ipa.5.xml:568 msgid "The automounter location this IPA client will be using" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:552 +#: sssd-ipa.5.xml:571 msgid "Default: The location named \"default\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:560 +#: sssd-ipa.5.xml:579 msgid "VIEWS AND OVERRIDES" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:569 +#: sssd-ipa.5.xml:588 msgid "ipa_view_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:572 +#: sssd-ipa.5.xml:591 msgid "Objectclass of the view container." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:575 +#: sssd-ipa.5.xml:594 msgid "Default: nsContainer" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:581 +#: sssd-ipa.5.xml:600 msgid "ipa_view_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:584 +#: sssd-ipa.5.xml:603 msgid "Name of the attribute holding the name of the view." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:594 +#: sssd-ipa.5.xml:613 msgid "ipa_override_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:597 +#: sssd-ipa.5.xml:616 msgid "Objectclass of the override objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:600 +#: sssd-ipa.5.xml:619 msgid "Default: ipaOverrideAnchor" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:606 +#: sssd-ipa.5.xml:625 msgid "ipa_anchor_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:609 +#: sssd-ipa.5.xml:628 msgid "" "Name of the attribute containing the reference to the original object in a " "remote domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:613 +#: sssd-ipa.5.xml:632 msgid "Default: ipaAnchorUUID" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:619 +#: sssd-ipa.5.xml:638 msgid "ipa_user_override_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:622 +#: sssd-ipa.5.xml:641 msgid "" "Name of the objectclass for user overrides. It is used to determine if the " "found override object is related to a user or a group." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:627 +#: sssd-ipa.5.xml:646 msgid "User overrides can contain attributes given by" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:630 +#: sssd-ipa.5.xml:649 msgid "ldap_user_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:633 +#: sssd-ipa.5.xml:652 msgid "ldap_user_uid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:636 +#: sssd-ipa.5.xml:655 msgid "ldap_user_gid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:639 +#: sssd-ipa.5.xml:658 msgid "ldap_user_gecos" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:642 +#: sssd-ipa.5.xml:661 msgid "ldap_user_home_directory" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:645 +#: sssd-ipa.5.xml:664 msgid "ldap_user_shell" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:648 +#: sssd-ipa.5.xml:667 msgid "ldap_user_ssh_public_key" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:653 +#: sssd-ipa.5.xml:672 msgid "Default: ipaUserOverride" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:659 +#: sssd-ipa.5.xml:678 msgid "ipa_group_override_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:662 +#: sssd-ipa.5.xml:681 msgid "" "Name of the objectclass for group overrides. It is used to determine if the " "found override object is related to a user or a group." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:667 +#: sssd-ipa.5.xml:686 msgid "Group overrides can contain attributes given by" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:670 +#: sssd-ipa.5.xml:689 msgid "ldap_group_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:673 +#: sssd-ipa.5.xml:692 msgid "ldap_group_gid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:678 +#: sssd-ipa.5.xml:697 msgid "Default: ipaGroupOverride" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:562 +#: sssd-ipa.5.xml:581 msgid "" "SSSD can handle views and overrides which are offered by FreeIPA 4.1 and " "later version. Since all paths and objectclasses are fixed on the server " @@ -8659,19 +8856,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ipa.5.xml:690 +#: sssd-ipa.5.xml:709 msgid "SUBDOMAINS PROVIDER" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:692 +#: sssd-ipa.5.xml:711 msgid "" "The IPA subdomains provider behaves slightly differently if it is configured " "explicitly or implicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:696 +#: sssd-ipa.5.xml:715 msgid "" "If the option 'subdomains_provider = ipa' is found in the domain section of " "sssd.conf, the IPA subdomains provider is configured explicitly, and all " @@ -8679,7 +8876,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:702 +#: sssd-ipa.5.xml:721 msgid "" "If the option 'subdomains_provider' is not set in the domain section of " "sssd.conf but there is the option 'id_provider = ipa', the IPA subdomains " @@ -8691,7 +8888,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:719 +#: sssd-ipa.5.xml:738 msgid "" "The following example assumes that SSSD is correctly configured and " "example.com is one of the domains in the <replaceable>[sssd]</replaceable> " @@ -8699,7 +8896,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:726 +#: sssd-ipa.5.xml:745 #, no-wrap msgid "" "[domain/example.com]\n" @@ -8736,7 +8933,7 @@ msgid "" "server. This provider requires that the machine be joined to the AD domain " "and a keytab is available. Back end communication occurs over a " "GSSAPI-encrypted channel, SSL/TLS options should not be used with the AD " -"provider and will be superceded by Kerberos usage." +"provider and will be superseded by Kerberos usage." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> @@ -8784,8 +8981,16 @@ msgid "" "side." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ad.5.xml:79 +msgid "" +"If <quote>auth_provider=ad</quote> or <quote>access_provider=ad</quote> is " +"configured in sssd.conf then the id_provider must also be set to " +"<quote>ad</quote>." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:85 +#: sssd-ad.5.xml:91 #, no-wrap msgid "" "ldap_id_mapping = False\n" @@ -8793,20 +8998,25 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:79 +#: sssd-ad.5.xml:85 msgid "" "By default, the AD provider will map UID and GID values from the objectSID " "parameter in Active Directory. For details on this, see the <quote>ID " "MAPPING</quote> section below. If you want to disable ID mapping and instead " "rely on POSIX attributes defined in Active Directory, you should set " -"<placeholder type=\"programlisting\" id=\"0\"/> In order to retrieve users " -"and groups using POSIX attributes from trusted domains, the AD administrator " -"must make sure that the POSIX attributes are replicated to the Global " -"Catalog." +"<placeholder type=\"programlisting\" id=\"0\"/> If POSIX attributes should " +"be used, it is recommended for performance reasons that the attributes are " +"also replicated to the Global Catalog. If POSIX attributes are replicated, " +"SSSD will attempt to locate the domain of a requested numerical ID with the " +"help of the Global Catalog and only search that domain. In contrast, if " +"POSIX attributes are not replicated to the Global Catalog, SSSD must search " +"all the domains in the forest sequentially. Please note that the " +"<quote>cache_first</quote> option might be also helpful in speeding up " +"domainless searches." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:92 +#: sssd-ad.5.xml:105 msgid "" "Users, groups and other entities served by SSSD are always treated as " "case-insensitive in the AD provider for compatibility with Active " @@ -8814,38 +9024,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:107 +#: sssd-ad.5.xml:120 msgid "ad_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:110 +#: sssd-ad.5.xml:123 msgid "" "Specifies the name of the Active Directory domain. This is optional. If not " "provided, the configuration domain name is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:115 +#: sssd-ad.5.xml:128 msgid "" "For proper operation, this option should be specified as the lower-case " "version of the long version of the Active Directory domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:120 +#: sssd-ad.5.xml:133 msgid "" "The short domain name (also known as the NetBIOS or the flat name) is " "autodetected by the SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:127 +#: sssd-ad.5.xml:140 msgid "ad_enabled_domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:130 +#: sssd-ad.5.xml:143 msgid "" "A comma-separated list of enabled Active Directory domains. If provided, " "SSSD will ignore any domains not listed in this option. If left unset, all " @@ -8853,7 +9063,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:140 +#: sssd-ad.5.xml:153 #, no-wrap msgid "" "ad_enabled_domains = sales.example.com, eng.example.com\n" @@ -8861,7 +9071,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:136 +#: sssd-ad.5.xml:149 msgid "" "For proper operation, this option must be specified in all lower-case and as " "the fully qualified domain name of the Active Directory domain. For example: " @@ -8869,19 +9079,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:144 +#: sssd-ad.5.xml:157 msgid "" "The short domain name (also known as the NetBIOS or the flat name) will be " "autodetected by SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:154 +#: sssd-ad.5.xml:167 msgid "ad_server, ad_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:157 +#: sssd-ad.5.xml:170 msgid "" "The comma-separated list of hostnames of the AD servers to which SSSD should " "connect in order of preference. For more information on failover and server " @@ -8889,26 +9099,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:164 +#: sssd-ad.5.xml:177 msgid "" "This is optional if autodiscovery is enabled. For more information on " "service discovery, refer to the <quote>SERVICE DISCOVERY</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:169 +#: sssd-ad.5.xml:182 msgid "" "Note: Trusted domains will always auto-discover servers even if the primary " "server is explicitly defined in the ad_server option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:177 +#: sssd-ad.5.xml:190 msgid "ad_hostname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:180 +#: sssd-ad.5.xml:193 msgid "" "Optional. May be set on machines where the hostname(5) does not reflect the " "fully qualified name used in the Active Directory domain to identify this " @@ -8916,19 +9126,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:186 +#: sssd-ad.5.xml:199 msgid "" "This field is used to determine the host principal in use in the keytab. It " "must match the hostname for which the keytab was issued." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:194 +#: sssd-ad.5.xml:207 msgid "ad_enable_dns_sites (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:201 +#: sssd-ad.5.xml:214 msgid "" "If true and service discovery (see Service Discovery paragraph at the bottom " "of the man page) is enabled, the SSSD will first attempt to discover the " @@ -8939,12 +9149,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:217 +#: sssd-ad.5.xml:230 msgid "ad_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:220 +#: sssd-ad.5.xml:233 msgid "" "This option specifies LDAP access control filter that the user must match in " "order to be allowed access. Please note that the " @@ -8953,7 +9163,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:228 +#: sssd-ad.5.xml:241 msgid "" "The option also supports specifying different filters per domain or " "forest. This extended filter would consist of: " @@ -8962,7 +9172,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:236 +#: sssd-ad.5.xml:249 msgid "" "If the keyword equals to <quote>DOM</quote> or is missing, then " "<quote>NAME</quote> specifies the domain or subdomain the filter applies " @@ -8971,14 +9181,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:244 +#: sssd-ad.5.xml:257 msgid "" "Multiple filters can be separated with the <quote>?</quote> character, " "similarly to how search bases work." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:249 +#: sssd-ad.5.xml:262 msgid "" "Nested group membership must be searched for using a special OID " "<quote>:1.2.840.113556.1.4.1941:</quote> in addition to the full " @@ -8991,7 +9201,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:262 +#: sssd-ad.5.xml:275 msgid "" "The most specific match is always used. For example, if the option specified " "filter for a domain the user is a member of and a global filter, the " @@ -9000,7 +9210,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ad.5.xml:273 +#: sssd-ad.5.xml:286 #, no-wrap msgid "" "# apply filter on domain called dom1 only:\n" @@ -9018,24 +9228,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:292 +#: sssd-ad.5.xml:305 msgid "ad_site (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:295 +#: sssd-ad.5.xml:308 msgid "" "Specify AD site to which client should try to connect. If this option is " "not provided, the AD site will be auto-discovered." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:306 +#: sssd-ad.5.xml:319 msgid "ad_enable_gc (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:309 +#: sssd-ad.5.xml:322 msgid "" "By default, the SSSD connects to the Global Catalog first to retrieve users " "from trusted domains and uses the LDAP port to retrieve group memberships or " @@ -9044,7 +9254,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:317 +#: sssd-ad.5.xml:330 msgid "" "Please note that disabling Global Catalog support does not disable " "retrieving users from trusted domains. The SSSD would connect to the LDAP " @@ -9053,12 +9263,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:331 +#: sssd-ad.5.xml:344 msgid "ad_gpo_access_control (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:334 +#: sssd-ad.5.xml:347 msgid "" "This option specifies the operation mode for GPO-based access control " "functionality: whether it operates in disabled mode, enforcing mode, or " @@ -9068,14 +9278,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:343 +#: sssd-ad.5.xml:356 msgid "" "GPO-based access control functionality uses GPO policy settings to determine " "whether or not a particular user is allowed to logon to a particular host." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:349 +#: sssd-ad.5.xml:362 +msgid "" +"NOTE: The current version of SSSD does not support host (computer) entries " +"in the GPO 'Security Filtering' list. Only user and group entries are " +"supported. Host entries in the list have no effect." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:369 msgid "" "NOTE: If the operation mode is set to enforcing, it is possible that users " "that were previously allowed logon access will now be denied logon access " @@ -9088,22 +9306,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:362 +#: sssd-ad.5.xml:382 msgid "There are three supported values for this option:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:366 +#: sssd-ad.5.xml:386 msgid "disabled: GPO-based access control rules are neither evaluated nor enforced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:372 +#: sssd-ad.5.xml:392 msgid "enforcing: GPO-based access control rules are evaluated and enforced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:378 +#: sssd-ad.5.xml:398 msgid "" "permissive: GPO-based access control rules are evaluated, but not enforced. " "Instead, a syslog message will be emitted indicating that the user would " @@ -9111,22 +9329,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:389 +#: sssd-ad.5.xml:409 msgid "Default: permissive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:392 +#: sssd-ad.5.xml:412 msgid "Default: enforcing" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:398 +#: sssd-ad.5.xml:418 msgid "ad_gpo_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:401 +#: sssd-ad.5.xml:421 msgid "" "The amount of time between lookups of GPO policy files against the AD " "server. This will reduce the latency and load on the AD server if there are " @@ -9134,12 +9352,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:414 +#: sssd-ad.5.xml:434 msgid "ad_gpo_map_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:417 +#: sssd-ad.5.xml:437 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the InteractiveLogonRight and " @@ -9147,14 +9365,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:423 +#: sssd-ad.5.xml:443 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on locally\" and \"Deny log on locally\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:437 +#: sssd-ad.5.xml:457 #, no-wrap msgid "" "ad_gpo_map_interactive = +my_pam_service, -login\n" @@ -9162,7 +9380,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:428 +#: sssd-ad.5.xml:448 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9174,77 +9392,77 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:441 sssd-ad.5.xml:537 sssd-ad.5.xml:583 sssd-ad.5.xml:628 sssd-ad.5.xml:694 +#: sssd-ad.5.xml:461 sssd-ad.5.xml:557 sssd-ad.5.xml:603 sssd-ad.5.xml:648 sssd-ad.5.xml:714 msgid "Default: the default set of PAM service names includes:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:445 +#: sssd-ad.5.xml:465 msgid "login" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:450 +#: sssd-ad.5.xml:470 msgid "su" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:455 +#: sssd-ad.5.xml:475 msgid "su-l" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:460 +#: sssd-ad.5.xml:480 msgid "gdm-fingerprint" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:465 +#: sssd-ad.5.xml:485 msgid "gdm-password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:470 +#: sssd-ad.5.xml:490 msgid "gdm-smartcard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:475 +#: sssd-ad.5.xml:495 msgid "kdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:480 +#: sssd-ad.5.xml:500 msgid "lightdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:485 +#: sssd-ad.5.xml:505 msgid "lxdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:490 +#: sssd-ad.5.xml:510 msgid "sddm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:495 +#: sssd-ad.5.xml:515 msgid "unity" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:500 +#: sssd-ad.5.xml:520 msgid "xdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:509 +#: sssd-ad.5.xml:529 msgid "ad_gpo_map_remote_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:512 +#: sssd-ad.5.xml:532 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the RemoteInteractiveLogonRight and " @@ -9252,7 +9470,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:518 +#: sssd-ad.5.xml:538 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on through Remote Desktop Services\" and \"Deny log on through Remote " @@ -9260,7 +9478,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:533 +#: sssd-ad.5.xml:553 #, no-wrap msgid "" "ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n" @@ -9268,7 +9486,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:524 +#: sssd-ad.5.xml:544 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9280,22 +9498,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:541 +#: sssd-ad.5.xml:561 msgid "sshd" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:546 +#: sssd-ad.5.xml:566 msgid "cockpit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:555 +#: sssd-ad.5.xml:575 msgid "ad_gpo_map_network (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:558 +#: sssd-ad.5.xml:578 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the NetworkLogonRight and " @@ -9303,7 +9521,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:564 +#: sssd-ad.5.xml:584 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Access " "this computer from the network\" and \"Deny access to this computer from the " @@ -9311,7 +9529,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:579 +#: sssd-ad.5.xml:599 #, no-wrap msgid "" "ad_gpo_map_network = +my_pam_service, -ftp\n" @@ -9319,7 +9537,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:570 +#: sssd-ad.5.xml:590 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9331,22 +9549,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:587 +#: sssd-ad.5.xml:607 msgid "ftp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:592 +#: sssd-ad.5.xml:612 msgid "samba" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:601 +#: sssd-ad.5.xml:621 msgid "ad_gpo_map_batch (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:604 +#: sssd-ad.5.xml:624 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " @@ -9354,14 +9572,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:610 +#: sssd-ad.5.xml:630 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a batch job\" and \"Deny log on as a batch job\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:624 +#: sssd-ad.5.xml:644 #, no-wrap msgid "" "ad_gpo_map_batch = +my_pam_service, -crond\n" @@ -9369,7 +9587,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:615 +#: sssd-ad.5.xml:635 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9381,17 +9599,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:632 +#: sssd-ad.5.xml:652 msgid "crond" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:641 +#: sssd-ad.5.xml:661 msgid "ad_gpo_map_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:644 +#: sssd-ad.5.xml:664 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the ServiceLogonRight and " @@ -9399,14 +9617,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:650 +#: sssd-ad.5.xml:670 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a service\" and \"Deny log on as a service\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:663 +#: sssd-ad.5.xml:683 #, no-wrap msgid "" "ad_gpo_map_service = +my_pam_service\n" @@ -9414,7 +9632,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:655 sssd-ad.5.xml:730 +#: sssd-ad.5.xml:675 sssd-ad.5.xml:750 msgid "" "It is possible to add a PAM service name to the default set by using " "<quote>+service_name</quote>. Since the default set is empty, it is not " @@ -9425,19 +9643,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:673 +#: sssd-ad.5.xml:693 msgid "ad_gpo_map_permit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:676 +#: sssd-ad.5.xml:696 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always granted, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:690 +#: sssd-ad.5.xml:710 #, no-wrap msgid "" "ad_gpo_map_permit = +my_pam_service, -sudo\n" @@ -9445,7 +9663,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:681 +#: sssd-ad.5.xml:701 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9457,39 +9675,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:698 +#: sssd-ad.5.xml:718 msgid "polkit-1" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:703 +#: sssd-ad.5.xml:723 msgid "sudo" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:708 +#: sssd-ad.5.xml:728 msgid "sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:713 +#: sssd-ad.5.xml:733 msgid "systemd-user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:722 +#: sssd-ad.5.xml:742 msgid "ad_gpo_map_deny (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:725 +#: sssd-ad.5.xml:745 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always denied, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:738 +#: sssd-ad.5.xml:758 #, no-wrap msgid "" "ad_gpo_map_deny = +my_pam_service\n" @@ -9497,12 +9715,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:748 +#: sssd-ad.5.xml:768 msgid "ad_gpo_default_right (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:751 +#: sssd-ad.5.xml:771 msgid "" "This option defines how access control is evaluated for PAM service names " "that are not explicitly listed in one of the ad_gpo_map_* options. This " @@ -9515,57 +9733,57 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:764 +#: sssd-ad.5.xml:784 msgid "Supported values for this option include:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:768 +#: sssd-ad.5.xml:788 msgid "interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:773 +#: sssd-ad.5.xml:793 msgid "remote_interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:778 +#: sssd-ad.5.xml:798 msgid "network" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:783 +#: sssd-ad.5.xml:803 msgid "batch" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:788 +#: sssd-ad.5.xml:808 msgid "service" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:793 +#: sssd-ad.5.xml:813 msgid "permit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:798 +#: sssd-ad.5.xml:818 msgid "deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:804 +#: sssd-ad.5.xml:824 msgid "Default: deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:810 +#: sssd-ad.5.xml:830 msgid "ad_maximum_machine_account_password_age (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:813 +#: sssd-ad.5.xml:833 msgid "" "SSSD will check once a day if the machine account password is older than the " "given age in days and try to renew it. A value of 0 will disable the renewal " @@ -9573,17 +9791,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:819 +#: sssd-ad.5.xml:839 msgid "Default: 30 days" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:825 +#: sssd-ad.5.xml:845 msgid "ad_machine_account_password_renewal_opts (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:828 +#: sssd-ad.5.xml:848 msgid "" "This option should only be used to test the machine account renewal " "task. The option expects 2 integers separated by a colon (':'). The first " @@ -9593,12 +9811,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:837 +#: sssd-ad.5.xml:857 msgid "Default: 86400:750 (24h and 15m)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:846 +#: sssd-ad.5.xml:866 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -9609,19 +9827,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:876 +#: sssd-ad.5.xml:896 msgid "Default: 3600 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:892 +#: sssd-ad.5.xml:912 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:905 +#: sssd-ad.5.xml:925 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -9631,12 +9849,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:928 sss_rpcidmapd.5.xml:76 +#: sssd-ad.5.xml:948 sss_rpcidmapd.5.xml:76 msgid "Default: True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1020 +#: sssd-ad.5.xml:1040 msgid "" "The following example assumes that SSSD is correctly configured and " "example.com is one of the domains in the <replaceable>[sssd]</replaceable> " @@ -9644,7 +9862,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1027 +#: sssd-ad.5.xml:1047 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -9659,7 +9877,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1047 +#: sssd-ad.5.xml:1067 #, no-wrap msgid "" "access_provider = ldap\n" @@ -9668,7 +9886,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1043 +#: sssd-ad.5.xml:1063 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -9676,7 +9894,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1053 +#: sssd-ad.5.xml:1073 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -9686,7 +9904,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1061 +#: sssd-ad.5.xml:1081 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " @@ -9997,33 +10215,73 @@ msgid "" "files for every SSSD service and domain." msgstr "" +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:94 +msgid "" +"This option is deprecated. It is replaced by " +"<option>--logger=files</option>." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:97 +#: sssd.8.xml:101 +msgid "<option>--logger=</option><replaceable>value</replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:105 +msgid "" +"Location where SSSD will send log messages. This option overrides the value " +"of the deprecated option <option>--debug-to-files</option>. The deprecated " +"option will still work if the <option>--logger</option> is not used." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:112 +msgid "" +"<emphasis>stderr</emphasis>: Redirect debug messages to standard error " +"output." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:116 +msgid "" +"<emphasis>files</emphasis>: Redirect debug messages to the log files. By " +"default, the log files are stored in <filename>/var/log/sssd</filename> and " +"there are separate log files for every SSSD service and domain." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:122 +msgid "<emphasis>journald</emphasis>: Redirect debug messages to systemd-journald" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sssd.8.xml:132 msgid "<option>-D</option>,<option>--daemon</option>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:101 +#: sssd.8.xml:136 msgid "Become a daemon after starting up." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:107 sss_seed.8.xml:136 +#: sssd.8.xml:142 sss_seed.8.xml:136 msgid "<option>-i</option>,<option>--interactive</option>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:111 +#: sssd.8.xml:146 msgid "Run in the foreground, don't become a daemon." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:117 +#: sssd.8.xml:152 msgid "<option>-c</option>,<option>--config</option>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:121 +#: sssd.8.xml:156 msgid "" "Specify a non-default config file. The default is " "<filename>/etc/sssd/sssd.conf</filename>. For reference on the config file " @@ -10033,39 +10291,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:135 +#: sssd.8.xml:170 msgid "<option>--version</option>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:139 +#: sssd.8.xml:174 msgid "Print version number and exit." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.8.xml:147 +#: sssd.8.xml:182 msgid "Signals" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:150 +#: sssd.8.xml:185 msgid "SIGTERM/SIGINT" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:153 +#: sssd.8.xml:188 msgid "" "Informs the SSSD to gracefully terminate all of its child processes and then " "shut down the monitor." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:159 +#: sssd.8.xml:194 msgid "SIGHUP" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:162 +#: sssd.8.xml:197 msgid "" "Tells the SSSD to stop writing to its current debug file descriptors and to " "close and reopen them. This is meant to facilitate log rolling with programs " @@ -10073,12 +10331,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:170 +#: sssd.8.xml:205 msgid "SIGUSR1" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:173 +#: sssd.8.xml:208 msgid "" "Tells the SSSD to simulate offline operation for the duration of the " "<quote>offline_timeout</quote> parameter. This is useful for testing. The " @@ -10087,12 +10345,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:182 +#: sssd.8.xml:217 msgid "SIGUSR2" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:185 +#: sssd.8.xml:220 msgid "" "Tells the SSSD to go online immediately. This is useful for testing. The " "signal can be sent to either the sssd process or any sssd_be process " @@ -10100,7 +10358,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.8.xml:197 +#: sssd.8.xml:232 msgid "" "If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", client " "applications will not use the fast in memory cache." @@ -12473,7 +12731,7 @@ msgid "" "project was born to deal with this problem in cloud like environments, but " "we found the idea compelling even at a single system level. As a security " "service, SSSD is ideal to host this capability while offering the same API " -"via a Unix Socket. This will make it possible to use local calls and have " +"via a UNIX Socket. This will make it possible to use local calls and have " "them transparently routed to a local or a remote key management store like " "IPA Vault for storage, escrow and recovery." msgstr "" diff --git a/src/man/po/tg.po b/src/man/po/tg.po index ac019052bb1..3c83f81f548 100644 --- a/src/man/po/tg.po +++ b/src/man/po/tg.po @@ -7,7 +7,7 @@ msgid "" msgstr "" "Project-Id-Version: sssd-docs 1.15.3\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2017-10-20 16:15+0200\n" +"POT-Creation-Date: 2018-03-09 12:30+0100\n" "PO-Revision-Date: 2014-12-15 12:10-0500\n" "Last-Translator: Copied by Zanata <copied-by-zanata@zanata.org>\n" "Language-Team: Tajik (http://www.transifex.com/projects/p/sssd/language/" @@ -293,9 +293,9 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:133 sssd.conf.5.xml:543 sssd.conf.5.xml:837 -#: sssd.conf.5.xml:1467 sssd-ldap.5.xml:1722 sssd-ldap.5.xml:1819 -#: sssd-ldap.5.xml:1881 sssd-ldap.5.xml:2447 sssd-ldap.5.xml:2512 -#: sssd-ldap.5.xml:2530 sssd-ad.5.xml:211 sssd-ad.5.xml:325 sssd-ad.5.xml:862 +#: sssd.conf.5.xml:1474 sssd-ldap.5.xml:1840 sssd-ldap.5.xml:1937 +#: sssd-ldap.5.xml:1999 sssd-ldap.5.xml:2565 sssd-ldap.5.xml:2630 +#: sssd-ldap.5.xml:2648 sssd-ad.5.xml:224 sssd-ad.5.xml:338 sssd-ad.5.xml:882 #: sssd-krb5.5.xml:499 sssd-secrets.5.xml:351 sssd-secrets.5.xml:364 msgid "Default: true" msgstr "Пешфарз: true" @@ -314,16 +314,16 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:146 sssd.conf.5.xml:540 sssd.conf.5.xml:721 -#: sssd.conf.5.xml:1400 sssd.conf.5.xml:2865 sssd-ldap.5.xml:708 -#: sssd-ldap.5.xml:1596 sssd-ldap.5.xml:1615 sssd-ldap.5.xml:1791 -#: sssd-ldap.5.xml:2217 sssd-ipa.5.xml:145 sssd-ipa.5.xml:232 -#: sssd-ipa.5.xml:540 sssd-krb5.5.xml:266 sssd-krb5.5.xml:300 +#: sssd.conf.5.xml:1407 sssd.conf.5.xml:2925 sssd-ldap.5.xml:708 +#: sssd-ldap.5.xml:1714 sssd-ldap.5.xml:1733 sssd-ldap.5.xml:1909 +#: sssd-ldap.5.xml:2335 sssd-ipa.5.xml:151 sssd-ipa.5.xml:238 +#: sssd-ipa.5.xml:559 sssd-krb5.5.xml:266 sssd-krb5.5.xml:300 #: sssd-krb5.5.xml:471 msgid "Default: false" msgstr "Пешфарз: false" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2255 +#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2373 #: sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 sssd-systemtap.5.xml:210 #: sssd-systemtap.5.xml:248 sssd-systemtap.5.xml:304 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" @@ -348,8 +348,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:169 sssd.conf.5.xml:1352 sssd.conf.5.xml:2881 -#: sssd-ldap.5.xml:1467 include/ldap_id_mapping.xml:264 +#: sssd.conf.5.xml:169 sssd.conf.5.xml:1359 sssd.conf.5.xml:2941 +#: sssd-ldap.5.xml:1585 include/ldap_id_mapping.xml:264 msgid "Default: 10" msgstr "Пешфарз: 10" @@ -364,7 +364,7 @@ msgid "The [sssd] section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:191 sssd.conf.5.xml:2970 +#: sssd.conf.5.xml:191 sssd.conf.5.xml:3030 msgid "Section parameters" msgstr "" @@ -390,7 +390,7 @@ msgstr "" msgid "" "Comma separated list of services that are started when sssd itself starts. " "<phrase condition=\"have_systemd\"> The services' list is optional on " -"platforms where systemd is supported, as they will either be socket or dbus " +"platforms where systemd is supported, as they will either be socket or D-Bus " "activated when needed. </phrase>" msgstr "" @@ -444,7 +444,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:259 sssd.conf.5.xml:2508 +#: sssd.conf.5.xml:259 sssd.conf.5.xml:2539 msgid "re_expression (string)" msgstr "" @@ -464,12 +464,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:276 sssd.conf.5.xml:2559 +#: sssd.conf.5.xml:276 sssd.conf.5.xml:2590 msgid "full_name_format (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:279 sssd.conf.5.xml:2562 +#: sssd.conf.5.xml:279 sssd.conf.5.xml:2593 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -477,39 +477,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:290 sssd.conf.5.xml:2573 +#: sssd.conf.5.xml:290 sssd.conf.5.xml:2604 msgid "%1$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:291 sssd.conf.5.xml:2574 +#: sssd.conf.5.xml:291 sssd.conf.5.xml:2605 msgid "user name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:294 sssd.conf.5.xml:2577 +#: sssd.conf.5.xml:294 sssd.conf.5.xml:2608 msgid "%2$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:297 sssd.conf.5.xml:2580 +#: sssd.conf.5.xml:297 sssd.conf.5.xml:2611 msgid "domain name as specified in the SSSD config file." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:303 sssd.conf.5.xml:2586 +#: sssd.conf.5.xml:303 sssd.conf.5.xml:2617 msgid "%3$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:306 sssd.conf.5.xml:2589 +#: sssd.conf.5.xml:306 sssd.conf.5.xml:2620 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:287 sssd.conf.5.xml:2570 +#: sssd.conf.5.xml:287 sssd.conf.5.xml:2601 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -633,12 +633,13 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:418 sssd.conf.5.xml:1156 sssd-ldap.5.xml:679 -#: sssd-ldap.5.xml:1555 sssd-ldap.5.xml:1567 sssd-ldap.5.xml:1649 -#: sssd-ad.5.xml:667 sssd-ad.5.xml:742 sssd-krb5.5.xml:410 sssd-krb5.5.xml:556 -#: sssd-secrets.5.xml:339 sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 -#: sssd-secrets.5.xml:404 sssd-secrets.5.xml:415 -#: include/ldap_id_mapping.xml:205 include/ldap_id_mapping.xml:216 +#: sssd.conf.5.xml:418 sssd.conf.5.xml:1163 sssd-ldap.5.xml:679 +#: sssd-ldap.5.xml:1319 sssd-ldap.5.xml:1673 sssd-ldap.5.xml:1685 +#: sssd-ldap.5.xml:1767 sssd-ad.5.xml:687 sssd-ad.5.xml:762 sssd.8.xml:126 +#: sssd-krb5.5.xml:410 sssd-krb5.5.xml:556 sssd-secrets.5.xml:339 +#: sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 sssd-secrets.5.xml:404 +#: sssd-secrets.5.xml:415 include/ldap_id_mapping.xml:205 +#: include/ldap_id_mapping.xml:216 msgid "Default: not set" msgstr "" @@ -825,8 +826,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:587 sssd.conf.5.xml:1364 sssd.conf.5.xml:2931 -#: sssd-ad.5.xml:148 sssd-ad.5.xml:286 sssd-ad.5.xml:300 +#: sssd.conf.5.xml:587 sssd.conf.5.xml:1371 sssd.conf.5.xml:2991 +#: sssd-ad.5.xml:161 sssd-ad.5.xml:299 sssd-ad.5.xml:313 msgid "Default: Not set" msgstr "" @@ -902,7 +903,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:655 sssd.conf.5.xml:687 sssd.conf.5.xml:968 -#: sssd.conf.5.xml:1222 sssd-ldap.5.xml:1294 +#: sssd.conf.5.xml:1229 sssd-ldap.5.xml:1412 msgid "Default: 60" msgstr "" @@ -957,12 +958,12 @@ msgid "" "resource exhaustion on the system. The minimum acceptable value for this " "option is 60 seconds. Setting this option to 0 (zero) means that no timeout " "will be set up to the responder. This option only has effect when SSSD is " -"built with systemd support and when services are either socket or dbus " +"built with systemd support and when services are either socket or D-Bus " "activated." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:709 sssd.conf.5.xml:980 sssd.conf.5.xml:1559 +#: sssd.conf.5.xml:709 sssd.conf.5.xml:981 sssd.conf.5.xml:1566 #: sssd-ldap.5.xml:722 msgid "Default: 300" msgstr "" @@ -1040,7 +1041,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:775 sssd.conf.5.xml:1421 +#: sssd.conf.5.xml:775 sssd.conf.5.xml:1428 msgid "Default: 50" msgstr "Пешфарз: 50" @@ -1058,7 +1059,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:789 sssd.conf.5.xml:1445 +#: sssd.conf.5.xml:789 sssd.conf.5.xml:1452 msgid "Default: 15" msgstr "Пешфарз: 15" @@ -1075,7 +1076,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:802 sssd.conf.5.xml:1210 sssd.conf.5.xml:2815 sssd.8.xml:79 +#: sssd.conf.5.xml:802 sssd.conf.5.xml:1217 sssd.conf.5.xml:2846 sssd.8.xml:79 msgid "Default: 0" msgstr "Пешфарз: 0" @@ -1145,7 +1146,7 @@ msgid "" msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:856 sssd.conf.5.xml:1289 sssd.conf.5.xml:1308 +#: sssd.conf.5.xml:856 sssd.conf.5.xml:1296 sssd.conf.5.xml:1315 #: sssd-krb5.5.xml:539 include/override_homedir.xml:59 msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" @@ -1279,12 +1280,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:961 sssd.conf.5.xml:1215 +#: sssd.conf.5.xml:961 sssd.conf.5.xml:1222 msgid "get_domains_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:964 sssd.conf.5.xml:1218 +#: sssd.conf.5.xml:964 sssd.conf.5.xml:1225 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." @@ -1299,23 +1300,30 @@ msgstr "" #: sssd.conf.5.xml:976 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " -"valid." +"valid. Setting this option to zero will disable the in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:983 +#: sssd.conf.5.xml:984 +msgid "" +"WARNING: Disabling the in-memory cache will have significant negative impact " +"on SSSD's performance and should only be used for testing." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:990 msgid "" "NOTE: If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", " "client applications will not use the fast in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:991 sssd-ifp.5.xml:74 +#: sssd.conf.5.xml:998 sssd-ifp.5.xml:74 msgid "user_attributes (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:994 +#: sssd.conf.5.xml:1001 msgid "" "Some of the additional NSS responder requests can return more attributes " "than just the POSIX ones defined by the NSS interface. The list of " @@ -1326,96 +1334,96 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1007 +#: sssd.conf.5.xml:1014 msgid "" "To make configuration more easy the NSS responder will check the InfoPipe " "option if it is not set for the NSS responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1012 +#: sssd.conf.5.xml:1019 msgid "Default: not set, fallback to InfoPipe option" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1017 +#: sssd.conf.5.xml:1024 msgid "pwfield (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1020 +#: sssd.conf.5.xml:1027 msgid "" "The value that NSS operations that return users or groups will return for " "the <quote>password</quote> field." msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:1025 include/override_homedir.xml:56 +#: sssd.conf.5.xml:1032 include/override_homedir.xml:56 msgid "This option can also be set per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1028 +#: sssd.conf.5.xml:1035 msgid "" "Default: <quote>*</quote> (remote domains) or <quote>x</quote> (the files " "domain)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1036 +#: sssd.conf.5.xml:1043 msgid "PAM configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1038 +#: sssd.conf.5.xml:1045 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1043 +#: sssd.conf.5.xml:1050 msgid "offline_credentials_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1046 +#: sssd.conf.5.xml:1053 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1051 sssd.conf.5.xml:1064 +#: sssd.conf.5.xml:1058 sssd.conf.5.xml:1071 msgid "Default: 0 (No limit)" msgstr "Пешфарз: 0 (Номаҳдуд)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1057 +#: sssd.conf.5.xml:1064 msgid "offline_failed_login_attempts (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1060 +#: sssd.conf.5.xml:1067 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1070 +#: sssd.conf.5.xml:1077 msgid "offline_failed_login_delay (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1073 +#: sssd.conf.5.xml:1080 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1078 +#: sssd.conf.5.xml:1085 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -1423,59 +1431,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1084 sssd.conf.5.xml:1182 +#: sssd.conf.5.xml:1091 sssd.conf.5.xml:1189 msgid "Default: 5" msgstr "Пешфарз: 5" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1090 +#: sssd.conf.5.xml:1097 msgid "pam_verbosity (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1093 +#: sssd.conf.5.xml:1100 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1098 +#: sssd.conf.5.xml:1105 msgid "Currently sssd supports the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1101 +#: sssd.conf.5.xml:1108 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1104 +#: sssd.conf.5.xml:1111 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1108 +#: sssd.conf.5.xml:1115 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1111 +#: sssd.conf.5.xml:1118 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1115 sssd.8.xml:63 +#: sssd.conf.5.xml:1122 sssd.8.xml:63 msgid "Default: 1" msgstr "Пешфарз: 1" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1121 +#: sssd.conf.5.xml:1128 msgid "pam_response_filter (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1124 +#: sssd.conf.5.xml:1131 msgid "" "A comma separated list of strings which allows to remove (filter) data sent " "by the PAM responder to pam_sss PAM module. There are different kind of " @@ -1484,61 +1492,61 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1132 +#: sssd.conf.5.xml:1139 msgid "" "While messages already can be controlled with the help of the pam_verbosity " "option this option allows to filter out other kind of responses as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1139 +#: sssd.conf.5.xml:1146 msgid "ENV" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1140 +#: sssd.conf.5.xml:1147 msgid "Do not send any environment variables to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1143 +#: sssd.conf.5.xml:1150 msgid "ENV:var_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1144 +#: sssd.conf.5.xml:1151 msgid "Do not send environment variable var_name to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1148 +#: sssd.conf.5.xml:1155 msgid "ENV:var_name:service" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1149 +#: sssd.conf.5.xml:1156 msgid "Do not send environment variable var_name to service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1137 +#: sssd.conf.5.xml:1144 msgid "" "Currently the following filters are supported: <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1159 +#: sssd.conf.5.xml:1166 msgid "Example: ENV:KRB5CCNAME:sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1165 +#: sssd.conf.5.xml:1172 msgid "pam_id_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1168 +#: sssd.conf.5.xml:1175 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1546,7 +1554,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1174 +#: sssd.conf.5.xml:1181 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -1555,17 +1563,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1188 +#: sssd.conf.5.xml:1195 msgid "pam_pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1191 sssd.conf.5.xml:2010 +#: sssd.conf.5.xml:1198 sssd.conf.5.xml:2028 msgid "Display a warning N days before the password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1194 +#: sssd.conf.5.xml:1201 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1573,26 +1581,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1200 sssd.conf.5.xml:2013 +#: sssd.conf.5.xml:1207 sssd.conf.5.xml:2031 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1205 +#: sssd.conf.5.xml:1212 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:1234 msgid "pam_trusted_users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1230 +#: sssd.conf.5.xml:1237 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to run PAM conversations against trusted domains. Users not " @@ -1602,74 +1610,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1240 +#: sssd.conf.5.xml:1247 msgid "Default: All users are considered trusted by default" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1244 +#: sssd.conf.5.xml:1251 msgid "" "Please note that UID 0 is always allowed to access the PAM responder even in " "case it is not in the pam_trusted_users list." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1251 +#: sssd.conf.5.xml:1258 msgid "pam_public_domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1254 +#: sssd.conf.5.xml:1261 msgid "" "Specifies the comma-separated list of domain names that are accessible even " "to untrusted users." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1258 +#: sssd.conf.5.xml:1265 msgid "Two special values for pam_public_domains option are defined:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1262 +#: sssd.conf.5.xml:1269 msgid "" "all (Untrusted users are allowed to access all domains in PAM responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1266 +#: sssd.conf.5.xml:1273 msgid "" "none (Untrusted users are not allowed to access any domains PAM in " "responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1270 sssd.conf.5.xml:1295 sssd.conf.5.xml:1314 -#: sssd.conf.5.xml:1807 sssd.conf.5.xml:2751 sssd-ldap.5.xml:1850 +#: sssd.conf.5.xml:1277 sssd.conf.5.xml:1302 sssd.conf.5.xml:1321 +#: sssd.conf.5.xml:1825 sssd.conf.5.xml:2782 sssd-ldap.5.xml:1968 msgid "Default: none" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1275 +#: sssd.conf.5.xml:1282 msgid "pam_account_expired_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1278 +#: sssd.conf.5.xml:1285 msgid "" "Allows a custom expiration message to be set, replacing the default " "'Permission denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1283 +#: sssd.conf.5.xml:1290 msgid "" "Note: Please be aware that message is only printed for the SSH service " "unless pam_verbosity is set to 3 (show all messages and debug information)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1291 +#: sssd.conf.5.xml:1298 #, no-wrap msgid "" "pam_account_expired_message = Account expired, please contact help desk.\n" @@ -1677,19 +1685,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1300 +#: sssd.conf.5.xml:1307 msgid "pam_account_locked_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1303 +#: sssd.conf.5.xml:1310 msgid "" "Allows a custom lockout message to be set, replacing the default 'Permission " "denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1310 +#: sssd.conf.5.xml:1317 #, no-wrap msgid "" "pam_account_locked_message = Account locked, please contact help desk.\n" @@ -1697,12 +1705,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1319 +#: sssd.conf.5.xml:1326 msgid "pam_cert_auth (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1322 +#: sssd.conf.5.xml:1329 msgid "" "Enable certificate based Smartcard authentication. Since this requires " "additional communication with the Smartcard which will delay the " @@ -1710,58 +1718,58 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1328 sssd-ldap.5.xml:1078 sssd-ldap.5.xml:1105 -#: sssd-ldap.5.xml:1396 sssd-ldap.5.xml:1417 sssd-ldap.5.xml:1923 -#: include/ldap_id_mapping.xml:244 +#: sssd.conf.5.xml:1335 sssd.conf.5.xml:2875 sssd-ldap.5.xml:1087 +#: sssd-ldap.5.xml:1114 sssd-ldap.5.xml:1514 sssd-ldap.5.xml:1535 +#: sssd-ldap.5.xml:2041 include/ldap_id_mapping.xml:244 msgid "Default: False" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1333 +#: sssd.conf.5.xml:1340 msgid "pam_cert_db_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1336 +#: sssd.conf.5.xml:1343 msgid "" "The path to the certificate database which contain the PKCS#11 modules to " "access the Smartcard." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1340 +#: sssd.conf.5.xml:1347 msgid "Default: /etc/pki/nssdb (NSS version)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1345 +#: sssd.conf.5.xml:1352 msgid "p11_child_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1348 +#: sssd.conf.5.xml:1355 msgid "How many seconds will pam_sss wait for p11_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1357 +#: sssd.conf.5.xml:1364 msgid "pam_app_services (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1360 +#: sssd.conf.5.xml:1367 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1373 +#: sssd.conf.5.xml:1380 msgid "SUDO configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1375 +#: sssd.conf.5.xml:1382 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -1772,24 +1780,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1392 +#: sssd.conf.5.xml:1399 msgid "sudo_timed (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1395 +#: sssd.conf.5.xml:1402 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1407 +#: sssd.conf.5.xml:1414 msgid "sudo_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1410 +#: sssd.conf.5.xml:1417 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -1799,22 +1807,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1429 +#: sssd.conf.5.xml:1436 msgid "AUTOFS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1431 +#: sssd.conf.5.xml:1438 msgid "These options can be used to configure the autofs service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1435 +#: sssd.conf.5.xml:1442 msgid "autofs_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1438 +#: sssd.conf.5.xml:1445 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -1822,68 +1830,68 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1454 +#: sssd.conf.5.xml:1461 msgid "SSH configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1456 +#: sssd.conf.5.xml:1463 msgid "These options can be used to configure the SSH service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1460 +#: sssd.conf.5.xml:1467 msgid "ssh_hash_known_hosts (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1463 +#: sssd.conf.5.xml:1470 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1472 +#: sssd.conf.5.xml:1479 msgid "ssh_known_hosts_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1475 +#: sssd.conf.5.xml:1482 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1479 +#: sssd.conf.5.xml:1486 msgid "Default: 180" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1484 +#: sssd.conf.5.xml:1491 msgid "ca_db (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1487 +#: sssd.conf.5.xml:1494 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1492 +#: sssd.conf.5.xml:1499 msgid "Default: /etc/pki/nssdb" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1500 +#: sssd.conf.5.xml:1507 msgid "PAC responder configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1502 +#: sssd.conf.5.xml:1509 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -1894,7 +1902,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1511 +#: sssd.conf.5.xml:1518 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -1905,24 +1913,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1519 +#: sssd.conf.5.xml:1526 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1525 +#: sssd.conf.5.xml:1532 msgid "These options can be used to configure the PAC responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1529 sssd-ifp.5.xml:50 +#: sssd.conf.5.xml:1536 sssd-ifp.5.xml:50 msgid "allowed_uids (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1532 +#: sssd.conf.5.xml:1539 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -1930,12 +1938,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1538 +#: sssd.conf.5.xml:1545 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1542 +#: sssd.conf.5.xml:1549 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -1944,24 +1952,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1551 +#: sssd.conf.5.xml:1558 msgid "pac_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1554 +#: sssd.conf.5.xml:1561 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1567 +#: sssd.conf.5.xml:1574 msgid "Session recording configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1569 +#: sssd.conf.5.xml:1576 msgid "" "Session recording works in conjunction with <citerefentry> " "<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> </" @@ -1971,68 +1979,68 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1582 +#: sssd.conf.5.xml:1589 msgid "These options can be used to configure session recording." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1586 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:1593 sssd-session-recording.5.xml:64 msgid "scope (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1593 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:1600 sssd-session-recording.5.xml:71 msgid "\"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1596 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:1603 sssd-session-recording.5.xml:74 msgid "No users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1601 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:1608 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1604 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:1611 sssd-session-recording.5.xml:82 msgid "" "Users/groups specified by <replaceable>users</replaceable> and " "<replaceable>groups</replaceable> options are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1613 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:1620 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1616 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:1623 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1589 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:1596 sssd-session-recording.5.xml:67 msgid "" "One of the following strings specifying the scope of session recording: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1623 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:1630 sssd-session-recording.5.xml:101 #, fuzzy #| msgid "Default: 3" msgid "Default: \"none\"" msgstr "Пешфарз: 3" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1628 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:1635 sssd-session-recording.5.xml:106 msgid "users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1631 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:1638 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording enabled. " "Matches user names as returned by NSS. I.e. after the possible space " @@ -2040,17 +2048,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1637 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:1644 sssd-session-recording.5.xml:115 msgid "Default: Empty. Matches no users." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1642 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:1649 sssd-session-recording.5.xml:120 msgid "groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1645 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:1652 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " @@ -2058,7 +2066,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1651 sssd-session-recording.5.xml:129 +#: sssd.conf.5.xml:1658 sssd-session-recording.5.xml:129 msgid "" "NOTE: using this option (having it set to anything) has a considerable " "performance cost, because each uncached request for a user requires " @@ -2066,22 +2074,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1658 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:1665 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1668 +#: sssd.conf.5.xml:1675 msgid "DOMAIN SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1675 +#: sssd.conf.5.xml:1682 msgid "domain_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1678 +#: sssd.conf.5.xml:1685 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " @@ -2090,14 +2098,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1686 +#: sssd.conf.5.xml:1693 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1690 +#: sssd.conf.5.xml:1697 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " @@ -2106,38 +2114,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1698 +#: sssd.conf.5.xml:1705 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1702 +#: sssd.conf.5.xml:1709 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1706 +#: sssd.conf.5.xml:1713 msgid "Default: posix" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1712 +#: sssd.conf.5.xml:1719 msgid "min_id,max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1715 +#: sssd.conf.5.xml:1722 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1720 +#: sssd.conf.5.xml:1727 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -2146,46 +2154,55 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1727 +#: sssd.conf.5.xml:1734 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1731 +#: sssd.conf.5.xml:1738 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1737 +#: sssd.conf.5.xml:1744 msgid "enumerate (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1740 +#: sssd.conf.5.xml:1747 msgid "" -"Determines if a domain can be enumerated. This parameter can have one of the " -"following values:" +"Determines if a domain can be enumerated, that is, whether the domain can " +"list all the users and group it contains. Note that it is not required to " +"enable enumeration in order for secondary groups to be displayed. This " +"parameter can have one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1744 +#: sssd.conf.5.xml:1755 msgid "TRUE = Users and groups are enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1747 +#: sssd.conf.5.xml:1758 msgid "FALSE = No enumerations for this domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1750 sssd.conf.5.xml:1965 sssd.conf.5.xml:2132 +#: sssd.conf.5.xml:1761 sssd.conf.5.xml:1983 sssd.conf.5.xml:2150 msgid "Default: FALSE" msgstr "Пешфарз: FALSE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1753 +#: sssd.conf.5.xml:1764 +msgid "" +"Enumerating a domain requires SSSD to download and store ALL user and group " +"entries from the remote server." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1769 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -2193,18 +2210,20 @@ msgid "" "information will go directly to LDAP, though it may be slow, due to the " "heavy enumeration processing. Saving a large number of entries to cache " "after the enumeration completes might also be CPU intensive as the " -"memberships have to be recomputed." +"memberships have to be recomputed. This can lead to the <quote>sssd_be</" +"quote> process becoming unresponsive or even restarted by the internal " +"watchdog." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1766 +#: sssd.conf.5.xml:1784 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1771 +#: sssd.conf.5.xml:1789 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -2213,39 +2232,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1779 +#: sssd.conf.5.xml:1797 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1787 +#: sssd.conf.5.xml:1805 msgid "subdomain_enumerate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1794 +#: sssd.conf.5.xml:1812 msgid "all" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1795 +#: sssd.conf.5.xml:1813 msgid "All discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1798 +#: sssd.conf.5.xml:1816 msgid "none" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1799 +#: sssd.conf.5.xml:1817 msgid "No discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1790 +#: sssd.conf.5.xml:1808 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -2254,19 +2273,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1813 +#: sssd.conf.5.xml:1831 msgid "entry_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1816 +#: sssd.conf.5.xml:1834 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1820 +#: sssd.conf.5.xml:1838 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -2277,151 +2296,151 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1833 +#: sssd.conf.5.xml:1851 msgid "Default: 5400" msgstr "Пешфарз: 5400" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1839 +#: sssd.conf.5.xml:1857 msgid "entry_cache_user_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1842 +#: sssd.conf.5.xml:1860 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1846 sssd.conf.5.xml:1859 sssd.conf.5.xml:1872 -#: sssd.conf.5.xml:1885 sssd.conf.5.xml:1898 sssd.conf.5.xml:1912 -#: sssd.conf.5.xml:1926 +#: sssd.conf.5.xml:1864 sssd.conf.5.xml:1877 sssd.conf.5.xml:1890 +#: sssd.conf.5.xml:1903 sssd.conf.5.xml:1916 sssd.conf.5.xml:1930 +#: sssd.conf.5.xml:1944 msgid "Default: entry_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1852 +#: sssd.conf.5.xml:1870 msgid "entry_cache_group_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1855 +#: sssd.conf.5.xml:1873 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1865 +#: sssd.conf.5.xml:1883 msgid "entry_cache_netgroup_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1868 +#: sssd.conf.5.xml:1886 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1878 +#: sssd.conf.5.xml:1896 msgid "entry_cache_service_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1881 +#: sssd.conf.5.xml:1899 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1891 +#: sssd.conf.5.xml:1909 msgid "entry_cache_sudo_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1894 +#: sssd.conf.5.xml:1912 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1904 +#: sssd.conf.5.xml:1922 msgid "entry_cache_autofs_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1907 +#: sssd.conf.5.xml:1925 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1918 +#: sssd.conf.5.xml:1936 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1921 +#: sssd.conf.5.xml:1939 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1932 +#: sssd.conf.5.xml:1950 msgid "refresh_expired_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1935 +#: sssd.conf.5.xml:1953 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1940 +#: sssd.conf.5.xml:1958 msgid "" "The background refresh will process users, groups and netgroups in the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1944 +#: sssd.conf.5.xml:1962 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1948 sssd-ldap.5.xml:746 sssd-ipa.5.xml:248 +#: sssd.conf.5.xml:1966 sssd-ldap.5.xml:746 sssd-ipa.5.xml:254 msgid "Default: 0 (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1954 +#: sssd.conf.5.xml:1972 msgid "cache_credentials (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1957 +#: sssd.conf.5.xml:1975 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1961 +#: sssd.conf.5.xml:1979 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1971 +#: sssd.conf.5.xml:1989 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1974 +#: sssd.conf.5.xml:1992 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " @@ -2429,24 +2448,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1981 +#: sssd.conf.5.xml:1999 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1986 +#: sssd.conf.5.xml:2004 msgid "Default: 8" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1992 +#: sssd.conf.5.xml:2010 msgid "account_cache_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1995 +#: sssd.conf.5.xml:2013 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -2455,17 +2474,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2002 +#: sssd.conf.5.xml:2020 msgid "Default: 0 (unlimited)" msgstr "Пешфарз: 0 (номаҳдуд)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2007 +#: sssd.conf.5.xml:2025 msgid "pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2018 +#: sssd.conf.5.xml:2036 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -2474,33 +2493,33 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2025 +#: sssd.conf.5.xml:2043 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2031 +#: sssd.conf.5.xml:2049 msgid "id_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2034 +#: sssd.conf.5.xml:2052 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2038 +#: sssd.conf.5.xml:2056 msgid "<quote>proxy</quote>: Support a legacy NSS provider" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2041 sssd.conf.5.xml:2178 +#: sssd.conf.5.xml:2059 sssd.conf.5.xml:2196 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2045 +#: sssd.conf.5.xml:2063 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -2508,8 +2527,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2053 sssd.conf.5.xml:2158 sssd.conf.5.xml:2213 -#: sssd.conf.5.xml:2276 +#: sssd.conf.5.xml:2071 sssd.conf.5.xml:2176 sssd.conf.5.xml:2231 +#: sssd.conf.5.xml:2294 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -2518,8 +2537,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2062 sssd.conf.5.xml:2167 sssd.conf.5.xml:2222 -#: sssd.conf.5.xml:2285 +#: sssd.conf.5.xml:2080 sssd.conf.5.xml:2185 sssd.conf.5.xml:2240 +#: sssd.conf.5.xml:2303 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2527,19 +2546,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2073 +#: sssd.conf.5.xml:2091 msgid "use_fully_qualified_names (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2076 +#: sssd.conf.5.xml:2094 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2081 +#: sssd.conf.5.xml:2099 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -2548,7 +2567,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2089 +#: sssd.conf.5.xml:2107 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -2556,22 +2575,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2096 +#: sssd.conf.5.xml:2114 msgid "Default: FALSE (TRUE if default_domain_suffix is used)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2102 +#: sssd.conf.5.xml:2120 msgid "ignore_group_members (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2105 +#: sssd.conf.5.xml:2123 msgid "Do not return group members for group lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2108 +#: sssd.conf.5.xml:2126 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -2583,7 +2602,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2126 +#: sssd.conf.5.xml:2144 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " @@ -2591,19 +2610,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2137 +#: sssd.conf.5.xml:2155 msgid "auth_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2140 +#: sssd.conf.5.xml:2158 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2144 sssd.conf.5.xml:2206 +#: sssd.conf.5.xml:2162 sssd.conf.5.xml:2224 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2611,7 +2630,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2151 +#: sssd.conf.5.xml:2169 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2619,30 +2638,30 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2175 +#: sssd.conf.5.xml:2193 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2182 +#: sssd.conf.5.xml:2200 msgid "<quote>none</quote> disables authentication explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2185 +#: sssd.conf.5.xml:2203 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2191 +#: sssd.conf.5.xml:2209 msgid "access_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2194 +#: sssd.conf.5.xml:2212 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -2650,19 +2669,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2200 +#: sssd.conf.5.xml:2218 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2203 +#: sssd.conf.5.xml:2221 msgid "<quote>deny</quote> always deny access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2230 +#: sssd.conf.5.xml:2248 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -2671,7 +2690,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2237 +#: sssd.conf.5.xml:2255 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum></" @@ -2679,29 +2698,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2244 +#: sssd.conf.5.xml:2262 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2247 +#: sssd.conf.5.xml:2265 msgid "Default: <quote>permit</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2252 +#: sssd.conf.5.xml:2270 msgid "chpass_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2255 +#: sssd.conf.5.xml:2273 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2260 +#: sssd.conf.5.xml:2278 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -2709,7 +2728,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2268 +#: sssd.conf.5.xml:2286 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2717,35 +2736,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2293 +#: sssd.conf.5.xml:2311 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2297 +#: sssd.conf.5.xml:2315 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2300 +#: sssd.conf.5.xml:2318 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2307 +#: sssd.conf.5.xml:2325 msgid "sudo_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2310 +#: sssd.conf.5.xml:2328 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2314 +#: sssd.conf.5.xml:2332 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2753,32 +2772,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2322 +#: sssd.conf.5.xml:2340 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2326 +#: sssd.conf.5.xml:2344 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2330 +#: sssd.conf.5.xml:2348 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2333 sssd.conf.5.xml:2411 sssd.conf.5.xml:2476 -#: sssd.conf.5.xml:2501 +#: sssd.conf.5.xml:2351 sssd.conf.5.xml:2437 sssd.conf.5.xml:2507 +#: sssd.conf.5.xml:2532 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2337 +#: sssd.conf.5.xml:2355 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -2788,13 +2807,22 @@ msgid "" "<manvolnum>5</manvolnum> </citerefentry>." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2370 +msgid "" +"<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " +"background unless the sudo provider is explicitly disabled. Set " +"<emphasis>sudo_provider = None</emphasis> to disable all sudo-related " +"activity in SSSD if you do not want to use sudo with SSSD at all." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2354 +#: sssd.conf.5.xml:2380 msgid "selinux_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2357 +#: sssd.conf.5.xml:2383 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -2802,7 +2830,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2363 +#: sssd.conf.5.xml:2389 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -2810,31 +2838,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2371 +#: sssd.conf.5.xml:2397 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2374 +#: sssd.conf.5.xml:2400 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2380 +#: sssd.conf.5.xml:2406 msgid "subdomains_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2383 +#: sssd.conf.5.xml:2409 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2389 +#: sssd.conf.5.xml:2415 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -2842,7 +2870,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2398 +#: sssd.conf.5.xml:2424 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -2851,17 +2879,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2407 +#: sssd.conf.5.xml:2433 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2417 +#: sssd.conf.5.xml:2443 msgid "session_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2420 +#: sssd.conf.5.xml:2446 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " @@ -2869,36 +2897,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2427 +#: sssd.conf.5.xml:2453 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2431 +#: sssd.conf.5.xml:2457 msgid "" "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2435 +#: sssd.conf.5.xml:2461 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can perform " "session related tasks." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2465 +msgid "" +"<emphasis>NOTE:</emphasis> In order to have this feature working as expected " +"SSSD must be running as \"root\" and not as the unprivileged user." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2442 +#: sssd.conf.5.xml:2473 msgid "autofs_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2445 +#: sssd.conf.5.xml:2476 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2449 +#: sssd.conf.5.xml:2480 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2906,7 +2941,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2456 +#: sssd.conf.5.xml:2487 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2914,7 +2949,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2464 +#: sssd.conf.5.xml:2495 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2922,24 +2957,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2473 +#: sssd.conf.5.xml:2504 msgid "<quote>none</quote> disables autofs explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2483 +#: sssd.conf.5.xml:2514 msgid "hostid_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2486 +#: sssd.conf.5.xml:2517 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2490 +#: sssd.conf.5.xml:2521 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -2947,12 +2982,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2498 +#: sssd.conf.5.xml:2529 msgid "<quote>none</quote> disables hostid explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2511 +#: sssd.conf.5.xml:2542 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -2962,7 +2997,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2520 +#: sssd.conf.5.xml:2551 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -2971,29 +3006,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2525 +#: sssd.conf.5.xml:2556 msgid "username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2528 +#: sssd.conf.5.xml:2559 msgid "username@domain.name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2531 +#: sssd.conf.5.xml:2562 msgid "domain\\username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2534 +#: sssd.conf.5.xml:2565 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2539 +#: sssd.conf.5.xml:2570 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -3001,7 +3036,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2545 +#: sssd.conf.5.xml:2576 msgid "" "PLEASE NOTE: the support for non-unique named subpatterns is not available " "on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre " @@ -3009,66 +3044,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2552 +#: sssd.conf.5.xml:2583 msgid "" "PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?" "P<name>) to label subpatterns." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2599 +#: sssd.conf.5.xml:2630 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2605 +#: sssd.conf.5.xml:2636 msgid "lookup_family_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2608 +#: sssd.conf.5.xml:2639 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2612 +#: sssd.conf.5.xml:2643 msgid "Supported values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2615 +#: sssd.conf.5.xml:2646 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2618 +#: sssd.conf.5.xml:2649 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2621 +#: sssd.conf.5.xml:2652 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2624 +#: sssd.conf.5.xml:2655 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2627 +#: sssd.conf.5.xml:2658 msgid "Default: ipv4_first" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2633 +#: sssd.conf.5.xml:2664 msgid "dns_resolver_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2636 +#: sssd.conf.5.xml:2667 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the " "internal fail over service before assuming that the service is unreachable. " @@ -3077,77 +3112,77 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2643 +#: sssd.conf.5.xml:2674 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2648 sssd-ldap.5.xml:1278 sssd-ldap.5.xml:1320 -#: sssd-ldap.5.xml:1338 sssd-krb5.5.xml:248 +#: sssd.conf.5.xml:2679 sssd-ldap.5.xml:1396 sssd-ldap.5.xml:1438 +#: sssd-ldap.5.xml:1456 sssd-krb5.5.xml:248 msgid "Default: 6" msgstr "Пешфарз: 6" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2654 +#: sssd.conf.5.xml:2685 msgid "dns_discovery_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2657 +#: sssd.conf.5.xml:2688 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2661 +#: sssd.conf.5.xml:2692 msgid "Default: Use the domain part of machine's hostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2667 +#: sssd.conf.5.xml:2698 msgid "override_gid (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2670 +#: sssd.conf.5.xml:2701 msgid "Override the primary GID value with the one specified." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2676 +#: sssd.conf.5.xml:2707 msgid "case_sensitive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2684 +#: sssd.conf.5.xml:2715 msgid "True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2687 +#: sssd.conf.5.xml:2718 msgid "Case sensitive. This value is invalid for AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2693 +#: sssd.conf.5.xml:2724 msgid "False" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2695 +#: sssd.conf.5.xml:2726 msgid "Case insensitive." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2699 +#: sssd.conf.5.xml:2730 msgid "Preserving" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2702 +#: sssd.conf.5.xml:2733 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " @@ -3155,7 +3190,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2679 +#: sssd.conf.5.xml:2710 msgid "" "Treat user and group names as case sensitive. At the moment, this option is " "not supported in the local provider. Possible option values are: " @@ -3163,17 +3198,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2714 +#: sssd.conf.5.xml:2745 msgid "Default: True (False for AD provider)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2720 +#: sssd.conf.5.xml:2751 msgid "subdomain_inherit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2723 +#: sssd.conf.5.xml:2754 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " @@ -3181,34 +3216,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2729 +#: sssd.conf.5.xml:2760 msgid "ignore_group_members" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2732 +#: sssd.conf.5.xml:2763 msgid "ldap_purge_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2735 sssd-ldap.5.xml:1111 +#: sssd.conf.5.xml:2766 sssd-ldap.5.xml:1120 msgid "ldap_use_tokengroups" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2738 +#: sssd.conf.5.xml:2769 msgid "ldap_user_principal" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2741 +#: sssd.conf.5.xml:2772 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:2747 +#: sssd.conf.5.xml:2778 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" @@ -3216,32 +3251,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2745 sssd-secrets.5.xml:448 +#: sssd.conf.5.xml:2776 sssd-secrets.5.xml:448 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2754 +#: sssd.conf.5.xml:2785 msgid "Note: This option only works with the IPA and AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2761 +#: sssd.conf.5.xml:2792 msgid "subdomain_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2772 +#: sssd.conf.5.xml:2803 msgid "%F" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2773 +#: sssd.conf.5.xml:2804 msgid "flat (NetBIOS) name of a subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2764 +#: sssd.conf.5.xml:2795 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -3251,34 +3286,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2778 +#: sssd.conf.5.xml:2809 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2782 +#: sssd.conf.5.xml:2813 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2787 +#: sssd.conf.5.xml:2818 msgid "realmd_tags (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2790 +#: sssd.conf.5.xml:2821 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2796 +#: sssd.conf.5.xml:2827 msgid "cached_auth_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2799 +#: sssd.conf.5.xml:2830 msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " @@ -3286,20 +3321,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2805 +#: sssd.conf.5.xml:2836 msgid "Special value 0 implies that this feature is disabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2809 +#: sssd.conf.5.xml:2840 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " "<quote>initgroups.</quote>" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2851 +msgid "auto_private_groups (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2854 +msgid "" +"If this option is enabled, SSSD will automatically create user private " +"groups based on user's UID number. The GID number is ignored in this case." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2859 +msgid "" +"For POSIX subdomains, setting the option in the main domain is inherited in " +"the subdomain." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2863 +msgid "" +"For ID-mapping subdomains, auto_private_groups is already enabled for the " +"subdomains and setting it to false will not have any effect for the " +"subdomain." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2868 +msgid "" +"NOTE: Because the GID number and the user private group are inferred from " +"the UID number, it is not supported to have multiple entries with the same " +"UID or GID number with this option. In other words, enabling this option " +"enforces uniqueness across the ID space." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1670 +#: sssd.conf.5.xml:1677 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -3307,29 +3378,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2827 +#: sssd.conf.5.xml:2887 msgid "proxy_pam_target (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2830 +#: sssd.conf.5.xml:2890 msgid "The proxy target PAM proxies to." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2833 +#: sssd.conf.5.xml:2893 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2841 +#: sssd.conf.5.xml:2901 msgid "proxy_lib_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2844 +#: sssd.conf.5.xml:2904 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -3337,12 +3408,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2854 +#: sssd.conf.5.xml:2914 msgid "proxy_fast_alias (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2857 +#: sssd.conf.5.xml:2917 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -3351,12 +3422,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2871 +#: sssd.conf.5.xml:2931 msgid "proxy_max_children (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2874 +#: sssd.conf.5.xml:2934 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " @@ -3364,19 +3435,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:2823 +#: sssd.conf.5.xml:2883 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2890 +#: sssd.conf.5.xml:2950 msgid "Application domains" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2892 +#: sssd.conf.5.xml:2952 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> <refentrytitle>sssd-ifp</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) is appealing to " @@ -3393,7 +3464,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2912 +#: sssd.conf.5.xml:2972 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " @@ -3401,17 +3472,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:2918 +#: sssd.conf.5.xml:2978 msgid "Application domain parameters" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2920 +#: sssd.conf.5.xml:2980 msgid "inherit_from (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2923 +#: sssd.conf.5.xml:2983 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " @@ -3420,7 +3491,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2937 +#: sssd.conf.5.xml:2997 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " @@ -3430,7 +3501,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:2945 +#: sssd.conf.5.xml:3005 #, no-wrap msgid "" "[sssd]\n" @@ -3450,12 +3521,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2963 +#: sssd.conf.5.xml:3023 msgid "The local domain section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2965 +#: sssd.conf.5.xml:3025 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -3463,73 +3534,73 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2972 +#: sssd.conf.5.xml:3032 msgid "default_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2975 +#: sssd.conf.5.xml:3035 msgid "The default shell for users created with SSSD userspace tools." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2979 +#: sssd.conf.5.xml:3039 msgid "Default: <filename>/bin/bash</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2984 +#: sssd.conf.5.xml:3044 msgid "base_directory (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2987 +#: sssd.conf.5.xml:3047 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2992 +#: sssd.conf.5.xml:3052 msgid "Default: <filename>/home</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2997 +#: sssd.conf.5.xml:3057 msgid "create_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3000 +#: sssd.conf.5.xml:3060 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3004 sssd.conf.5.xml:3016 +#: sssd.conf.5.xml:3064 sssd.conf.5.xml:3076 msgid "Default: TRUE" msgstr "Пешфарз: TRUE" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3009 +#: sssd.conf.5.xml:3069 msgid "remove_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3012 +#: sssd.conf.5.xml:3072 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3021 +#: sssd.conf.5.xml:3081 msgid "homedir_umask (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3024 +#: sssd.conf.5.xml:3084 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -3537,17 +3608,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3032 +#: sssd.conf.5.xml:3092 msgid "Default: 077" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3037 +#: sssd.conf.5.xml:3097 msgid "skel_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3040 +#: sssd.conf.5.xml:3100 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -3556,17 +3627,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3050 +#: sssd.conf.5.xml:3110 msgid "Default: <filename>/etc/skel</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3055 +#: sssd.conf.5.xml:3115 msgid "mail_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3058 +#: sssd.conf.5.xml:3118 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -3574,17 +3645,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3065 +#: sssd.conf.5.xml:3125 msgid "Default: <filename>/var/mail</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3070 +#: sssd.conf.5.xml:3130 msgid "userdel_cmd (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3073 +#: sssd.conf.5.xml:3133 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -3592,17 +3663,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3079 +#: sssd.conf.5.xml:3139 msgid "Default: None, no command is run" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3089 +#: sssd.conf.5.xml:3149 msgid "TRUSTED DOMAIN SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3091 +#: sssd.conf.5.xml:3151 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called <quote>[domain/" @@ -3613,64 +3684,64 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3098 +#: sssd.conf.5.xml:3158 msgid "ldap_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3099 +#: sssd.conf.5.xml:3159 msgid "ldap_user_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3100 +#: sssd.conf.5.xml:3160 msgid "ldap_group_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3101 +#: sssd.conf.5.xml:3161 msgid "ldap_netgroup_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3102 +#: sssd.conf.5.xml:3162 msgid "ldap_service_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3103 +#: sssd.conf.5.xml:3163 msgid "ad_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3104 +#: sssd.conf.5.xml:3164 msgid "ad_backup_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3105 +#: sssd.conf.5.xml:3165 msgid "ad_site," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3106 +#: sssd.conf.5.xml:3166 msgid "use_fully_qualified_names" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3108 +#: sssd.conf.5.xml:3168 msgid "" "For more details about these options see their individual description in the " "manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3114 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:3174 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3120 +#: sssd.conf.5.xml:3180 #, no-wrap msgid "" "[sssd]\n" @@ -3700,7 +3771,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3116 +#: sssd.conf.5.xml:3176 msgid "" "1. The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -3709,7 +3780,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3153 +#: sssd.conf.5.xml:3213 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" @@ -3717,7 +3788,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3147 +#: sssd.conf.5.xml:3207 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -3765,7 +3836,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:75 sssd-ad.5.xml:99 +#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:81 sssd-ad.5.xml:112 #: sssd-krb5.5.xml:63 sssd-ifp.5.xml:44 sssd-files.5.xml:57 #: sssd-secrets.5.xml:120 sssd-session-recording.5.xml:58 sssd-kcm.8.xml:139 msgid "CONFIGURATION OPTIONS" @@ -3866,7 +3937,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:662 sssd-ad.5.xml:270 +#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:662 sssd-ad.5.xml:283 #: sss_override.8.xml:137 sss_override.8.xml:234 msgid "Examples:" msgstr "Намунаҳо:" @@ -4067,7 +4138,7 @@ msgid "The LDAP attribute that corresponds to the user's primary group id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:297 sssd-ldap.5.xml:920 +#: sssd-ldap.5.xml:297 sssd-ldap.5.xml:929 msgid "Default: gidNumber" msgstr "" @@ -4145,7 +4216,7 @@ msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:364 sssd-ldap.5.xml:946 +#: sssd-ldap.5.xml:364 sssd-ldap.5.xml:955 msgid "" "Default: not set in the general case, objectGUID for AD and ipaUniqueID for " "IPA" @@ -4164,7 +4235,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:379 sssd-ldap.5.xml:961 +#: sssd-ldap.5.xml:379 sssd-ldap.5.xml:970 msgid "Default: objectSid for ActiveDirectory, not set for other servers." msgstr "" @@ -4174,14 +4245,14 @@ msgid "ldap_user_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:389 sssd-ldap.5.xml:971 sssd-ldap.5.xml:1194 +#: sssd-ldap.5.xml:389 sssd-ldap.5.xml:980 sssd-ldap.5.xml:1203 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:393 sssd-ldap.5.xml:975 sssd-ldap.5.xml:1201 +#: sssd-ldap.5.xml:393 sssd-ldap.5.xml:984 sssd-ldap.5.xml:1210 msgid "Default: modifyTimestamp" msgstr "" @@ -4513,7 +4584,7 @@ msgid "The LDAP attribute that contains the user's SSH public keys." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:692 +#: sssd-ldap.5.xml:692 sssd-ldap.5.xml:1306 msgid "Default: sshPublicKey" msgstr "" @@ -4576,8 +4647,8 @@ msgid "The LDAP attribute that corresponds to the user's full name." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:759 sssd-ldap.5.xml:1152 sssd-ldap.5.xml:1226 -#: sssd-ldap.5.xml:2276 sssd-ipa.5.xml:588 +#: sssd-ldap.5.xml:759 sssd-ldap.5.xml:1161 sssd-ldap.5.xml:1235 +#: sssd-ldap.5.xml:1344 sssd-ldap.5.xml:2394 sssd-ipa.5.xml:607 msgid "Default: cn" msgstr "" @@ -4592,7 +4663,7 @@ msgid "The LDAP attribute that lists the user's group memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:772 +#: sssd-ldap.5.xml:772 sssd-ldap.5.xml:1274 msgid "Default: memberOf" msgstr "" @@ -4724,105 +4795,115 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:881 +msgid "" +"Note: If an email address of a user conflicts with an email address or fully " +"qualified name of another user, then SSSD will not be able to serve those " +"users properly. If for some reason several users need to share the same " +"email address then set this option to a nonexistent attribute name in order " +"to disable user lookup/login by email." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:890 msgid "Default: mail" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:887 +#: sssd-ldap.5.xml:896 msgid "ldap_group_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:890 +#: sssd-ldap.5.xml:899 msgid "The object class of a group entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:893 +#: sssd-ldap.5.xml:902 msgid "Default: posixGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:899 +#: sssd-ldap.5.xml:908 msgid "ldap_group_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:902 +#: sssd-ldap.5.xml:911 msgid "The LDAP attribute that corresponds to the group name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:906 +#: sssd-ldap.5.xml:915 msgid "Default: cn (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:913 +#: sssd-ldap.5.xml:922 msgid "ldap_group_gid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:916 +#: sssd-ldap.5.xml:925 msgid "The LDAP attribute that corresponds to the group's id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:926 +#: sssd-ldap.5.xml:935 msgid "ldap_group_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:929 +#: sssd-ldap.5.xml:938 msgid "The LDAP attribute that contains the names of the group's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:933 +#: sssd-ldap.5.xml:942 msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:939 +#: sssd-ldap.5.xml:948 msgid "ldap_group_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:942 +#: sssd-ldap.5.xml:951 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:953 +#: sssd-ldap.5.xml:962 msgid "ldap_group_objectsid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:956 +#: sssd-ldap.5.xml:965 msgid "" "The LDAP attribute that contains the objectSID of an LDAP group object. This " "is usually only necessary for ActiveDirectory servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:968 +#: sssd-ldap.5.xml:977 msgid "ldap_group_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:981 +#: sssd-ldap.5.xml:990 msgid "ldap_group_type (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:984 +#: sssd-ldap.5.xml:993 msgid "" "The LDAP attribute that contains an integer value indicating the type of the " "group and maybe other flags." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:989 +#: sssd-ldap.5.xml:998 msgid "" "This attribute is currently only used by the AD provider to determine if a " "group is a domain local groups and has to be filtered out for trusted " @@ -4830,34 +4911,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:995 +#: sssd-ldap.5.xml:1004 msgid "Default: groupType in the AD provider, otherwise not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1002 +#: sssd-ldap.5.xml:1011 msgid "ldap_group_external_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1005 +#: sssd-ldap.5.xml:1014 msgid "" "The LDAP attribute that references group members that are defined in an " "external domain. At the moment, only IPA's external members are supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1011 +#: sssd-ldap.5.xml:1020 msgid "Default: ipaExternalMember in the IPA provider, otherwise unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1018 +#: sssd-ldap.5.xml:1027 msgid "ldap_group_nesting_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1021 +#: sssd-ldap.5.xml:1030 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -4865,7 +4946,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1028 +#: sssd-ldap.5.xml:1037 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -4875,7 +4956,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1037 +#: sssd-ldap.5.xml:1046 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " @@ -4885,17 +4966,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1046 +#: sssd-ldap.5.xml:1055 msgid "Default: 2" msgstr "Пешфарз: 2" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1052 +#: sssd-ldap.5.xml:1061 msgid "ldap_groups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1055 +#: sssd-ldap.5.xml:1064 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which may speed up group lookup operations on deployments with " @@ -4903,14 +4984,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1061 +#: sssd-ldap.5.xml:1070 msgid "" "In most common cases, it is best to leave this option disabled. It generally " "only provides a performance increase on very complex nestings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1066 sssd-ldap.5.xml:1093 +#: sssd-ldap.5.xml:1075 sssd-ldap.5.xml:1102 msgid "" "If this option is enabled, SSSD will use it if it detects that the server " "supports it during initial connection. So \"True\" here essentially means " @@ -4918,7 +4999,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1072 sssd-ldap.5.xml:1099 +#: sssd-ldap.5.xml:1081 sssd-ldap.5.xml:1108 msgid "" "Note: This feature is currently known to work only with Active Directory " "2008 R1 and later. See <ulink url=\"http://msdn.microsoft.com/en-us/library/" @@ -4927,12 +5008,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1084 +#: sssd-ldap.5.xml:1093 msgid "ldap_initgroups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1087 +#: sssd-ldap.5.xml:1096 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which might speed up initgroups operations (most notably when " @@ -4940,168 +5021,272 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1114 +#: sssd-ldap.5.xml:1123 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1119 +#: sssd-ldap.5.xml:1128 msgid "Default: True for AD and IPA otherwise False." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1125 +#: sssd-ldap.5.xml:1134 msgid "ldap_netgroup_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1128 +#: sssd-ldap.5.xml:1137 msgid "The object class of a netgroup entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1131 +#: sssd-ldap.5.xml:1140 msgid "In IPA provider, ipa_netgroup_object_class should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1135 +#: sssd-ldap.5.xml:1144 msgid "Default: nisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1141 +#: sssd-ldap.5.xml:1150 msgid "ldap_netgroup_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1144 +#: sssd-ldap.5.xml:1153 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1148 +#: sssd-ldap.5.xml:1157 msgid "In IPA provider, ipa_netgroup_name should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1158 +#: sssd-ldap.5.xml:1167 msgid "ldap_netgroup_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1161 +#: sssd-ldap.5.xml:1170 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1165 +#: sssd-ldap.5.xml:1174 msgid "In IPA provider, ipa_netgroup_member should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1169 +#: sssd-ldap.5.xml:1178 msgid "Default: memberNisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1175 +#: sssd-ldap.5.xml:1184 msgid "ldap_netgroup_triple (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1178 +#: sssd-ldap.5.xml:1187 msgid "" "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1182 sssd-ldap.5.xml:1198 +#: sssd-ldap.5.xml:1191 sssd-ldap.5.xml:1207 msgid "This option is not available in IPA provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1185 +#: sssd-ldap.5.xml:1194 msgid "Default: nisNetgroupTriple" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1191 +#: sssd-ldap.5.xml:1200 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1207 -msgid "ldap_service_object_class (string)" +#: sssd-ldap.5.xml:1216 +msgid "ldap_host_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1210 -msgid "The object class of a service entry in LDAP." +#: sssd-ldap.5.xml:1219 +msgid "The object class of a host entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1213 +#: sssd-ldap.5.xml:1222 sssd-ldap.5.xml:1331 msgid "Default: ipService" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1219 +#: sssd-ldap.5.xml:1228 +msgid "ldap_host_name (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1231 sssd-ldap.5.xml:1257 +msgid "The LDAP attribute that corresponds to the host's name." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1241 +msgid "ldap_host_fqdn (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1244 +msgid "" +"The LDAP attribute that corresponds to the host's fully-qualified domain " +"name." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1248 +#, fuzzy +#| msgid "Default: 3" +msgid "Default: fqdn" +msgstr "Пешфарз: 3" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1254 +msgid "ldap_host_serverhostname (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1261 +#, fuzzy +#| msgid "Default: root" +msgid "Default: serverHostname" +msgstr "Пешфарз: root" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1267 +msgid "ldap_host_member_of (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1270 +msgid "The LDAP attribute that lists the host's group memberships." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1280 +msgid "ldap_host_search_base (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1283 +msgid "Optional. Use the given string as search base for host objects." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1287 sssd-ipa.5.xml:359 sssd-ipa.5.xml:378 +#: sssd-ipa.5.xml:397 sssd-ipa.5.xml:416 +msgid "" +"See <quote>ldap_search_base</quote> for information about configuring " +"multiple search bases." +msgstr "" + +#. type: Content of: <listitem><para> +#: sssd-ldap.5.xml:1292 sssd-ipa.5.xml:364 include/ldap_search_bases.xml:27 +msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1299 +msgid "ldap_host_ssh_public_key (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1302 +msgid "The LDAP attribute that contains the host's SSH public keys." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1312 +msgid "ldap_host_uuid (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1315 +msgid "The LDAP attribute that contains the UUID/GUID of an LDAP host object." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1325 +msgid "ldap_service_object_class (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1328 +msgid "The object class of a service entry in LDAP." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1337 msgid "ldap_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1222 +#: sssd-ldap.5.xml:1340 msgid "" "The LDAP attribute that contains the name of service attributes and their " "aliases." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1232 +#: sssd-ldap.5.xml:1350 msgid "ldap_service_port (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1235 +#: sssd-ldap.5.xml:1353 msgid "The LDAP attribute that contains the port managed by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1239 +#: sssd-ldap.5.xml:1357 msgid "Default: ipServicePort" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1245 +#: sssd-ldap.5.xml:1363 msgid "ldap_service_proto (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1248 +#: sssd-ldap.5.xml:1366 msgid "" "The LDAP attribute that contains the protocols understood by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1252 +#: sssd-ldap.5.xml:1370 msgid "Default: ipServiceProtocol" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1258 +#: sssd-ldap.5.xml:1376 msgid "ldap_service_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1263 +#: sssd-ldap.5.xml:1381 msgid "ldap_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1266 +#: sssd-ldap.5.xml:1384 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -5109,7 +5294,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1272 +#: sssd-ldap.5.xml:1390 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -5117,12 +5302,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1284 +#: sssd-ldap.5.xml:1402 msgid "ldap_enumeration_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1287 +#: sssd-ldap.5.xml:1405 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -5130,12 +5315,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1300 +#: sssd-ldap.5.xml:1418 msgid "ldap_network_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1303 +#: sssd-ldap.5.xml:1421 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -5146,12 +5331,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1326 +#: sssd-ldap.5.xml:1444 msgid "ldap_opt_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1329 +#: sssd-ldap.5.xml:1447 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -5160,12 +5345,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1344 +#: sssd-ldap.5.xml:1462 msgid "ldap_connection_expire_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1347 +#: sssd-ldap.5.xml:1465 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -5174,34 +5359,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1355 sssd-ldap.5.xml:2433 +#: sssd-ldap.5.xml:1473 sssd-ldap.5.xml:2551 msgid "Default: 900 (15 minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1361 +#: sssd-ldap.5.xml:1479 msgid "ldap_page_size (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1364 +#: sssd-ldap.5.xml:1482 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1369 +#: sssd-ldap.5.xml:1487 msgid "Default: 1000" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1375 +#: sssd-ldap.5.xml:1493 msgid "ldap_disable_paging (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1378 +#: sssd-ldap.5.xml:1496 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -5209,14 +5394,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1384 +#: sssd-ldap.5.xml:1502 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1390 +#: sssd-ldap.5.xml:1508 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -5224,17 +5409,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1402 +#: sssd-ldap.5.xml:1520 msgid "ldap_disable_range_retrieval (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1405 +#: sssd-ldap.5.xml:1523 msgid "Disable Active Directory range retrieval." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1408 +#: sssd-ldap.5.xml:1526 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -5244,12 +5429,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1423 +#: sssd-ldap.5.xml:1541 msgid "ldap_sasl_minssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1426 +#: sssd-ldap.5.xml:1544 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -5257,17 +5442,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1432 +#: sssd-ldap.5.xml:1550 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1439 +#: sssd-ldap.5.xml:1557 msgid "ldap_deref_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1442 +#: sssd-ldap.5.xml:1560 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -5275,13 +5460,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1448 +#: sssd-ldap.5.xml:1566 msgid "" "You can turn off dereference lookups completely by setting the value to 0." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1452 +#: sssd-ldap.5.xml:1570 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -5290,7 +5475,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1460 +#: sssd-ldap.5.xml:1578 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -5298,26 +5483,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1473 +#: sssd-ldap.5.xml:1591 msgid "ldap_tls_reqcert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1476 +#: sssd-ldap.5.xml:1594 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1482 +#: sssd-ldap.5.xml:1600 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1486 +#: sssd-ldap.5.xml:1604 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5325,7 +5510,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1493 +#: sssd-ldap.5.xml:1611 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5333,7 +5518,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1499 +#: sssd-ldap.5.xml:1617 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -5341,41 +5526,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1505 +#: sssd-ldap.5.xml:1623 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1509 +#: sssd-ldap.5.xml:1627 msgid "Default: hard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1515 +#: sssd-ldap.5.xml:1633 msgid "ldap_tls_cacert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1518 +#: sssd-ldap.5.xml:1636 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1523 sssd-ldap.5.xml:1541 sssd-ldap.5.xml:1582 +#: sssd-ldap.5.xml:1641 sssd-ldap.5.xml:1659 sssd-ldap.5.xml:1700 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1530 +#: sssd-ldap.5.xml:1648 msgid "ldap_tls_cacertdir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1533 +#: sssd-ldap.5.xml:1651 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -5384,32 +5569,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1548 +#: sssd-ldap.5.xml:1666 msgid "ldap_tls_cert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1551 +#: sssd-ldap.5.xml:1669 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1561 +#: sssd-ldap.5.xml:1679 msgid "ldap_tls_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1564 +#: sssd-ldap.5.xml:1682 msgid "Specifies the file that contains the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1573 +#: sssd-ldap.5.xml:1691 msgid "ldap_tls_cipher_suite (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1576 +#: sssd-ldap.5.xml:1694 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -5417,24 +5602,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1589 +#: sssd-ldap.5.xml:1707 msgid "ldap_id_use_start_tls (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1592 +#: sssd-ldap.5.xml:1710 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1602 +#: sssd-ldap.5.xml:1720 msgid "ldap_id_mapping (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1605 +#: sssd-ldap.5.xml:1723 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -5442,17 +5627,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1611 +#: sssd-ldap.5.xml:1729 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1621 +#: sssd-ldap.5.xml:1739 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1624 +#: sssd-ldap.5.xml:1742 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -5463,29 +5648,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1636 +#: sssd-ldap.5.xml:1754 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1642 +#: sssd-ldap.5.xml:1760 msgid "ldap_sasl_mech (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1645 +#: sssd-ldap.5.xml:1763 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI is tested and " "supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1655 +#: sssd-ldap.5.xml:1773 msgid "ldap_sasl_authid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1658 +#: sssd-ldap.5.xml:1776 msgid "" "Specify the SASL authorization id to use. When GSSAPI is used, this " "represents the Kerberos principal used for authentication to the directory. " @@ -5494,17 +5679,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1666 +#: sssd-ldap.5.xml:1784 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1672 +#: sssd-ldap.5.xml:1790 msgid "ldap_sasl_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1675 +#: sssd-ldap.5.xml:1793 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -5512,49 +5697,49 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1681 +#: sssd-ldap.5.xml:1799 msgid "Default: the value of krb5_realm." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1687 +#: sssd-ldap.5.xml:1805 msgid "ldap_sasl_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1690 +#: sssd-ldap.5.xml:1808 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1695 +#: sssd-ldap.5.xml:1813 msgid "Default: false;" msgstr "Пешфарз: false;" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1701 +#: sssd-ldap.5.xml:1819 msgid "ldap_krb5_keytab (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1704 +#: sssd-ldap.5.xml:1822 msgid "Specify the keytab to use when using SASL/GSSAPI." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1707 +#: sssd-ldap.5.xml:1825 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1713 +#: sssd-ldap.5.xml:1831 msgid "ldap_krb5_init_creds (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1716 +#: sssd-ldap.5.xml:1834 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -5562,27 +5747,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1728 +#: sssd-ldap.5.xml:1846 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1731 +#: sssd-ldap.5.xml:1849 msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1735 sssd-ad.5.xml:914 +#: sssd-ldap.5.xml:1853 sssd-ad.5.xml:934 msgid "Default: 86400 (24 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1741 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1859 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1744 +#: sssd-ldap.5.xml:1862 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -5594,7 +5779,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1756 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1874 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -5602,7 +5787,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1761 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1879 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -5610,39 +5795,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1770 sssd-ipa.5.xml:432 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1888 sssd-ipa.5.xml:428 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1773 +#: sssd-ldap.5.xml:1891 msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1776 +#: sssd-ldap.5.xml:1894 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1782 sssd-krb5.5.xml:462 +#: sssd-ldap.5.xml:1900 sssd-krb5.5.xml:462 msgid "krb5_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1785 +#: sssd-ldap.5.xml:1903 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1797 sssd-krb5.5.xml:477 +#: sssd-ldap.5.xml:1915 sssd-krb5.5.xml:477 msgid "krb5_use_kdcinfo (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1800 sssd-krb5.5.xml:480 +#: sssd-ldap.5.xml:1918 sssd-krb5.5.xml:480 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -5652,7 +5837,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1811 sssd-krb5.5.xml:491 +#: sssd-ldap.5.xml:1929 sssd-krb5.5.xml:491 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -5660,26 +5845,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1825 +#: sssd-ldap.5.xml:1943 msgid "ldap_pwd_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1828 +#: sssd-ldap.5.xml:1946 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1833 +#: sssd-ldap.5.xml:1951 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1838 +#: sssd-ldap.5.xml:1956 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -5687,7 +5872,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1844 +#: sssd-ldap.5.xml:1962 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -5695,31 +5880,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1853 +#: sssd-ldap.5.xml:1971 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1861 +#: sssd-ldap.5.xml:1979 msgid "ldap_referrals (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1864 +#: sssd-ldap.5.xml:1982 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1868 +#: sssd-ldap.5.xml:1986 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1873 +#: sssd-ldap.5.xml:1991 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -5728,56 +5913,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1887 +#: sssd-ldap.5.xml:2005 msgid "ldap_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1890 +#: sssd-ldap.5.xml:2008 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1894 +#: sssd-ldap.5.xml:2012 msgid "Default: ldap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1900 +#: sssd-ldap.5.xml:2018 msgid "ldap_chpass_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1903 +#: sssd-ldap.5.xml:2021 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1908 +#: sssd-ldap.5.xml:2026 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1914 +#: sssd-ldap.5.xml:2032 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1917 +#: sssd-ldap.5.xml:2035 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1929 +#: sssd-ldap.5.xml:2047 msgid "ldap_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1932 +#: sssd-ldap.5.xml:2050 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -5793,12 +5978,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1952 +#: sssd-ldap.5.xml:2070 msgid "Example:" msgstr "Намуна:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1955 +#: sssd-ldap.5.xml:2073 #, no-wrap msgid "" "access_provider = ldap\n" @@ -5807,14 +5992,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1959 +#: sssd-ldap.5.xml:2077 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1964 +#: sssd-ldap.5.xml:2082 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -5823,24 +6008,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1972 sssd-ldap.5.xml:2029 +#: sssd-ldap.5.xml:2090 sssd-ldap.5.xml:2147 msgid "Default: Empty" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1978 +#: sssd-ldap.5.xml:2096 msgid "ldap_account_expire_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1981 +#: sssd-ldap.5.xml:2099 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1985 +#: sssd-ldap.5.xml:2103 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -5848,19 +6033,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1992 +#: sssd-ldap.5.xml:2110 msgid "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1995 +#: sssd-ldap.5.xml:2113 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2000 +#: sssd-ldap.5.xml:2118 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -5869,7 +6054,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2007 +#: sssd-ldap.5.xml:2125 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -5877,7 +6062,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2013 +#: sssd-ldap.5.xml:2131 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -5886,7 +6071,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2022 +#: sssd-ldap.5.xml:2140 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -5894,22 +6079,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2035 +#: sssd-ldap.5.xml:2153 msgid "ldap_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2038 +#: sssd-ldap.5.xml:2156 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2042 +#: sssd-ldap.5.xml:2160 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2045 +#: sssd-ldap.5.xml:2163 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -5919,14 +6104,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2055 +#: sssd-ldap.5.xml:2173 msgid "" "<emphasis> Please note that this option is superseded by the <quote>ppolicy</" "quote> option and might be removed in a future release. </emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2062 +#: sssd-ldap.5.xml:2180 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -5939,12 +6124,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2079 +#: sssd-ldap.5.xml:2197 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2083 +#: sssd-ldap.5.xml:2201 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " @@ -5954,7 +6139,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2093 +#: sssd-ldap.5.xml:2211 msgid "" "The difference between these options is the action taken if user password is " "expired: pwd_expire_policy_reject - user is denied to log in, " @@ -5964,63 +6149,63 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2101 +#: sssd-ldap.5.xml:2219 msgid "" "Note If user password is expired no explicit message is prompted by SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2105 +#: sssd-ldap.5.xml:2223 msgid "" "Please note that 'access_provider = ldap' must be set for this feature to " "work. Also 'ldap_pwd_policy' must be set to an appropriate password policy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2110 +#: sssd-ldap.5.xml:2228 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2115 +#: sssd-ldap.5.xml:2233 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2119 +#: sssd-ldap.5.xml:2237 msgid "" "<emphasis>rhost</emphasis>: use the rhost attribute to determine whether " "remote host can access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2123 +#: sssd-ldap.5.xml:2241 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control option" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2128 +#: sssd-ldap.5.xml:2246 msgid "Default: filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2131 +#: sssd-ldap.5.xml:2249 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2138 +#: sssd-ldap.5.xml:2256 msgid "ldap_pwdlockout_dn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2141 +#: sssd-ldap.5.xml:2259 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " @@ -6029,74 +6214,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2149 +#: sssd-ldap.5.xml:2267 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2152 +#: sssd-ldap.5.xml:2270 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2158 +#: sssd-ldap.5.xml:2276 msgid "ldap_deref (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2161 +#: sssd-ldap.5.xml:2279 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2166 +#: sssd-ldap.5.xml:2284 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2170 +#: sssd-ldap.5.xml:2288 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2175 +#: sssd-ldap.5.xml:2293 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2180 +#: sssd-ldap.5.xml:2298 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2185 +#: sssd-ldap.5.xml:2303 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2193 +#: sssd-ldap.5.xml:2311 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2196 +#: sssd-ldap.5.xml:2314 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2200 +#: sssd-ldap.5.xml:2318 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -6107,7 +6292,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2211 +#: sssd-ldap.5.xml:2329 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -6115,24 +6300,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2223 sssd-ifp.5.xml:136 +#: sssd-ldap.5.xml:2341 sssd-ifp.5.xml:136 msgid "wildcard_limit (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2226 +#: sssd-ldap.5.xml:2344 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2230 +#: sssd-ldap.5.xml:2348 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2234 +#: sssd-ldap.5.xml:2352 msgid "Default: 1000 (often the size of one page)" msgstr "" @@ -6147,12 +6332,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2244 +#: sssd-ldap.5.xml:2362 msgid "SUDO OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2246 +#: sssd-ldap.5.xml:2364 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -6160,208 +6345,208 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2257 +#: sssd-ldap.5.xml:2375 msgid "ldap_sudorule_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2260 +#: sssd-ldap.5.xml:2378 msgid "The object class of a sudo rule entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2263 +#: sssd-ldap.5.xml:2381 msgid "Default: sudoRole" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2269 +#: sssd-ldap.5.xml:2387 msgid "ldap_sudorule_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2272 +#: sssd-ldap.5.xml:2390 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2282 +#: sssd-ldap.5.xml:2400 msgid "ldap_sudorule_command (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2285 +#: sssd-ldap.5.xml:2403 msgid "The LDAP attribute that corresponds to the command name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2289 +#: sssd-ldap.5.xml:2407 msgid "Default: sudoCommand" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2295 +#: sssd-ldap.5.xml:2413 msgid "ldap_sudorule_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2298 +#: sssd-ldap.5.xml:2416 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2303 +#: sssd-ldap.5.xml:2421 msgid "Default: sudoHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2309 +#: sssd-ldap.5.xml:2427 msgid "ldap_sudorule_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2312 +#: sssd-ldap.5.xml:2430 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2316 +#: sssd-ldap.5.xml:2434 msgid "Default: sudoUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2322 +#: sssd-ldap.5.xml:2440 msgid "ldap_sudorule_option (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2325 +#: sssd-ldap.5.xml:2443 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2329 +#: sssd-ldap.5.xml:2447 msgid "Default: sudoOption" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2335 +#: sssd-ldap.5.xml:2453 msgid "ldap_sudorule_runasuser (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2338 +#: sssd-ldap.5.xml:2456 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2342 +#: sssd-ldap.5.xml:2460 msgid "Default: sudoRunAsUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2348 +#: sssd-ldap.5.xml:2466 msgid "ldap_sudorule_runasgroup (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2351 +#: sssd-ldap.5.xml:2469 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2355 +#: sssd-ldap.5.xml:2473 msgid "Default: sudoRunAsGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2361 +#: sssd-ldap.5.xml:2479 msgid "ldap_sudorule_notbefore (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2364 +#: sssd-ldap.5.xml:2482 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2368 +#: sssd-ldap.5.xml:2486 msgid "Default: sudoNotBefore" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2374 +#: sssd-ldap.5.xml:2492 msgid "ldap_sudorule_notafter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2377 +#: sssd-ldap.5.xml:2495 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2382 +#: sssd-ldap.5.xml:2500 msgid "Default: sudoNotAfter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2388 +#: sssd-ldap.5.xml:2506 msgid "ldap_sudorule_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2391 +#: sssd-ldap.5.xml:2509 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2395 +#: sssd-ldap.5.xml:2513 msgid "Default: sudoOrder" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2401 +#: sssd-ldap.5.xml:2519 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2404 +#: sssd-ldap.5.xml:2522 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2409 +#: sssd-ldap.5.xml:2527 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2414 +#: sssd-ldap.5.xml:2532 msgid "Default: 21600 (6 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2420 +#: sssd-ldap.5.xml:2538 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2423 +#: sssd-ldap.5.xml:2541 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest USN " @@ -6369,101 +6554,101 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2429 +#: sssd-ldap.5.xml:2547 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2439 +#: sssd-ldap.5.xml:2557 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2442 +#: sssd-ldap.5.xml:2560 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2453 +#: sssd-ldap.5.xml:2571 msgid "ldap_sudo_hostnames (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2456 +#: sssd-ldap.5.xml:2574 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2461 +#: sssd-ldap.5.xml:2579 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2466 sssd-ldap.5.xml:2489 sssd-ldap.5.xml:2507 -#: sssd-ldap.5.xml:2525 +#: sssd-ldap.5.xml:2584 sssd-ldap.5.xml:2607 sssd-ldap.5.xml:2625 +#: sssd-ldap.5.xml:2643 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2471 sssd-ldap.5.xml:2494 +#: sssd-ldap.5.xml:2589 sssd-ldap.5.xml:2612 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2477 +#: sssd-ldap.5.xml:2595 msgid "ldap_sudo_ip (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2480 +#: sssd-ldap.5.xml:2598 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2485 +#: sssd-ldap.5.xml:2603 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2500 +#: sssd-ldap.5.xml:2618 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2503 +#: sssd-ldap.5.xml:2621 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2518 +#: sssd-ldap.5.xml:2636 msgid "ldap_sudo_include_regexp (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2521 +#: sssd-ldap.5.xml:2639 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2537 +#: sssd-ldap.5.xml:2655 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -6472,111 +6657,111 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2547 +#: sssd-ldap.5.xml:2665 msgid "AUTOFS OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2549 +#: sssd-ldap.5.xml:2667 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2555 +#: sssd-ldap.5.xml:2673 msgid "ldap_autofs_map_master_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2558 +#: sssd-ldap.5.xml:2676 msgid "The name of the automount master map in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2561 +#: sssd-ldap.5.xml:2679 msgid "Default: auto.master" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2568 +#: sssd-ldap.5.xml:2686 msgid "ldap_autofs_map_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2571 +#: sssd-ldap.5.xml:2689 msgid "The object class of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2574 +#: sssd-ldap.5.xml:2692 msgid "Default: nisMap (rfc2307, autofs_provider=ad), otherwise automountMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2582 +#: sssd-ldap.5.xml:2700 msgid "ldap_autofs_map_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2585 +#: sssd-ldap.5.xml:2703 msgid "The name of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2588 +#: sssd-ldap.5.xml:2706 msgid "" "Default: nisMapName (rfc2307, autofs_provider=ad), otherwise automountMapName" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2596 +#: sssd-ldap.5.xml:2714 msgid "ldap_autofs_entry_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2599 +#: sssd-ldap.5.xml:2717 msgid "" "The object class of an automount entry in LDAP. The entry usually " "corresponds to a mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2604 +#: sssd-ldap.5.xml:2722 msgid "Default: nisObject (rfc2307, autofs_provider=ad), otherwise automount" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2612 +#: sssd-ldap.5.xml:2730 msgid "ldap_autofs_entry_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2615 sssd-ldap.5.xml:2630 +#: sssd-ldap.5.xml:2733 sssd-ldap.5.xml:2748 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2619 +#: sssd-ldap.5.xml:2737 msgid "Default: cn (rfc2307, autofs_provider=ad), otherwise automountKey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2627 +#: sssd-ldap.5.xml:2745 msgid "ldap_autofs_entry_value (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2634 +#: sssd-ldap.5.xml:2752 msgid "" "Default: nisMapEntry (rfc2307, autofs_provider=ad), otherwise " "automountInformation" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2553 +#: sssd-ldap.5.xml:2671 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " @@ -6585,32 +6770,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2645 +#: sssd-ldap.5.xml:2763 msgid "ADVANCED OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2652 +#: sssd-ldap.5.xml:2770 msgid "ldap_netgroup_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2657 +#: sssd-ldap.5.xml:2775 msgid "ldap_user_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2662 +#: sssd-ldap.5.xml:2780 msgid "ldap_group_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> -#: sssd-ldap.5.xml:2667 +#: sssd-ldap.5.xml:2785 msgid "<note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> -#: sssd-ldap.5.xml:2669 +#: sssd-ldap.5.xml:2787 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " @@ -6619,22 +6804,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist> -#: sssd-ldap.5.xml:2676 +#: sssd-ldap.5.xml:2794 msgid "</note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2678 +#: sssd-ldap.5.xml:2796 msgid "ldap_sudo_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2683 +#: sssd-ldap.5.xml:2801 msgid "ldap_autofs_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2647 +#: sssd-ldap.5.xml:2765 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -6643,14 +6828,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2698 sssd-simple.5.xml:131 sssd-ipa.5.xml:717 -#: sssd-ad.5.xml:1018 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 +#: sssd-ldap.5.xml:2816 sssd-simple.5.xml:131 sssd-ipa.5.xml:736 +#: sssd-ad.5.xml:1038 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 #: sssd-files.5.xml:71 sssd-session-recording.5.xml:144 msgid "EXAMPLE" msgstr "НАМУНА" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2700 +#: sssd-ldap.5.xml:2818 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -6658,7 +6843,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2706 +#: sssd-ldap.5.xml:2824 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -6671,27 +6856,27 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2705 sssd-ldap.5.xml:2723 sssd-simple.5.xml:139 -#: sssd-ipa.5.xml:725 sssd-ad.5.xml:1026 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 +#: sssd-ldap.5.xml:2823 sssd-ldap.5.xml:2841 sssd-simple.5.xml:139 +#: sssd-ipa.5.xml:744 sssd-ad.5.xml:1046 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 #: sssd-files.5.xml:78 sssd-session-recording.5.xml:150 #: include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2717 +#: sssd-ldap.5.xml:2835 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2719 +#: sssd-ldap.5.xml:2837 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2724 +#: sssd-ldap.5.xml:2842 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -6707,13 +6892,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2739 sssd_krb5_locator_plugin.8.xml:61 sssd-simple.5.xml:148 -#: sssd-ad.5.xml:1041 sssd.8.xml:195 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2857 sssd_krb5_locator_plugin.8.xml:61 sssd-simple.5.xml:148 +#: sssd-ad.5.xml:1061 sssd.8.xml:230 sss_seed.8.xml:163 msgid "NOTES" msgstr "ЭЗОҲҲО" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2741 +#: sssd-ldap.5.xml:2859 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -7119,7 +7304,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:70 sssd-ipa.5.xml:76 sssd-ad.5.xml:100 +#: sssd-simple.5.xml:70 sssd-ipa.5.xml:82 sssd-ad.5.xml:113 msgid "" "Refer to the section <quote>DOMAIN SECTIONS</quote> of the <citerefentry> " "<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" @@ -7969,7 +8154,7 @@ msgstr "" #: sss-certmap.5.xml:577 msgid "" "This template will add the OID which is stored in the registeredID component " -"of the SAN as as dotted-decimal string." +"of the SAN as a dotted-decimal string." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> @@ -8060,30 +8245,38 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:67 msgid "" +"If <quote>auth_provider=ipa</quote> or <quote>access_provider=ipa</quote> is " +"configured in sssd.conf then the id_provider must also be set to <quote>ipa</" +"quote>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:73 +msgid "" "The IPA provider will use the PAC responder if the Kerberos tickets of users " "from trusted realms contain a PAC. To make configuration easier the PAC " "responder is started automatically if the IPA ID provider is configured." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:83 +#: sssd-ipa.5.xml:89 msgid "ipa_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:86 +#: sssd-ipa.5.xml:92 msgid "" "Specifies the name of the IPA domain. This is optional. If not provided, " "the configuration domain name is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:94 +#: sssd-ipa.5.xml:100 msgid "ipa_server, ipa_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:97 +#: sssd-ipa.5.xml:103 msgid "" "The comma-separated list of IP addresses or hostnames of the IPA servers to " "which SSSD should connect in the order of preference. For more information " @@ -8093,12 +8286,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:110 +#: sssd-ipa.5.xml:116 msgid "ipa_hostname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:113 +#: sssd-ipa.5.xml:119 msgid "" "Optional. May be set on machines where the hostname(5) does not reflect the " "fully qualified name used in the IPA domain to identify this host. The " @@ -8106,12 +8299,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:122 sssd-ad.5.xml:843 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:863 msgid "dyndns_update (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:125 +#: sssd-ipa.5.xml:131 msgid "" "Optional. This option tells SSSD to automatically update the DNS server " "built into FreeIPA with the IP address of this client. The update is secured " @@ -8121,14 +8314,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:134 sssd-ad.5.xml:857 +#: sssd-ipa.5.xml:140 sssd-ad.5.xml:877 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:139 +#: sssd-ipa.5.xml:145 msgid "" "NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_update</" "emphasis> option, users should migrate to using <emphasis>dyndns_update</" @@ -8136,12 +8329,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:151 sssd-ad.5.xml:868 +#: sssd-ipa.5.xml:157 sssd-ad.5.xml:888 msgid "dyndns_ttl (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:154 sssd-ad.5.xml:871 +#: sssd-ipa.5.xml:160 sssd-ad.5.xml:891 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -8149,7 +8342,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:159 +#: sssd-ipa.5.xml:165 msgid "" "NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_ttl</" "emphasis> option, users should migrate to using <emphasis>dyndns_ttl</" @@ -8157,17 +8350,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:165 +#: sssd-ipa.5.xml:171 msgid "Default: 1200 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:171 sssd-ad.5.xml:882 +#: sssd-ipa.5.xml:177 sssd-ad.5.xml:902 msgid "dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:174 sssd-ad.5.xml:885 +#: sssd-ipa.5.xml:180 sssd-ad.5.xml:905 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " @@ -8176,7 +8369,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:181 +#: sssd-ipa.5.xml:187 msgid "" "NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_iface</" "emphasis> option, users should migrate to using <emphasis>dyndns_iface</" @@ -8184,24 +8377,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:187 +#: sssd-ipa.5.xml:193 msgid "" "Default: Use the IP addresses of the interface which is used for IPA LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:191 sssd-ad.5.xml:896 +#: sssd-ipa.5.xml:197 sssd-ad.5.xml:916 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:197 sssd-ad.5.xml:947 +#: sssd-ipa.5.xml:203 sssd-ad.5.xml:967 msgid "dyndns_auth (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:200 sssd-ad.5.xml:950 +#: sssd-ipa.5.xml:206 sssd-ad.5.xml:970 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " @@ -8209,22 +8402,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:206 sssd-ad.5.xml:956 +#: sssd-ipa.5.xml:212 sssd-ad.5.xml:976 msgid "Default: GSS-TSIG" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:212 +#: sssd-ipa.5.xml:218 msgid "ipa_enable_dns_sites (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:215 sssd-ad.5.xml:197 +#: sssd-ipa.5.xml:221 sssd-ad.5.xml:210 msgid "Enables DNS sites - location based service discovery." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:219 +#: sssd-ipa.5.xml:225 msgid "" "If true and service discovery (see Service Discovery paragraph at the bottom " "of the man page) is enabled, then the SSSD will first attempt location " @@ -8236,12 +8429,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:238 sssd-ad.5.xml:902 +#: sssd-ipa.5.xml:244 sssd-ad.5.xml:922 msgid "dyndns_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:241 +#: sssd-ipa.5.xml:247 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -8249,228 +8442,215 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:254 sssd-ad.5.xml:920 +#: sssd-ipa.5.xml:260 sssd-ad.5.xml:940 msgid "dyndns_update_ptr (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:257 sssd-ad.5.xml:923 +#: sssd-ipa.5.xml:263 sssd-ad.5.xml:943 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:262 +#: sssd-ipa.5.xml:268 msgid "" "This option should be False in most IPA deployments as the IPA server " "generates the PTR records automatically when forward records are changed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:268 +#: sssd-ipa.5.xml:274 msgid "Default: False (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:274 sssd-ad.5.xml:934 +#: sssd-ipa.5.xml:280 sssd-ad.5.xml:954 msgid "dyndns_force_tcp (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:277 sssd-ad.5.xml:937 +#: sssd-ipa.5.xml:283 sssd-ad.5.xml:957 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:281 sssd-ad.5.xml:941 +#: sssd-ipa.5.xml:287 sssd-ad.5.xml:961 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:287 sssd-ad.5.xml:962 +#: sssd-ipa.5.xml:293 sssd-ad.5.xml:982 msgid "dyndns_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:290 sssd-ad.5.xml:965 +#: sssd-ipa.5.xml:296 sssd-ad.5.xml:985 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:295 sssd-ad.5.xml:970 +#: sssd-ipa.5.xml:301 sssd-ad.5.xml:990 msgid "" "Setting this option makes sense for environments where the DNS server is " "different from the identity server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:300 sssd-ad.5.xml:975 +#: sssd-ipa.5.xml:306 sssd-ad.5.xml:995 msgid "" "Please note that this option will be only used in fallback attempt when " "previous attempt using autodetected settings failed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:305 sssd-ad.5.xml:980 +#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1000 msgid "Default: None (let nsupdate choose the server)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:311 +#: sssd-ipa.5.xml:317 msgid "ipa_deskprofile_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:314 +#: sssd-ipa.5.xml:320 msgid "" "Optional. Use the given string as search base for Desktop Profile related " "objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:318 sssd-ipa.5.xml:331 +#: sssd-ipa.5.xml:324 sssd-ipa.5.xml:337 msgid "Default: Use base DN" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:324 +#: sssd-ipa.5.xml:330 msgid "ipa_hbac_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:327 +#: sssd-ipa.5.xml:333 msgid "Optional. Use the given string as search base for HBAC related objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:337 +#: sssd-ipa.5.xml:343 msgid "ipa_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:340 -msgid "Optional. Use the given string as search base for host objects." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:344 sssd-ipa.5.xml:363 sssd-ipa.5.xml:382 sssd-ipa.5.xml:401 -#: sssd-ipa.5.xml:420 -msgid "" -"See <quote>ldap_search_base</quote> for information about configuring " -"multiple search bases." -msgstr "" - -#. type: Content of: <listitem><para> -#: sssd-ipa.5.xml:349 sssd-ipa.5.xml:368 include/ldap_search_bases.xml:27 -msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" +#: sssd-ipa.5.xml:346 +msgid "Deprecated. Use ldap_host_search_base instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:356 +#: sssd-ipa.5.xml:352 msgid "ipa_selinux_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:359 +#: sssd-ipa.5.xml:355 msgid "Optional. Use the given string as search base for SELinux user maps." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:375 +#: sssd-ipa.5.xml:371 msgid "ipa_subdomains_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:378 +#: sssd-ipa.5.xml:374 msgid "Optional. Use the given string as search base for trusted domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:387 +#: sssd-ipa.5.xml:383 msgid "Default: the value of <emphasis>cn=trusts,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:394 +#: sssd-ipa.5.xml:390 msgid "ipa_master_domain_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:397 +#: sssd-ipa.5.xml:393 msgid "Optional. Use the given string as search base for master domain object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:406 +#: sssd-ipa.5.xml:402 msgid "Default: the value of <emphasis>cn=ad,cn=etc,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:413 +#: sssd-ipa.5.xml:409 msgid "ipa_views_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:416 +#: sssd-ipa.5.xml:412 msgid "Optional. Use the given string as search base for views containers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:425 +#: sssd-ipa.5.xml:421 msgid "Default: the value of <emphasis>cn=views,cn=accounts,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:435 +#: sssd-ipa.5.xml:431 msgid "" "The name of the Kerberos realm. This is optional and defaults to the value " "of <quote>ipa_domain</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:439 +#: sssd-ipa.5.xml:435 msgid "" "The name of the Kerberos realm has a special meaning in IPA - it is " "converted into the base DN to use for performing LDAP operations." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:447 sssd-ad.5.xml:989 +#: sssd-ipa.5.xml:443 sssd-ad.5.xml:1009 msgid "krb5_confd_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:450 sssd-ad.5.xml:992 +#: sssd-ipa.5.xml:446 sssd-ad.5.xml:1012 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:454 sssd-ad.5.xml:996 +#: sssd-ipa.5.xml:450 sssd-ad.5.xml:1016 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:458 sssd-ad.5.xml:1000 +#: sssd-ipa.5.xml:454 sssd-ad.5.xml:1020 msgid "" "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:465 +#: sssd-ipa.5.xml:461 msgid "ipa_deskprofile_refresh (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:468 +#: sssd-ipa.5.xml:464 msgid "" "The amount of time between lookups of the Desktop Profile rules against the " "IPA server. This will reduce the latency and load on the IPA server if there " @@ -8478,36 +8658,36 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:475 sssd-ipa.5.xml:505 sssd-ipa.5.xml:521 sssd-ad.5.xml:408 +#: sssd-ipa.5.xml:471 sssd-ipa.5.xml:501 sssd-ipa.5.xml:517 sssd-ad.5.xml:428 msgid "Default: 5 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:481 +#: sssd-ipa.5.xml:477 msgid "ipa_deskprofile_request_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:484 +#: sssd-ipa.5.xml:480 msgid "" "The amount of time between lookups of the Desktop Profile rules against the " "IPA server in case the last request did not return any rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:489 +#: sssd-ipa.5.xml:485 #, fuzzy #| msgid "Default: 0 (unlimited)" msgid "Default: 60 (minutes)" msgstr "Пешфарз: 0 (номаҳдуд)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:495 +#: sssd-ipa.5.xml:491 msgid "ipa_hbac_refresh (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:498 +#: sssd-ipa.5.xml:494 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server. " "This will reduce the latency and load on the IPA server if there are many " @@ -8515,12 +8695,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:511 +#: sssd-ipa.5.xml:507 msgid "ipa_hbac_selinux (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:514 +#: sssd-ipa.5.xml:510 msgid "" "The amount of time between lookups of the SELinux maps against the IPA " "server. This will reduce the latency and load on the IPA server if there are " @@ -8528,192 +8708,214 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:527 +#: sssd-ipa.5.xml:523 msgid "ipa_server_mode (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:530 +#: sssd-ipa.5.xml:526 msgid "" "This option will be set by the IPA installer (ipa-server-install) " "automatically and denotes if SSSD is running on an IPA server or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:535 +#: sssd-ipa.5.xml:531 msgid "" "On an IPA server SSSD will lookup users and groups from trusted domains " "directly while on a client it will ask an IPA server." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:536 +msgid "" +"NOTE: There are currently some assumptions that must be met when SSSD is " +"running on an IPA server." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ipa.5.xml:541 +msgid "" +"The <quote>ipa_server</quote> option must be configured to point to the IPA " +"server itself. This is already the default set by the IPA installer, so no " +"manual change is required." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ipa.5.xml:550 +msgid "" +"The <quote>full_name_format</quote> option must not be tweaked to only print " +"short names for users from trusted domains." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:546 +#: sssd-ipa.5.xml:565 msgid "ipa_automount_location (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:549 +#: sssd-ipa.5.xml:568 msgid "The automounter location this IPA client will be using" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:552 +#: sssd-ipa.5.xml:571 msgid "Default: The location named \"default\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:560 +#: sssd-ipa.5.xml:579 msgid "VIEWS AND OVERRIDES" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:569 +#: sssd-ipa.5.xml:588 msgid "ipa_view_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:572 +#: sssd-ipa.5.xml:591 msgid "Objectclass of the view container." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:575 +#: sssd-ipa.5.xml:594 msgid "Default: nsContainer" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:581 +#: sssd-ipa.5.xml:600 msgid "ipa_view_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:584 +#: sssd-ipa.5.xml:603 msgid "Name of the attribute holding the name of the view." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:594 +#: sssd-ipa.5.xml:613 msgid "ipa_override_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:597 +#: sssd-ipa.5.xml:616 msgid "Objectclass of the override objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:600 +#: sssd-ipa.5.xml:619 msgid "Default: ipaOverrideAnchor" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:606 +#: sssd-ipa.5.xml:625 msgid "ipa_anchor_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:609 +#: sssd-ipa.5.xml:628 msgid "" "Name of the attribute containing the reference to the original object in a " "remote domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:613 +#: sssd-ipa.5.xml:632 msgid "Default: ipaAnchorUUID" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:619 +#: sssd-ipa.5.xml:638 msgid "ipa_user_override_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:622 +#: sssd-ipa.5.xml:641 msgid "" "Name of the objectclass for user overrides. It is used to determine if the " "found override object is related to a user or a group." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:627 +#: sssd-ipa.5.xml:646 msgid "User overrides can contain attributes given by" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:630 +#: sssd-ipa.5.xml:649 msgid "ldap_user_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:633 +#: sssd-ipa.5.xml:652 msgid "ldap_user_uid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:636 +#: sssd-ipa.5.xml:655 msgid "ldap_user_gid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:639 +#: sssd-ipa.5.xml:658 msgid "ldap_user_gecos" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:642 +#: sssd-ipa.5.xml:661 msgid "ldap_user_home_directory" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:645 +#: sssd-ipa.5.xml:664 msgid "ldap_user_shell" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:648 +#: sssd-ipa.5.xml:667 msgid "ldap_user_ssh_public_key" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:653 +#: sssd-ipa.5.xml:672 msgid "Default: ipaUserOverride" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:659 +#: sssd-ipa.5.xml:678 msgid "ipa_group_override_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:662 +#: sssd-ipa.5.xml:681 msgid "" "Name of the objectclass for group overrides. It is used to determine if the " "found override object is related to a user or a group." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:667 +#: sssd-ipa.5.xml:686 msgid "Group overrides can contain attributes given by" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:670 +#: sssd-ipa.5.xml:689 msgid "ldap_group_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:673 +#: sssd-ipa.5.xml:692 msgid "ldap_group_gid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:678 +#: sssd-ipa.5.xml:697 msgid "Default: ipaGroupOverride" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:562 +#: sssd-ipa.5.xml:581 msgid "" "SSSD can handle views and overrides which are offered by FreeIPA 4.1 and " "later version. Since all paths and objectclasses are fixed on the server " @@ -8723,19 +8925,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ipa.5.xml:690 +#: sssd-ipa.5.xml:709 msgid "SUBDOMAINS PROVIDER" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:692 +#: sssd-ipa.5.xml:711 msgid "" "The IPA subdomains provider behaves slightly differently if it is configured " "explicitly or implicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:696 +#: sssd-ipa.5.xml:715 msgid "" "If the option 'subdomains_provider = ipa' is found in the domain section of " "sssd.conf, the IPA subdomains provider is configured explicitly, and all " @@ -8743,7 +8945,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:702 +#: sssd-ipa.5.xml:721 msgid "" "If the option 'subdomains_provider' is not set in the domain section of sssd." "conf but there is the option 'id_provider = ipa', the IPA subdomains " @@ -8755,7 +8957,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:719 +#: sssd-ipa.5.xml:738 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -8763,7 +8965,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:726 +#: sssd-ipa.5.xml:745 #, no-wrap msgid "" "[domain/example.com]\n" @@ -8799,7 +9001,7 @@ msgid "" "This provider requires that the machine be joined to the AD domain and a " "keytab is available. Back end communication occurs over a GSSAPI-encrypted " "channel, SSL/TLS options should not be used with the AD provider and will be " -"superceded by Kerberos usage." +"superseded by Kerberos usage." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> @@ -8847,8 +9049,16 @@ msgid "" "side." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ad.5.xml:79 +msgid "" +"If <quote>auth_provider=ad</quote> or <quote>access_provider=ad</quote> is " +"configured in sssd.conf then the id_provider must also be set to <quote>ad</" +"quote>." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:85 +#: sssd-ad.5.xml:91 #, no-wrap msgid "" "ldap_id_mapping = False\n" @@ -8856,20 +9066,25 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:79 +#: sssd-ad.5.xml:85 msgid "" "By default, the AD provider will map UID and GID values from the objectSID " "parameter in Active Directory. For details on this, see the <quote>ID " "MAPPING</quote> section below. If you want to disable ID mapping and instead " "rely on POSIX attributes defined in Active Directory, you should set " -"<placeholder type=\"programlisting\" id=\"0\"/> In order to retrieve users " -"and groups using POSIX attributes from trusted domains, the AD administrator " -"must make sure that the POSIX attributes are replicated to the Global " -"Catalog." +"<placeholder type=\"programlisting\" id=\"0\"/> If POSIX attributes should " +"be used, it is recommended for performance reasons that the attributes are " +"also replicated to the Global Catalog. If POSIX attributes are replicated, " +"SSSD will attempt to locate the domain of a requested numerical ID with the " +"help of the Global Catalog and only search that domain. In contrast, if " +"POSIX attributes are not replicated to the Global Catalog, SSSD must search " +"all the domains in the forest sequentially. Please note that the " +"<quote>cache_first</quote> option might be also helpful in speeding up " +"domainless searches." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:92 +#: sssd-ad.5.xml:105 msgid "" "Users, groups and other entities served by SSSD are always treated as case-" "insensitive in the AD provider for compatibility with Active Directory's " @@ -8877,38 +9092,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:107 +#: sssd-ad.5.xml:120 msgid "ad_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:110 +#: sssd-ad.5.xml:123 msgid "" "Specifies the name of the Active Directory domain. This is optional. If not " "provided, the configuration domain name is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:115 +#: sssd-ad.5.xml:128 msgid "" "For proper operation, this option should be specified as the lower-case " "version of the long version of the Active Directory domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:120 +#: sssd-ad.5.xml:133 msgid "" "The short domain name (also known as the NetBIOS or the flat name) is " "autodetected by the SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:127 +#: sssd-ad.5.xml:140 msgid "ad_enabled_domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:130 +#: sssd-ad.5.xml:143 msgid "" "A comma-separated list of enabled Active Directory domains. If provided, " "SSSD will ignore any domains not listed in this option. If left unset, all " @@ -8916,7 +9131,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:140 +#: sssd-ad.5.xml:153 #, no-wrap msgid "" "ad_enabled_domains = sales.example.com, eng.example.com\n" @@ -8924,7 +9139,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:136 +#: sssd-ad.5.xml:149 msgid "" "For proper operation, this option must be specified in all lower-case and as " "the fully qualified domain name of the Active Directory domain. For example: " @@ -8932,19 +9147,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:144 +#: sssd-ad.5.xml:157 msgid "" "The short domain name (also known as the NetBIOS or the flat name) will be " "autodetected by SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:154 +#: sssd-ad.5.xml:167 msgid "ad_server, ad_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:157 +#: sssd-ad.5.xml:170 msgid "" "The comma-separated list of hostnames of the AD servers to which SSSD should " "connect in order of preference. For more information on failover and server " @@ -8952,26 +9167,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:164 +#: sssd-ad.5.xml:177 msgid "" "This is optional if autodiscovery is enabled. For more information on " "service discovery, refer to the <quote>SERVICE DISCOVERY</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:169 +#: sssd-ad.5.xml:182 msgid "" "Note: Trusted domains will always auto-discover servers even if the primary " "server is explicitly defined in the ad_server option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:177 +#: sssd-ad.5.xml:190 msgid "ad_hostname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:180 +#: sssd-ad.5.xml:193 msgid "" "Optional. May be set on machines where the hostname(5) does not reflect the " "fully qualified name used in the Active Directory domain to identify this " @@ -8979,19 +9194,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:186 +#: sssd-ad.5.xml:199 msgid "" "This field is used to determine the host principal in use in the keytab. It " "must match the hostname for which the keytab was issued." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:194 +#: sssd-ad.5.xml:207 msgid "ad_enable_dns_sites (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:201 +#: sssd-ad.5.xml:214 msgid "" "If true and service discovery (see Service Discovery paragraph at the bottom " "of the man page) is enabled, the SSSD will first attempt to discover the " @@ -9002,12 +9217,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:217 +#: sssd-ad.5.xml:230 msgid "ad_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:220 +#: sssd-ad.5.xml:233 msgid "" "This option specifies LDAP access control filter that the user must match in " "order to be allowed access. Please note that the <quote>access_provider</" @@ -9016,7 +9231,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:228 +#: sssd-ad.5.xml:241 msgid "" "The option also supports specifying different filters per domain or forest. " "This extended filter would consist of: <quote>KEYWORD:NAME:FILTER</quote>. " @@ -9025,7 +9240,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:236 +#: sssd-ad.5.xml:249 msgid "" "If the keyword equals to <quote>DOM</quote> or is missing, then <quote>NAME</" "quote> specifies the domain or subdomain the filter applies to. If the " @@ -9034,14 +9249,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:244 +#: sssd-ad.5.xml:257 msgid "" "Multiple filters can be separated with the <quote>?</quote> character, " "similarly to how search bases work." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:249 +#: sssd-ad.5.xml:262 msgid "" "Nested group membership must be searched for using a special OID " "<quote>:1.2.840.113556.1.4.1941:</quote> in addition to the full DOM:domain." @@ -9054,7 +9269,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:262 +#: sssd-ad.5.xml:275 msgid "" "The most specific match is always used. For example, if the option specified " "filter for a domain the user is a member of and a global filter, the per-" @@ -9063,7 +9278,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ad.5.xml:273 +#: sssd-ad.5.xml:286 #, no-wrap msgid "" "# apply filter on domain called dom1 only:\n" @@ -9081,24 +9296,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:292 +#: sssd-ad.5.xml:305 msgid "ad_site (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:295 +#: sssd-ad.5.xml:308 msgid "" "Specify AD site to which client should try to connect. If this option is " "not provided, the AD site will be auto-discovered." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:306 +#: sssd-ad.5.xml:319 msgid "ad_enable_gc (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:309 +#: sssd-ad.5.xml:322 msgid "" "By default, the SSSD connects to the Global Catalog first to retrieve users " "from trusted domains and uses the LDAP port to retrieve group memberships or " @@ -9107,7 +9322,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:317 +#: sssd-ad.5.xml:330 msgid "" "Please note that disabling Global Catalog support does not disable " "retrieving users from trusted domains. The SSSD would connect to the LDAP " @@ -9116,12 +9331,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:331 +#: sssd-ad.5.xml:344 msgid "ad_gpo_access_control (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:334 +#: sssd-ad.5.xml:347 msgid "" "This option specifies the operation mode for GPO-based access control " "functionality: whether it operates in disabled mode, enforcing mode, or " @@ -9131,14 +9346,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:343 +#: sssd-ad.5.xml:356 msgid "" "GPO-based access control functionality uses GPO policy settings to determine " "whether or not a particular user is allowed to logon to a particular host." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:349 +#: sssd-ad.5.xml:362 +msgid "" +"NOTE: The current version of SSSD does not support host (computer) entries " +"in the GPO 'Security Filtering' list. Only user and group entries are " +"supported. Host entries in the list have no effect." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:369 msgid "" "NOTE: If the operation mode is set to enforcing, it is possible that users " "that were previously allowed logon access will now be denied logon access " @@ -9151,23 +9374,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:362 +#: sssd-ad.5.xml:382 msgid "There are three supported values for this option:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:366 +#: sssd-ad.5.xml:386 msgid "" "disabled: GPO-based access control rules are neither evaluated nor enforced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:372 +#: sssd-ad.5.xml:392 msgid "enforcing: GPO-based access control rules are evaluated and enforced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:378 +#: sssd-ad.5.xml:398 msgid "" "permissive: GPO-based access control rules are evaluated, but not enforced. " "Instead, a syslog message will be emitted indicating that the user would " @@ -9175,22 +9398,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:389 +#: sssd-ad.5.xml:409 msgid "Default: permissive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:392 +#: sssd-ad.5.xml:412 msgid "Default: enforcing" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:398 +#: sssd-ad.5.xml:418 msgid "ad_gpo_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:401 +#: sssd-ad.5.xml:421 msgid "" "The amount of time between lookups of GPO policy files against the AD " "server. This will reduce the latency and load on the AD server if there are " @@ -9198,12 +9421,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:414 +#: sssd-ad.5.xml:434 msgid "ad_gpo_map_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:417 +#: sssd-ad.5.xml:437 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the InteractiveLogonRight and " @@ -9211,14 +9434,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:423 +#: sssd-ad.5.xml:443 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on locally\" and \"Deny log on locally\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:437 +#: sssd-ad.5.xml:457 #, no-wrap msgid "" "ad_gpo_map_interactive = +my_pam_service, -login\n" @@ -9226,7 +9449,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:428 +#: sssd-ad.5.xml:448 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9238,78 +9461,78 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:441 sssd-ad.5.xml:537 sssd-ad.5.xml:583 sssd-ad.5.xml:628 -#: sssd-ad.5.xml:694 +#: sssd-ad.5.xml:461 sssd-ad.5.xml:557 sssd-ad.5.xml:603 sssd-ad.5.xml:648 +#: sssd-ad.5.xml:714 msgid "Default: the default set of PAM service names includes:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:445 +#: sssd-ad.5.xml:465 msgid "login" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:450 +#: sssd-ad.5.xml:470 msgid "su" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:455 +#: sssd-ad.5.xml:475 msgid "su-l" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:460 +#: sssd-ad.5.xml:480 msgid "gdm-fingerprint" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:465 +#: sssd-ad.5.xml:485 msgid "gdm-password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:470 +#: sssd-ad.5.xml:490 msgid "gdm-smartcard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:475 +#: sssd-ad.5.xml:495 msgid "kdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:480 +#: sssd-ad.5.xml:500 msgid "lightdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:485 +#: sssd-ad.5.xml:505 msgid "lxdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:490 +#: sssd-ad.5.xml:510 msgid "sddm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:495 +#: sssd-ad.5.xml:515 msgid "unity" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:500 +#: sssd-ad.5.xml:520 msgid "xdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:509 +#: sssd-ad.5.xml:529 msgid "ad_gpo_map_remote_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:512 +#: sssd-ad.5.xml:532 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the RemoteInteractiveLogonRight and " @@ -9317,7 +9540,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:518 +#: sssd-ad.5.xml:538 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on through Remote Desktop Services\" and \"Deny log on through Remote " @@ -9325,7 +9548,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:533 +#: sssd-ad.5.xml:553 #, no-wrap msgid "" "ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n" @@ -9333,7 +9556,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:524 +#: sssd-ad.5.xml:544 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9345,22 +9568,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:541 +#: sssd-ad.5.xml:561 msgid "sshd" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:546 +#: sssd-ad.5.xml:566 msgid "cockpit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:555 +#: sssd-ad.5.xml:575 msgid "ad_gpo_map_network (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:558 +#: sssd-ad.5.xml:578 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the NetworkLogonRight and " @@ -9368,7 +9591,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:564 +#: sssd-ad.5.xml:584 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Access " "this computer from the network\" and \"Deny access to this computer from the " @@ -9376,7 +9599,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:579 +#: sssd-ad.5.xml:599 #, no-wrap msgid "" "ad_gpo_map_network = +my_pam_service, -ftp\n" @@ -9384,7 +9607,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:570 +#: sssd-ad.5.xml:590 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9396,22 +9619,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:587 +#: sssd-ad.5.xml:607 msgid "ftp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:592 +#: sssd-ad.5.xml:612 msgid "samba" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:601 +#: sssd-ad.5.xml:621 msgid "ad_gpo_map_batch (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:604 +#: sssd-ad.5.xml:624 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " @@ -9419,14 +9642,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:610 +#: sssd-ad.5.xml:630 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a batch job\" and \"Deny log on as a batch job\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:624 +#: sssd-ad.5.xml:644 #, no-wrap msgid "" "ad_gpo_map_batch = +my_pam_service, -crond\n" @@ -9434,7 +9657,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:615 +#: sssd-ad.5.xml:635 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9446,17 +9669,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:632 +#: sssd-ad.5.xml:652 msgid "crond" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:641 +#: sssd-ad.5.xml:661 msgid "ad_gpo_map_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:644 +#: sssd-ad.5.xml:664 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the ServiceLogonRight and " @@ -9464,14 +9687,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:650 +#: sssd-ad.5.xml:670 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a service\" and \"Deny log on as a service\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:663 +#: sssd-ad.5.xml:683 #, no-wrap msgid "" "ad_gpo_map_service = +my_pam_service\n" @@ -9479,7 +9702,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:655 sssd-ad.5.xml:730 +#: sssd-ad.5.xml:675 sssd-ad.5.xml:750 msgid "" "It is possible to add a PAM service name to the default set by using <quote>" "+service_name</quote>. Since the default set is empty, it is not possible " @@ -9490,19 +9713,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:673 +#: sssd-ad.5.xml:693 msgid "ad_gpo_map_permit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:676 +#: sssd-ad.5.xml:696 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always granted, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:690 +#: sssd-ad.5.xml:710 #, no-wrap msgid "" "ad_gpo_map_permit = +my_pam_service, -sudo\n" @@ -9510,7 +9733,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:681 +#: sssd-ad.5.xml:701 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9522,39 +9745,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:698 +#: sssd-ad.5.xml:718 msgid "polkit-1" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:703 +#: sssd-ad.5.xml:723 msgid "sudo" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:708 +#: sssd-ad.5.xml:728 msgid "sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:713 +#: sssd-ad.5.xml:733 msgid "systemd-user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:722 +#: sssd-ad.5.xml:742 msgid "ad_gpo_map_deny (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:725 +#: sssd-ad.5.xml:745 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always denied, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:738 +#: sssd-ad.5.xml:758 #, no-wrap msgid "" "ad_gpo_map_deny = +my_pam_service\n" @@ -9562,12 +9785,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:748 +#: sssd-ad.5.xml:768 msgid "ad_gpo_default_right (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:751 +#: sssd-ad.5.xml:771 msgid "" "This option defines how access control is evaluated for PAM service names " "that are not explicitly listed in one of the ad_gpo_map_* options. This " @@ -9580,57 +9803,57 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:764 +#: sssd-ad.5.xml:784 msgid "Supported values for this option include:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:768 +#: sssd-ad.5.xml:788 msgid "interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:773 +#: sssd-ad.5.xml:793 msgid "remote_interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:778 +#: sssd-ad.5.xml:798 msgid "network" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:783 +#: sssd-ad.5.xml:803 msgid "batch" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:788 +#: sssd-ad.5.xml:808 msgid "service" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:793 +#: sssd-ad.5.xml:813 msgid "permit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:798 +#: sssd-ad.5.xml:818 msgid "deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:804 +#: sssd-ad.5.xml:824 msgid "Default: deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:810 +#: sssd-ad.5.xml:830 msgid "ad_maximum_machine_account_password_age (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:813 +#: sssd-ad.5.xml:833 msgid "" "SSSD will check once a day if the machine account password is older than the " "given age in days and try to renew it. A value of 0 will disable the renewal " @@ -9638,17 +9861,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:819 +#: sssd-ad.5.xml:839 msgid "Default: 30 days" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:825 +#: sssd-ad.5.xml:845 msgid "ad_machine_account_password_renewal_opts (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:828 +#: sssd-ad.5.xml:848 msgid "" "This option should only be used to test the machine account renewal task. " "The option expects 2 integers separated by a colon (':'). The first integer " @@ -9658,12 +9881,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:837 +#: sssd-ad.5.xml:857 msgid "Default: 86400:750 (24h and 15m)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:846 +#: sssd-ad.5.xml:866 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -9674,19 +9897,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:876 +#: sssd-ad.5.xml:896 msgid "Default: 3600 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:892 +#: sssd-ad.5.xml:912 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:905 +#: sssd-ad.5.xml:925 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -9696,12 +9919,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:928 sss_rpcidmapd.5.xml:76 +#: sssd-ad.5.xml:948 sss_rpcidmapd.5.xml:76 msgid "Default: True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1020 +#: sssd-ad.5.xml:1040 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -9709,7 +9932,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1027 +#: sssd-ad.5.xml:1047 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -9724,7 +9947,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1047 +#: sssd-ad.5.xml:1067 #, no-wrap msgid "" "access_provider = ldap\n" @@ -9733,7 +9956,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1043 +#: sssd-ad.5.xml:1063 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -9741,7 +9964,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1053 +#: sssd-ad.5.xml:1073 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -9751,7 +9974,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1061 +#: sssd-ad.5.xml:1081 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " @@ -10061,33 +10284,73 @@ msgid "" "files for every SSSD service and domain." msgstr "" +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:94 +msgid "" +"This option is deprecated. It is replaced by <option>--logger=files</option>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sssd.8.xml:101 +msgid "<option>--logger=</option><replaceable>value</replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:105 +msgid "" +"Location where SSSD will send log messages. This option overrides the value " +"of the deprecated option <option>--debug-to-files</option>. The deprecated " +"option will still work if the <option>--logger</option> is not used." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:112 +msgid "" +"<emphasis>stderr</emphasis>: Redirect debug messages to standard error " +"output." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:116 +msgid "" +"<emphasis>files</emphasis>: Redirect debug messages to the log files. By " +"default, the log files are stored in <filename>/var/log/sssd</filename> and " +"there are separate log files for every SSSD service and domain." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:122 +msgid "" +"<emphasis>journald</emphasis>: Redirect debug messages to systemd-journald" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:97 +#: sssd.8.xml:132 msgid "<option>-D</option>,<option>--daemon</option>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:101 +#: sssd.8.xml:136 msgid "Become a daemon after starting up." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:107 sss_seed.8.xml:136 +#: sssd.8.xml:142 sss_seed.8.xml:136 msgid "<option>-i</option>,<option>--interactive</option>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:111 +#: sssd.8.xml:146 msgid "Run in the foreground, don't become a daemon." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:117 +#: sssd.8.xml:152 msgid "<option>-c</option>,<option>--config</option>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:121 +#: sssd.8.xml:156 msgid "" "Specify a non-default config file. The default is <filename>/etc/sssd/sssd." "conf</filename>. For reference on the config file syntax and options, " @@ -10096,39 +10359,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:135 +#: sssd.8.xml:170 msgid "<option>--version</option>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:139 +#: sssd.8.xml:174 msgid "Print version number and exit." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.8.xml:147 +#: sssd.8.xml:182 msgid "Signals" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:150 +#: sssd.8.xml:185 msgid "SIGTERM/SIGINT" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:153 +#: sssd.8.xml:188 msgid "" "Informs the SSSD to gracefully terminate all of its child processes and then " "shut down the monitor." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:159 +#: sssd.8.xml:194 msgid "SIGHUP" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:162 +#: sssd.8.xml:197 msgid "" "Tells the SSSD to stop writing to its current debug file descriptors and to " "close and reopen them. This is meant to facilitate log rolling with programs " @@ -10136,12 +10399,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:170 +#: sssd.8.xml:205 msgid "SIGUSR1" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:173 +#: sssd.8.xml:208 msgid "" "Tells the SSSD to simulate offline operation for the duration of the " "<quote>offline_timeout</quote> parameter. This is useful for testing. The " @@ -10150,12 +10413,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:182 +#: sssd.8.xml:217 msgid "SIGUSR2" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:185 +#: sssd.8.xml:220 msgid "" "Tells the SSSD to go online immediately. This is useful for testing. The " "signal can be sent to either the sssd process or any sssd_be process " @@ -10163,7 +10426,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.8.xml:197 +#: sssd.8.xml:232 msgid "" "If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", client " "applications will not use the fast in memory cache." @@ -12521,7 +12784,7 @@ msgid "" "project was born to deal with this problem in cloud like environments, but " "we found the idea compelling even at a single system level. As a security " "service, SSSD is ideal to host this capability while offering the same API " -"via a Unix Socket. This will make it possible to use local calls and have " +"via a UNIX Socket. This will make it possible to use local calls and have " "them transparently routed to a local or a remote key management store like " "IPA Vault for storage, escrow and recovery." msgstr "" diff --git a/src/man/po/uk.po b/src/man/po/uk.po index 97ed53c649e..5daf2d5e416 100644 --- a/src/man/po/uk.po +++ b/src/man/po/uk.po @@ -12,7 +12,7 @@ msgid "" msgstr "" "Project-Id-Version: sssd-docs 1.15.3\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2017-10-20 16:15+0200\n" +"POT-Creation-Date: 2018-03-09 12:30+0100\n" "PO-Revision-Date: 2017-07-31 03:21-0400\n" "Last-Translator: Copied by Zanata <copied-by-zanata@zanata.org>\n" "Language-Team: Ukrainian (http://www.transifex.com/projects/p/sssd/language/" @@ -359,9 +359,9 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:133 sssd.conf.5.xml:543 sssd.conf.5.xml:837 -#: sssd.conf.5.xml:1467 sssd-ldap.5.xml:1722 sssd-ldap.5.xml:1819 -#: sssd-ldap.5.xml:1881 sssd-ldap.5.xml:2447 sssd-ldap.5.xml:2512 -#: sssd-ldap.5.xml:2530 sssd-ad.5.xml:211 sssd-ad.5.xml:325 sssd-ad.5.xml:862 +#: sssd.conf.5.xml:1474 sssd-ldap.5.xml:1840 sssd-ldap.5.xml:1937 +#: sssd-ldap.5.xml:1999 sssd-ldap.5.xml:2565 sssd-ldap.5.xml:2630 +#: sssd-ldap.5.xml:2648 sssd-ad.5.xml:224 sssd-ad.5.xml:338 sssd-ad.5.xml:882 #: sssd-krb5.5.xml:499 sssd-secrets.5.xml:351 sssd-secrets.5.xml:364 msgid "Default: true" msgstr "Типове значення: true" @@ -383,16 +383,16 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:146 sssd.conf.5.xml:540 sssd.conf.5.xml:721 -#: sssd.conf.5.xml:1400 sssd.conf.5.xml:2865 sssd-ldap.5.xml:708 -#: sssd-ldap.5.xml:1596 sssd-ldap.5.xml:1615 sssd-ldap.5.xml:1791 -#: sssd-ldap.5.xml:2217 sssd-ipa.5.xml:145 sssd-ipa.5.xml:232 -#: sssd-ipa.5.xml:540 sssd-krb5.5.xml:266 sssd-krb5.5.xml:300 +#: sssd.conf.5.xml:1407 sssd.conf.5.xml:2925 sssd-ldap.5.xml:708 +#: sssd-ldap.5.xml:1714 sssd-ldap.5.xml:1733 sssd-ldap.5.xml:1909 +#: sssd-ldap.5.xml:2335 sssd-ipa.5.xml:151 sssd-ipa.5.xml:238 +#: sssd-ipa.5.xml:559 sssd-krb5.5.xml:266 sssd-krb5.5.xml:300 #: sssd-krb5.5.xml:471 msgid "Default: false" msgstr "Типове значення: false" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2255 +#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2373 #: sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 sssd-systemtap.5.xml:210 #: sssd-systemtap.5.xml:248 sssd-systemtap.5.xml:304 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" @@ -421,8 +421,8 @@ msgstr "" "самостійно." #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:169 sssd.conf.5.xml:1352 sssd.conf.5.xml:2881 -#: sssd-ldap.5.xml:1467 include/ldap_id_mapping.xml:264 +#: sssd.conf.5.xml:169 sssd.conf.5.xml:1359 sssd.conf.5.xml:2941 +#: sssd-ldap.5.xml:1585 include/ldap_id_mapping.xml:264 msgid "Default: 10" msgstr "Типове значення: 10" @@ -437,7 +437,7 @@ msgid "The [sssd] section" msgstr "Розділ [sssd]" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:191 sssd.conf.5.xml:2970 +#: sssd.conf.5.xml:191 sssd.conf.5.xml:3030 msgid "Section parameters" msgstr "Параметри розділу" @@ -462,10 +462,16 @@ msgstr "services" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:205 +#, fuzzy +#| msgid "" +#| "Comma separated list of services that are started when sssd itself " +#| "starts. <phrase condition=\"have_systemd\"> The services' list is " +#| "optional on platforms where systemd is supported, as they will either be " +#| "socket or dbus activated when needed. </phrase>" msgid "" "Comma separated list of services that are started when sssd itself starts. " "<phrase condition=\"have_systemd\"> The services' list is optional on " -"platforms where systemd is supported, as they will either be socket or dbus " +"platforms where systemd is supported, as they will either be socket or D-Bus " "activated when needed. </phrase>" msgstr "" "Список служб, відокремлених комами, які запускаються разом із sssd. <phrase " @@ -539,7 +545,7 @@ msgstr "" "ASCII, дефісів, крапок та знаків підкреслювання." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:259 sssd.conf.5.xml:2508 +#: sssd.conf.5.xml:259 sssd.conf.5.xml:2539 msgid "re_expression (string)" msgstr "re_expression (рядок)" @@ -565,12 +571,12 @@ msgstr "" "ДОМЕНІВ." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:276 sssd.conf.5.xml:2559 +#: sssd.conf.5.xml:276 sssd.conf.5.xml:2590 msgid "full_name_format (string)" msgstr "full_name_format (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:279 sssd.conf.5.xml:2562 +#: sssd.conf.5.xml:279 sssd.conf.5.xml:2593 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -582,32 +588,32 @@ msgstr "" "домену." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:290 sssd.conf.5.xml:2573 +#: sssd.conf.5.xml:290 sssd.conf.5.xml:2604 msgid "%1$s" msgstr "%1$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:291 sssd.conf.5.xml:2574 +#: sssd.conf.5.xml:291 sssd.conf.5.xml:2605 msgid "user name" msgstr "ім’я користувача" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:294 sssd.conf.5.xml:2577 +#: sssd.conf.5.xml:294 sssd.conf.5.xml:2608 msgid "%2$s" msgstr "%2$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:297 sssd.conf.5.xml:2580 +#: sssd.conf.5.xml:297 sssd.conf.5.xml:2611 msgid "domain name as specified in the SSSD config file." msgstr "назва домену у форматі, вказаному у файлі налаштувань SSSD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:303 sssd.conf.5.xml:2586 +#: sssd.conf.5.xml:303 sssd.conf.5.xml:2617 msgid "%3$s" msgstr "%3$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:306 sssd.conf.5.xml:2589 +#: sssd.conf.5.xml:306 sssd.conf.5.xml:2620 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." @@ -616,7 +622,7 @@ msgstr "" "Directory, налаштованих та автоматично виявлених за зв’язками довіри IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:287 sssd.conf.5.xml:2570 +#: sssd.conf.5.xml:287 sssd.conf.5.xml:2601 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -783,12 +789,13 @@ msgstr "" "use_fully_qualified_names рівним False." #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:418 sssd.conf.5.xml:1156 sssd-ldap.5.xml:679 -#: sssd-ldap.5.xml:1555 sssd-ldap.5.xml:1567 sssd-ldap.5.xml:1649 -#: sssd-ad.5.xml:667 sssd-ad.5.xml:742 sssd-krb5.5.xml:410 sssd-krb5.5.xml:556 -#: sssd-secrets.5.xml:339 sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 -#: sssd-secrets.5.xml:404 sssd-secrets.5.xml:415 -#: include/ldap_id_mapping.xml:205 include/ldap_id_mapping.xml:216 +#: sssd.conf.5.xml:418 sssd.conf.5.xml:1163 sssd-ldap.5.xml:679 +#: sssd-ldap.5.xml:1319 sssd-ldap.5.xml:1673 sssd-ldap.5.xml:1685 +#: sssd-ldap.5.xml:1767 sssd-ad.5.xml:687 sssd-ad.5.xml:762 sssd.8.xml:126 +#: sssd-krb5.5.xml:410 sssd-krb5.5.xml:556 sssd-secrets.5.xml:339 +#: sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 sssd-secrets.5.xml:404 +#: sssd-secrets.5.xml:415 include/ldap_id_mapping.xml:205 +#: include/ldap_id_mapping.xml:216 msgid "Default: not set" msgstr "Типове значення: not set" @@ -1017,8 +1024,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:587 sssd.conf.5.xml:1364 sssd.conf.5.xml:2931 -#: sssd-ad.5.xml:148 sssd-ad.5.xml:286 sssd-ad.5.xml:300 +#: sssd.conf.5.xml:587 sssd.conf.5.xml:1371 sssd.conf.5.xml:2991 +#: sssd-ad.5.xml:161 sssd-ad.5.xml:299 sssd-ad.5.xml:313 msgid "Default: Not set" msgstr "Типове значення: не встановлено" @@ -1115,7 +1122,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:655 sssd.conf.5.xml:687 sssd.conf.5.xml:968 -#: sssd.conf.5.xml:1222 sssd-ldap.5.xml:1294 +#: sssd.conf.5.xml:1229 sssd-ldap.5.xml:1412 msgid "Default: 60" msgstr "Типове значення: 60" @@ -1174,13 +1181,22 @@ msgstr "responder_idle_timeout" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:695 +#, fuzzy +#| msgid "" +#| "This option specifies the number of seconds that an SSSD responder " +#| "process can be up without being used. This value is limited in order to " +#| "avoid resource exhaustion on the system. The minimum acceptable value " +#| "for this option is 60 seconds. Setting this option to 0 (zero) means " +#| "that no timeout will be set up to the responder. This option only has " +#| "effect when SSSD is built with systemd support and when services are " +#| "either socket or dbus activated." msgid "" "This option specifies the number of seconds that an SSSD responder process " "can be up without being used. This value is limited in order to avoid " "resource exhaustion on the system. The minimum acceptable value for this " "option is 60 seconds. Setting this option to 0 (zero) means that no timeout " "will be set up to the responder. This option only has effect when SSSD is " -"built with systemd support and when services are either socket or dbus " +"built with systemd support and when services are either socket or D-Bus " "activated." msgstr "" "Цей параметр визначає кількість секунд, протягом яких процес відповідача " @@ -1192,7 +1208,7 @@ msgstr "" "і якщо служби активуються за допомогою або сокетів або D-Bus." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:709 sssd.conf.5.xml:980 sssd.conf.5.xml:1559 +#: sssd.conf.5.xml:709 sssd.conf.5.xml:981 sssd.conf.5.xml:1566 #: sssd-ldap.5.xml:722 msgid "Default: 300" msgstr "Типове значення: 300" @@ -1289,7 +1305,7 @@ msgstr "" "можливість." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:775 sssd.conf.5.xml:1421 +#: sssd.conf.5.xml:775 sssd.conf.5.xml:1428 msgid "Default: 50" msgstr "Типове значення: 50" @@ -1310,7 +1326,7 @@ msgstr "" "даних, зокрема неіснуючих) перед повторним запитом до сервера обробки." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:789 sssd.conf.5.xml:1445 +#: sssd.conf.5.xml:789 sssd.conf.5.xml:1452 msgid "Default: 15" msgstr "Типове значення: 15" @@ -1330,7 +1346,7 @@ msgstr "" "шукати їх за допомогою модуля надання даних." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:802 sssd.conf.5.xml:1210 sssd.conf.5.xml:2815 sssd.8.xml:79 +#: sssd.conf.5.xml:802 sssd.conf.5.xml:1217 sssd.conf.5.xml:2846 sssd.8.xml:79 msgid "Default: 0" msgstr "Типове значення: 0" @@ -1418,7 +1434,7 @@ msgstr "" " " #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:856 sssd.conf.5.xml:1289 sssd.conf.5.xml:1308 +#: sssd.conf.5.xml:856 sssd.conf.5.xml:1296 sssd.conf.5.xml:1315 #: sssd-krb5.5.xml:539 include/override_homedir.xml:59 msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "приклад: <placeholder type=\"programlisting\" id=\"0\"/>" @@ -1586,12 +1602,12 @@ msgstr "" "зазвичай /bin/sh)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:961 sssd.conf.5.xml:1215 +#: sssd.conf.5.xml:961 sssd.conf.5.xml:1222 msgid "get_domains_timeout (int)" msgstr "get_domains_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:964 sssd.conf.5.xml:1218 +#: sssd.conf.5.xml:964 sssd.conf.5.xml:1225 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." @@ -1606,15 +1622,26 @@ msgstr "memcache_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:976 +#, fuzzy +#| msgid "" +#| "Specifies time in seconds for which records in the in-memory cache will " +#| "be valid." msgid "" "Specifies time in seconds for which records in the in-memory cache will be " -"valid." +"valid. Setting this option to zero will disable the in-memory cache." msgstr "" "Визначає час у секундах, протягом якого список піддоменів вважатиметься " "чинним." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:983 +#: sssd.conf.5.xml:984 +msgid "" +"WARNING: Disabling the in-memory cache will have significant negative impact " +"on SSSD's performance and should only be used for testing." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:990 msgid "" "NOTE: If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", " "client applications will not use the fast in-memory cache." @@ -1624,12 +1651,12 @@ msgstr "" "пам’яті." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:991 sssd-ifp.5.xml:74 +#: sssd.conf.5.xml:998 sssd-ifp.5.xml:74 msgid "user_attributes (string)" msgstr "user_attributes (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:994 +#: sssd.conf.5.xml:1001 msgid "" "Some of the additional NSS responder requests can return more attributes " "than just the POSIX ones defined by the NSS interface. The list of " @@ -1646,7 +1673,7 @@ msgstr "" "manvolnum> </citerefentry>, щоб дізнатися більше), але без типових значень." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1007 +#: sssd.conf.5.xml:1014 msgid "" "To make configuration more easy the NSS responder will check the InfoPipe " "option if it is not set for the NSS responder." @@ -1655,19 +1682,19 @@ msgstr "" "на те, чи не встановлено його для відповідача NSS." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1012 +#: sssd.conf.5.xml:1019 msgid "Default: not set, fallback to InfoPipe option" msgstr "" "Типове значення: не встановлено, резервне значення визначається за " "параметром InfoPipe" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1017 +#: sssd.conf.5.xml:1024 msgid "pwfield (string)" msgstr "pwfield (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1020 +#: sssd.conf.5.xml:1027 msgid "" "The value that NSS operations that return users or groups will return for " "the <quote>password</quote> field." @@ -1676,13 +1703,13 @@ msgstr "" "груп, для поля <quote>password</quote>." #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:1025 include/override_homedir.xml:56 +#: sssd.conf.5.xml:1032 include/override_homedir.xml:56 msgid "This option can also be set per-domain." msgstr "" "Значення цього параметра можна встановлювати для кожного з доменів окремо." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1028 +#: sssd.conf.5.xml:1035 msgid "" "Default: <quote>*</quote> (remote domains) or <quote>x</quote> (the files " "domain)" @@ -1691,12 +1718,12 @@ msgstr "" "(файловий домен)" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1036 +#: sssd.conf.5.xml:1043 msgid "PAM configuration options" msgstr "Параметри налаштування PAM" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1038 +#: sssd.conf.5.xml:1045 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." @@ -1705,12 +1732,12 @@ msgstr "" "Authentication Module (PAM або блокового модуля розпізнавання)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1043 +#: sssd.conf.5.xml:1050 msgid "offline_credentials_expiration (integer)" msgstr "offline_credentials_expiration (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1046 +#: sssd.conf.5.xml:1053 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." @@ -1720,17 +1747,17 @@ msgstr "" "входу до системи)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1051 sssd.conf.5.xml:1064 +#: sssd.conf.5.xml:1058 sssd.conf.5.xml:1071 msgid "Default: 0 (No limit)" msgstr "Типове значення: 0 (без обмежень)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1057 +#: sssd.conf.5.xml:1064 msgid "offline_failed_login_attempts (integer)" msgstr "offline_failed_login_attempts (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1060 +#: sssd.conf.5.xml:1067 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." @@ -1739,12 +1766,12 @@ msgstr "" "дозволену кількість спроб входу з визначенням помилкового пароля." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1070 +#: sssd.conf.5.xml:1077 msgid "offline_failed_login_delay (integer)" msgstr "offline_failed_login_delay (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1073 +#: sssd.conf.5.xml:1080 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." @@ -1754,7 +1781,7 @@ msgstr "" "системи." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1078 +#: sssd.conf.5.xml:1085 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -1766,17 +1793,17 @@ msgstr "" "увімкнути можливість автономного розпізнавання." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1084 sssd.conf.5.xml:1182 +#: sssd.conf.5.xml:1091 sssd.conf.5.xml:1189 msgid "Default: 5" msgstr "Типове значення: 5" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1090 +#: sssd.conf.5.xml:1097 msgid "pam_verbosity (integer)" msgstr "pam_verbosity (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1093 +#: sssd.conf.5.xml:1100 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." @@ -1785,43 +1812,43 @@ msgstr "" "розпізнавання. Чим більшим є значення, тим більше повідомлень буде показано." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1098 +#: sssd.conf.5.xml:1105 msgid "Currently sssd supports the following values:" msgstr "У поточній версії sssd передбачено підтримку таких значень:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1101 +#: sssd.conf.5.xml:1108 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "<emphasis>0</emphasis>: не показувати жодних повідомлень" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1104 +#: sssd.conf.5.xml:1111 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "<emphasis>1</emphasis>: показувати лише важливі повідомлення" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1108 +#: sssd.conf.5.xml:1115 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "<emphasis>2</emphasis>: показувати всі інформаційні повідомлення" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1111 +#: sssd.conf.5.xml:1118 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" "<emphasis>3</emphasis>: показувати всі повідомлення та діагностичні дані" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1115 sssd.8.xml:63 +#: sssd.conf.5.xml:1122 sssd.8.xml:63 msgid "Default: 1" msgstr "Типове значення: 1" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1121 +#: sssd.conf.5.xml:1128 msgid "pam_response_filter (integer)" msgstr "pam_response_filter (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1124 +#: sssd.conf.5.xml:1131 #, fuzzy #| msgid "" #| "A comma separated list of strings which allows to remove (filter) data " @@ -1841,7 +1868,7 @@ msgstr "" "встановлювати за допомогою pam_sss." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1132 +#: sssd.conf.5.xml:1139 msgid "" "While messages already can be controlled with the help of the pam_verbosity " "option this option allows to filter out other kind of responses as well." @@ -1851,43 +1878,43 @@ msgstr "" "повідомлень." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1139 +#: sssd.conf.5.xml:1146 msgid "ENV" msgstr "ENV" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1140 +#: sssd.conf.5.xml:1147 #, fuzzy #| msgid "Do not sent any environment variables to any service." msgid "Do not send any environment variables to any service." msgstr "Не надсилати жодних змінних середовища до жодної служби." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1143 +#: sssd.conf.5.xml:1150 msgid "ENV:var_name" msgstr "ENV:назва_змінної" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1144 +#: sssd.conf.5.xml:1151 #, fuzzy #| msgid "Do not sent environment variable var_name to any service." msgid "Do not send environment variable var_name to any service." msgstr "Не надсилати змінної середовища назва_змінної до жодної служби." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1148 +#: sssd.conf.5.xml:1155 msgid "ENV:var_name:service" msgstr "ENV:назва_змінної:служба" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1149 +#: sssd.conf.5.xml:1156 #, fuzzy #| msgid "Do not sent environment variable var_name to service." msgid "Do not send environment variable var_name to service." msgstr "Не надсилати змінної середовища назва_змінної до вказаної служби." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1137 +#: sssd.conf.5.xml:1144 msgid "" "Currently the following filters are supported: <placeholder type=" "\"variablelist\" id=\"0\"/>" @@ -1896,17 +1923,17 @@ msgstr "" "\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1159 +#: sssd.conf.5.xml:1166 msgid "Example: ENV:KRB5CCNAME:sudo-i" msgstr "Приклад: ENV:KRB5CCNAME:sudo-i" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1165 +#: sssd.conf.5.xml:1172 msgid "pam_id_timeout (integer)" msgstr "pam_id_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1168 +#: sssd.conf.5.xml:1175 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1917,7 +1944,7 @@ msgstr "" "що розпізнавання виконується на основі найсвіжіших даних." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1174 +#: sssd.conf.5.xml:1181 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -1931,18 +1958,18 @@ msgstr "" "надання даних профілів." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1188 +#: sssd.conf.5.xml:1195 msgid "pam_pwd_expiration_warning (integer)" msgstr "pam_pwd_expiration_warning (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1191 sssd.conf.5.xml:2010 +#: sssd.conf.5.xml:1198 sssd.conf.5.xml:2028 msgid "Display a warning N days before the password expires." msgstr "" "Показати попередження за вказану кількість днів перед завершенням дії пароля." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1194 +#: sssd.conf.5.xml:1201 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1953,7 +1980,7 @@ msgstr "" "попередження." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1200 sssd.conf.5.xml:2013 +#: sssd.conf.5.xml:1207 sssd.conf.5.xml:2031 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." @@ -1963,7 +1990,7 @@ msgstr "" "буде автоматично показано." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1205 +#: sssd.conf.5.xml:1212 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." @@ -1972,12 +1999,12 @@ msgstr "" "<emphasis>pwd_expiration_warning</emphasis> для окремого домену." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:1234 msgid "pam_trusted_users (string)" msgstr "pam_trusted_users (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1230 +#: sssd.conf.5.xml:1237 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to run PAM conversations against trusted domains. Users not " @@ -1993,13 +2020,13 @@ msgstr "" "під час запуску системи." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1240 +#: sssd.conf.5.xml:1247 msgid "Default: All users are considered trusted by default" msgstr "" "Типове значення: типово усі користувачі вважаються надійними (довіреними)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1244 +#: sssd.conf.5.xml:1251 msgid "" "Please note that UID 0 is always allowed to access the PAM responder even in " "case it is not in the pam_trusted_users list." @@ -2008,12 +2035,12 @@ msgstr "" "відповідача PAM, навіть якщо користувача немає у списку pam_trusted_users." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1251 +#: sssd.conf.5.xml:1258 msgid "pam_public_domains (string)" msgstr "pam_public_domains (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1254 +#: sssd.conf.5.xml:1261 msgid "" "Specifies the comma-separated list of domain names that are accessible even " "to untrusted users." @@ -2022,12 +2049,12 @@ msgstr "" "отримувати навіть ненадійні користувачі." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1258 +#: sssd.conf.5.xml:1265 msgid "Two special values for pam_public_domains option are defined:" msgstr "Визначено два спеціальних значення параметра pam_public_domains:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1262 +#: sssd.conf.5.xml:1269 msgid "" "all (Untrusted users are allowed to access all domains in PAM responder.)" msgstr "" @@ -2035,7 +2062,7 @@ msgstr "" "PAM.)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1266 +#: sssd.conf.5.xml:1273 msgid "" "none (Untrusted users are not allowed to access any domains PAM in " "responder.)" @@ -2044,18 +2071,18 @@ msgstr "" "відповідачі.)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1270 sssd.conf.5.xml:1295 sssd.conf.5.xml:1314 -#: sssd.conf.5.xml:1807 sssd.conf.5.xml:2751 sssd-ldap.5.xml:1850 +#: sssd.conf.5.xml:1277 sssd.conf.5.xml:1302 sssd.conf.5.xml:1321 +#: sssd.conf.5.xml:1825 sssd.conf.5.xml:2782 sssd-ldap.5.xml:1968 msgid "Default: none" msgstr "Типове значення: none" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1275 +#: sssd.conf.5.xml:1282 msgid "pam_account_expired_message (string)" msgstr "pam_account_expired_message (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1278 +#: sssd.conf.5.xml:1285 msgid "" "Allows a custom expiration message to be set, replacing the default " "'Permission denied' message." @@ -2064,7 +2091,7 @@ msgstr "" "замінити типове повідомлення «Доступ заборонено» («Permission denied»)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1283 +#: sssd.conf.5.xml:1290 msgid "" "Note: Please be aware that message is only printed for the SSH service " "unless pam_verbosity is set to 3 (show all messages and debug information)." @@ -2074,7 +2101,7 @@ msgstr "" "(показувати усі повідомлення і діагностичні дані)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1291 +#: sssd.conf.5.xml:1298 #, no-wrap msgid "" "pam_account_expired_message = Account expired, please contact help desk.\n" @@ -2084,12 +2111,12 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1300 +#: sssd.conf.5.xml:1307 msgid "pam_account_locked_message (string)" msgstr "pam_account_locked_message (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1303 +#: sssd.conf.5.xml:1310 msgid "" "Allows a custom lockout message to be set, replacing the default 'Permission " "denied' message." @@ -2098,7 +2125,7 @@ msgstr "" "типове повідомлення «Доступ заборонено» («Permission denied»)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1310 +#: sssd.conf.5.xml:1317 #, no-wrap msgid "" "pam_account_locked_message = Account locked, please contact help desk.\n" @@ -2108,12 +2135,12 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1319 +#: sssd.conf.5.xml:1326 msgid "pam_cert_auth (bool)" msgstr "pam_cert_auth (булеве значення)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1322 +#: sssd.conf.5.xml:1329 msgid "" "Enable certificate based Smartcard authentication. Since this requires " "additional communication with the Smartcard which will delay the " @@ -2124,19 +2151,19 @@ msgstr "" "розпізнавання, типово таку сертифікацію вимкнено." #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1328 sssd-ldap.5.xml:1078 sssd-ldap.5.xml:1105 -#: sssd-ldap.5.xml:1396 sssd-ldap.5.xml:1417 sssd-ldap.5.xml:1923 -#: include/ldap_id_mapping.xml:244 +#: sssd.conf.5.xml:1335 sssd.conf.5.xml:2875 sssd-ldap.5.xml:1087 +#: sssd-ldap.5.xml:1114 sssd-ldap.5.xml:1514 sssd-ldap.5.xml:1535 +#: sssd-ldap.5.xml:2041 include/ldap_id_mapping.xml:244 msgid "Default: False" msgstr "Типове значення: False" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1333 +#: sssd.conf.5.xml:1340 msgid "pam_cert_db_path (string)" msgstr "pam_cert_db_path (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1336 +#: sssd.conf.5.xml:1343 msgid "" "The path to the certificate database which contain the PKCS#11 modules to " "access the Smartcard." @@ -2145,29 +2172,29 @@ msgstr "" "смарткартки." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1340 +#: sssd.conf.5.xml:1347 msgid "Default: /etc/pki/nssdb (NSS version)" msgstr "Типове значення: /etc/pki/nssdb (версія NSS)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1345 +#: sssd.conf.5.xml:1352 msgid "p11_child_timeout (integer)" msgstr "p11_child_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1348 +#: sssd.conf.5.xml:1355 msgid "How many seconds will pam_sss wait for p11_child to finish." msgstr "" "Час у секундах, протягом якого pam_sss очікуватиме на завершення роботи " "p11_child." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1357 +#: sssd.conf.5.xml:1364 msgid "pam_app_services (string)" msgstr "pam_app_services (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1360 +#: sssd.conf.5.xml:1367 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" @@ -2176,12 +2203,12 @@ msgstr "" "типу <quote>application</quote>" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1373 +#: sssd.conf.5.xml:1380 msgid "SUDO configuration options" msgstr "Параметри налаштування SUDO" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1375 +#: sssd.conf.5.xml:1382 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -2199,12 +2226,12 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1392 +#: sssd.conf.5.xml:1399 msgid "sudo_timed (bool)" msgstr "sudo_timed (булеве значення)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1395 +#: sssd.conf.5.xml:1402 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." @@ -2213,14 +2240,14 @@ msgstr "" "призначені для визначення часових обмежень для записів sudoers." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1407 +#: sssd.conf.5.xml:1414 #, fuzzy #| msgid "ldap_deref_threshold (integer)" msgid "sudo_threshold (integer)" msgstr "ldap_deref_threshold (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1410 +#: sssd.conf.5.xml:1417 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -2230,22 +2257,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1429 +#: sssd.conf.5.xml:1436 msgid "AUTOFS configuration options" msgstr "Параметри налаштування AUTOFS" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1431 +#: sssd.conf.5.xml:1438 msgid "These options can be used to configure the autofs service." msgstr "Цими параметрами можна скористатися для налаштування служби autofs." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1435 +#: sssd.conf.5.xml:1442 msgid "autofs_negative_timeout (integer)" msgstr "autofs_negative_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1438 +#: sssd.conf.5.xml:1445 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -2256,22 +2283,22 @@ msgstr "" "базі даних, зокрема неіснуючих) перед повторним запитом до сервера обробки." #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1454 +#: sssd.conf.5.xml:1461 msgid "SSH configuration options" msgstr "Параметри налаштувань SSH" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1456 +#: sssd.conf.5.xml:1463 msgid "These options can be used to configure the SSH service." msgstr "Цими параметрами можна скористатися для налаштування служби SSH." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1460 +#: sssd.conf.5.xml:1467 msgid "ssh_hash_known_hosts (bool)" msgstr "ssh_hash_known_hosts (булеве значення)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1463 +#: sssd.conf.5.xml:1470 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." @@ -2279,12 +2306,12 @@ msgstr "" "Чи слід хешувати назви та адреси вузлів у керованому файлі known_hosts." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1472 +#: sssd.conf.5.xml:1479 msgid "ssh_known_hosts_timeout (integer)" msgstr "ssh_known_hosts_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1475 +#: sssd.conf.5.xml:1482 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." @@ -2293,17 +2320,17 @@ msgstr "" "файлі known_hosts після надсилання запиту щодо ключів вузла." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1479 +#: sssd.conf.5.xml:1486 msgid "Default: 180" msgstr "Типове значення: 180" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1484 +#: sssd.conf.5.xml:1491 msgid "ca_db (string)" msgstr "ca_db (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1487 +#: sssd.conf.5.xml:1494 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." @@ -2312,17 +2339,17 @@ msgstr "" "перевірки сертифікатів користувачів до отримання з них відкритих ключів ssh." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1492 +#: sssd.conf.5.xml:1499 msgid "Default: /etc/pki/nssdb" msgstr "Типове значення: /etc/pki/nssdb" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1500 +#: sssd.conf.5.xml:1507 msgid "PAC responder configuration options" msgstr "Параметри налаштування відповідача PAC" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1502 +#: sssd.conf.5.xml:1509 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -2340,7 +2367,7 @@ msgstr "" "декодовано і визначено, виконуються деякі з таких дій:" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1511 +#: sssd.conf.5.xml:1518 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -2358,7 +2385,7 @@ msgstr "" "параметра default_shell." #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1519 +#: sssd.conf.5.xml:1526 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." @@ -2367,18 +2394,18 @@ msgstr "" "додано до цих груп." #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1525 +#: sssd.conf.5.xml:1532 msgid "These options can be used to configure the PAC responder." msgstr "" "Цими параметрами можна скористатися для налаштовування відповідача PAC." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1529 sssd-ifp.5.xml:50 +#: sssd.conf.5.xml:1536 sssd-ifp.5.xml:50 msgid "allowed_uids (string)" msgstr "allowed_uids (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1532 +#: sssd.conf.5.xml:1539 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -2389,14 +2416,14 @@ msgstr "" "іменами користувачів визначатимуться під час запуску." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1538 +#: sssd.conf.5.xml:1545 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" "Типове значення: 0 (доступ до відповідача PAC має лише адміністративний " "користувач (root))" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1542 +#: sssd.conf.5.xml:1549 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -2410,12 +2437,12 @@ msgstr "" "запис 0." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1551 +#: sssd.conf.5.xml:1558 msgid "pac_lifetime (integer)" msgstr "pac_lifetime (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1554 +#: sssd.conf.5.xml:1561 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." @@ -2424,14 +2451,14 @@ msgstr "" "використовувати для визначення членства користувача у групі." #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1567 +#: sssd.conf.5.xml:1574 #, fuzzy #| msgid "PAC responder configuration options" msgid "Session recording configuration options" msgstr "Параметри налаштування відповідача PAC" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1569 +#: sssd.conf.5.xml:1576 #, fuzzy #| msgid "" #| "This manual page describes the configuration of the AD provider for " @@ -2455,40 +2482,40 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1582 +#: sssd.conf.5.xml:1589 #, fuzzy #| msgid "These options can be used to configure any service." msgid "These options can be used to configure session recording." msgstr "Цими параметрами можна скористатися для налаштування будь-яких служб." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1586 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:1593 sssd-session-recording.5.xml:64 #, fuzzy #| msgid "user (string)" msgid "scope (string)" msgstr "user (рядок)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1593 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:1600 sssd-session-recording.5.xml:71 #, fuzzy #| msgid "none" msgid "\"none\"" msgstr "none" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1596 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:1603 sssd-session-recording.5.xml:74 #, fuzzy #| msgid "Show user overrides." msgid "No users are recorded." msgstr "Показати перевизначення користувача." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1601 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:1608 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1604 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:1611 sssd-session-recording.5.xml:82 #, fuzzy #| msgid "" #| "Append this user to groups specified by the <replaceable>GROUPS</" @@ -2503,17 +2530,17 @@ msgstr "" "є списком груп, відокремлених комами." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1613 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:1620 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1616 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:1623 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1589 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:1596 sssd-session-recording.5.xml:67 #, fuzzy #| msgid "" #| "The following expansions are supported: <placeholder type=\"variablelist" @@ -2526,21 +2553,21 @@ msgstr "" "\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1623 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:1630 sssd-session-recording.5.xml:101 #, fuzzy #| msgid "Default: none" msgid "Default: \"none\"" msgstr "Типове значення: none" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1628 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:1635 sssd-session-recording.5.xml:106 #, fuzzy #| msgid "user (string)" msgid "users (string)" msgstr "user (рядок)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1631 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:1638 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording enabled. " "Matches user names as returned by NSS. I.e. after the possible space " @@ -2548,21 +2575,21 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1637 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:1644 sssd-session-recording.5.xml:115 #, fuzzy #| msgid "Default: empty, i.e. ldap_uri is used." msgid "Default: Empty. Matches no users." msgstr "Типове значення: порожнє, тобто використовується ldap_uri." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1642 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:1649 sssd-session-recording.5.xml:120 #, fuzzy #| msgid "user (string)" msgid "groups (string)" msgstr "user (рядок)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1645 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:1652 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " @@ -2570,7 +2597,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1651 sssd-session-recording.5.xml:129 +#: sssd.conf.5.xml:1658 sssd-session-recording.5.xml:129 msgid "" "NOTE: using this option (having it set to anything) has a considerable " "performance cost, because each uncached request for a user requires " @@ -2578,22 +2605,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1658 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:1665 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1668 +#: sssd.conf.5.xml:1675 msgid "DOMAIN SECTIONS" msgstr "РОЗДІЛИ ДОМЕНІВ" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1675 +#: sssd.conf.5.xml:1682 msgid "domain_type (string)" msgstr "domain_type (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1678 +#: sssd.conf.5.xml:1685 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " @@ -2606,7 +2633,7 @@ msgstr "" "з доменів POSIX." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1686 +#: sssd.conf.5.xml:1693 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." @@ -2615,7 +2642,7 @@ msgstr "" "<quote>application</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1690 +#: sssd.conf.5.xml:1697 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " @@ -2627,7 +2654,7 @@ msgstr "" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) і відповідача PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1698 +#: sssd.conf.5.xml:1705 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." @@ -2636,7 +2663,7 @@ msgstr "" "application з <quote>id_provider=ldap</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1702 +#: sssd.conf.5.xml:1709 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." @@ -2645,17 +2672,17 @@ msgstr "" "ласка, ознайомтеся із розділом <quote>Домени програм</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1706 +#: sssd.conf.5.xml:1713 msgid "Default: posix" msgstr "Типове значення: posix" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1712 +#: sssd.conf.5.xml:1719 msgid "min_id,max_id (integer)" msgstr "min_id,max_id (ціле значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1715 +#: sssd.conf.5.xml:1722 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." @@ -2664,7 +2691,7 @@ msgstr "" "відповідає цим обмеженням, його буде проігноровано." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1720 +#: sssd.conf.5.xml:1727 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -2677,7 +2704,7 @@ msgstr "" "основної групи і належать діапазону, буде виведено у звичайному режимі." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1727 +#: sssd.conf.5.xml:1734 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." @@ -2686,41 +2713,57 @@ msgstr "" "лише повернення записів за назвою або ідентифікатором." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1731 +#: sssd.conf.5.xml:1738 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "Типові значення: 1 для min_id, 0 (без обмежень) для max_id" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1737 +#: sssd.conf.5.xml:1744 msgid "enumerate (bool)" msgstr "enumerate (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1740 +#: sssd.conf.5.xml:1747 msgid "" -"Determines if a domain can be enumerated. This parameter can have one of the " -"following values:" +"Determines if a domain can be enumerated, that is, whether the domain can " +"list all the users and group it contains. Note that it is not required to " +"enable enumeration in order for secondary groups to be displayed. This " +"parameter can have one of the following values:" msgstr "" -"Визначає, чи можна нумерувати домен. Цей параметр може мати одне з таких " -"значень:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1744 +#: sssd.conf.5.xml:1755 msgid "TRUE = Users and groups are enumerated" msgstr "TRUE = користувачі і групи нумеруються" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1747 +#: sssd.conf.5.xml:1758 msgid "FALSE = No enumerations for this domain" msgstr "FALSE = не використовувати нумерацію для цього домену" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1750 sssd.conf.5.xml:1965 sssd.conf.5.xml:2132 +#: sssd.conf.5.xml:1761 sssd.conf.5.xml:1983 sssd.conf.5.xml:2150 msgid "Default: FALSE" msgstr "Типове значення: FALSE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1753 +#: sssd.conf.5.xml:1764 +msgid "" +"Enumerating a domain requires SSSD to download and store ALL user and group " +"entries from the remote server." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1769 +#, fuzzy +#| msgid "" +#| "Note: Enabling enumeration has a moderate performance impact on SSSD " +#| "while enumeration is running. It may take up to several minutes after " +#| "SSSD startup to fully complete enumerations. During this time, " +#| "individual requests for information will go directly to LDAP, though it " +#| "may be slow, due to the heavy enumeration processing. Saving a large " +#| "number of entries to cache after the enumeration completes might also be " +#| "CPU intensive as the memberships have to be recomputed." msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -2728,7 +2771,9 @@ msgid "" "information will go directly to LDAP, though it may be slow, due to the " "heavy enumeration processing. Saving a large number of entries to cache " "after the enumeration completes might also be CPU intensive as the " -"memberships have to be recomputed." +"memberships have to be recomputed. This can lead to the <quote>sssd_be</" +"quote> process becoming unresponsive or even restarted by the internal " +"watchdog." msgstr "" "Зауваження: вмикання нумерації помірно знизить швидкодію SSSD на час " "виконання нумерації. Нумерація може тривати до декількох хвилин після " @@ -2739,7 +2784,7 @@ msgstr "" "повторне визначення параметрів участі також іноді є складним завданням." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1766 +#: sssd.conf.5.xml:1784 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." @@ -2749,7 +2794,7 @@ msgstr "" "завершено." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1771 +#: sssd.conf.5.xml:1789 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -2763,7 +2808,7 @@ msgstr "" "відповідного використаного засобу обробки ідентифікаторів (id_provider)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1779 +#: sssd.conf.5.xml:1797 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." @@ -2772,32 +2817,32 @@ msgstr "" "об’ємних середовищах." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1787 +#: sssd.conf.5.xml:1805 msgid "subdomain_enumerate (string)" msgstr "subdomain_enumerate (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1794 +#: sssd.conf.5.xml:1812 msgid "all" msgstr "all" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1795 +#: sssd.conf.5.xml:1813 msgid "All discovered trusted domains will be enumerated" msgstr "Усі виявлені надійні домени буде пронумеровано" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1798 +#: sssd.conf.5.xml:1816 msgid "none" msgstr "none" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1799 +#: sssd.conf.5.xml:1817 msgid "No discovered trusted domains will be enumerated" msgstr "Нумерація виявлених надійних доменів не виконуватиметься" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1790 +#: sssd.conf.5.xml:1808 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -2810,12 +2855,12 @@ msgstr "" "доменів, для яких буде увімкнено нумерацію." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1813 +#: sssd.conf.5.xml:1831 msgid "entry_cache_timeout (integer)" msgstr "entry_cache_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1816 +#: sssd.conf.5.xml:1834 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" @@ -2824,7 +2869,7 @@ msgstr "" "надсилати повторний запит до сервера" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1820 +#: sssd.conf.5.xml:1838 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -2841,17 +2886,17 @@ msgstr "" "<manvolnum>8</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1833 +#: sssd.conf.5.xml:1851 msgid "Default: 5400" msgstr "Типове значення: 5400" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1839 +#: sssd.conf.5.xml:1857 msgid "entry_cache_user_timeout (integer)" msgstr "entry_cache_user_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1842 +#: sssd.conf.5.xml:1860 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" @@ -2860,19 +2905,19 @@ msgstr "" "чинними, перш ніж надсилати повторний запит до сервера" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1846 sssd.conf.5.xml:1859 sssd.conf.5.xml:1872 -#: sssd.conf.5.xml:1885 sssd.conf.5.xml:1898 sssd.conf.5.xml:1912 -#: sssd.conf.5.xml:1926 +#: sssd.conf.5.xml:1864 sssd.conf.5.xml:1877 sssd.conf.5.xml:1890 +#: sssd.conf.5.xml:1903 sssd.conf.5.xml:1916 sssd.conf.5.xml:1930 +#: sssd.conf.5.xml:1944 msgid "Default: entry_cache_timeout" msgstr "Типове значення: entry_cache_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1852 +#: sssd.conf.5.xml:1870 msgid "entry_cache_group_timeout (integer)" msgstr "entry_cache_group_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1855 +#: sssd.conf.5.xml:1873 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" @@ -2881,12 +2926,12 @@ msgstr "" "ніж надсилати повторний запит до сервера" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1865 +#: sssd.conf.5.xml:1883 msgid "entry_cache_netgroup_timeout (integer)" msgstr "entry_cache_netgroup_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1868 +#: sssd.conf.5.xml:1886 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" @@ -2895,12 +2940,12 @@ msgstr "" "чинними, перш ніж надсилати повторний запит до сервера" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1878 +#: sssd.conf.5.xml:1896 msgid "entry_cache_service_timeout (integer)" msgstr "entry_cache_service_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1881 +#: sssd.conf.5.xml:1899 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" @@ -2909,12 +2954,12 @@ msgstr "" "ніж надсилати повторний запит до сервера" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1891 +#: sssd.conf.5.xml:1909 msgid "entry_cache_sudo_timeout (integer)" msgstr "entry_cache_sudo_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1894 +#: sssd.conf.5.xml:1912 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" @@ -2923,12 +2968,12 @@ msgstr "" "надсилати повторний запит до сервера" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1904 +#: sssd.conf.5.xml:1922 msgid "entry_cache_autofs_timeout (integer)" msgstr "entry_cache_autofs_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1907 +#: sssd.conf.5.xml:1925 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" @@ -2937,12 +2982,12 @@ msgstr "" "чинними, перш ніж надсилати повторний запит до сервера" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1918 +#: sssd.conf.5.xml:1936 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "entry_cache_ssh_host_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1921 +#: sssd.conf.5.xml:1939 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." @@ -2952,12 +2997,12 @@ msgstr "" "вузла у кеші." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1932 +#: sssd.conf.5.xml:1950 msgid "refresh_expired_interval (integer)" msgstr "refresh_expired_interval (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1935 +#: sssd.conf.5.xml:1953 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." @@ -2967,7 +3012,7 @@ msgstr "" "вичерпано або майже вичерпано." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1940 +#: sssd.conf.5.xml:1958 msgid "" "The background refresh will process users, groups and netgroups in the cache." msgstr "" @@ -2975,42 +3020,42 @@ msgstr "" "груп та мережевих груп у кеші." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1944 +#: sssd.conf.5.xml:1962 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" "Варто визначити для цього параметра значення 3/4 * entry_cache_timeout." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1948 sssd-ldap.5.xml:746 sssd-ipa.5.xml:248 +#: sssd.conf.5.xml:1966 sssd-ldap.5.xml:746 sssd-ipa.5.xml:254 msgid "Default: 0 (disabled)" msgstr "Типове значення: 0 (вимкнено)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1954 +#: sssd.conf.5.xml:1972 msgid "cache_credentials (bool)" msgstr "cache_credentials (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1957 +#: sssd.conf.5.xml:1975 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" "Визначає, чи слід також кешувати реєстраційні дані користувача у локальному " "кеші LDB" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1961 +#: sssd.conf.5.xml:1979 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" "Реєстраційні дані користувача зберігаються у форматі хешу SHA512, а не у " "форматі звичайного тексту" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1971 +#: sssd.conf.5.xml:1989 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "cache_credentials_minimal_first_factor_length (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1974 +#: sssd.conf.5.xml:1992 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " @@ -3022,7 +3067,7 @@ msgstr "" "контрольної суми SHA512 у кеші." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1981 +#: sssd.conf.5.xml:1999 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." @@ -3032,17 +3077,17 @@ msgstr "" "мішенню атак із перебиранням паролів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1986 +#: sssd.conf.5.xml:2004 msgid "Default: 8" msgstr "Типове значення: 8" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1992 +#: sssd.conf.5.xml:2010 msgid "account_cache_expiration (integer)" msgstr "account_cache_expiration (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1995 +#: sssd.conf.5.xml:2013 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -3055,17 +3100,17 @@ msgstr "" "offline_credentials_expiration." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2002 +#: sssd.conf.5.xml:2020 msgid "Default: 0 (unlimited)" msgstr "Типове значення: 0 (без обмежень)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2007 +#: sssd.conf.5.xml:2025 msgid "pwd_expiration_warning (integer)" msgstr "pwd_expiration_warning (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2018 +#: sssd.conf.5.xml:2036 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -3078,17 +3123,17 @@ msgstr "" "даних розпізнавання." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2025 +#: sssd.conf.5.xml:2043 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "Типове значення: 7 (Kerberos), 0 (LDAP)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2031 +#: sssd.conf.5.xml:2049 msgid "id_provider (string)" msgstr "id_provider (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2034 +#: sssd.conf.5.xml:2052 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" @@ -3096,17 +3141,17 @@ msgstr "" "Серед підтримуваних засобів такі:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2038 +#: sssd.conf.5.xml:2056 msgid "<quote>proxy</quote>: Support a legacy NSS provider" msgstr "«proxy»: підтримка застарілого модуля надання даних NSS" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2041 sssd.conf.5.xml:2178 +#: sssd.conf.5.xml:2059 sssd.conf.5.xml:2196 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "<quote>local</quote>: вбудований засіб SSSD для локальних користувачів" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2045 +#: sssd.conf.5.xml:2063 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -3117,8 +3162,8 @@ msgstr "" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2053 sssd.conf.5.xml:2158 sssd.conf.5.xml:2213 -#: sssd.conf.5.xml:2276 +#: sssd.conf.5.xml:2071 sssd.conf.5.xml:2176 sssd.conf.5.xml:2231 +#: sssd.conf.5.xml:2294 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -3131,8 +3176,8 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2062 sssd.conf.5.xml:2167 sssd.conf.5.xml:2222 -#: sssd.conf.5.xml:2285 +#: sssd.conf.5.xml:2080 sssd.conf.5.xml:2185 sssd.conf.5.xml:2240 +#: sssd.conf.5.xml:2303 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3144,12 +3189,12 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2073 +#: sssd.conf.5.xml:2091 msgid "use_fully_qualified_names (bool)" msgstr "use_fully_qualified_names (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2076 +#: sssd.conf.5.xml:2094 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." @@ -3159,7 +3204,7 @@ msgstr "" "NSS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2081 +#: sssd.conf.5.xml:2099 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -3172,7 +3217,7 @@ msgstr "" "не покаже користувача, а <command>getent passwd test@LOCAL</command> покаже." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2089 +#: sssd.conf.5.xml:2107 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -3183,22 +3228,22 @@ msgstr "" "груп, якщо задано неповну назву, буде виконано пошук у всіх доменах." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2096 +#: sssd.conf.5.xml:2114 msgid "Default: FALSE (TRUE if default_domain_suffix is used)" msgstr "Типове значення: FALSE (TRUE, якщо використано default_domain_suffix)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2102 +#: sssd.conf.5.xml:2120 msgid "ignore_group_members (bool)" msgstr "ignore_group_members (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2105 +#: sssd.conf.5.xml:2123 msgid "Do not return group members for group lookups." msgstr "Не повертати записи учасників груп для пошуків груп." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2108 +#: sssd.conf.5.xml:2126 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -3217,7 +3262,7 @@ msgstr "" "$groupname</quote> поверне запитану групу так, наче вона була порожня." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2126 +#: sssd.conf.5.xml:2144 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " @@ -3228,12 +3273,12 @@ msgstr "" "учасників." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2137 +#: sssd.conf.5.xml:2155 msgid "auth_provider (string)" msgstr "auth_provider (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2140 +#: sssd.conf.5.xml:2158 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" @@ -3242,7 +3287,7 @@ msgstr "" "служб розпізнавання:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2144 sssd.conf.5.xml:2206 +#: sssd.conf.5.xml:2162 sssd.conf.5.xml:2224 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3254,7 +3299,7 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2151 +#: sssd.conf.5.xml:2169 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3266,18 +3311,18 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2175 +#: sssd.conf.5.xml:2193 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "<quote>proxy</quote> — трансльоване розпізнавання у іншій системі PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2182 +#: sssd.conf.5.xml:2200 msgid "<quote>none</quote> disables authentication explicitly." msgstr "<quote>none</quote> — вимкнути розпізнавання повністю." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2185 +#: sssd.conf.5.xml:2203 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." @@ -3286,12 +3331,12 @@ msgstr "" "спосіб встановлено і можлива обробка запитів щодо розпізнавання." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2191 +#: sssd.conf.5.xml:2209 msgid "access_provider (string)" msgstr "access_provider (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2194 +#: sssd.conf.5.xml:2212 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -3302,7 +3347,7 @@ msgstr "" "Вбудованими програмами є:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2200 +#: sssd.conf.5.xml:2218 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." @@ -3311,12 +3356,12 @@ msgstr "" "доступу для локального домену." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2203 +#: sssd.conf.5.xml:2221 msgid "<quote>deny</quote> always deny access." msgstr "<quote>deny</quote> — завжди забороняти доступ." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2230 +#: sssd.conf.5.xml:2248 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -3329,7 +3374,7 @@ msgstr "" "refentrytitle> <manvolnum>5</manvolnum></citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2237 +#: sssd.conf.5.xml:2255 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum></" @@ -3341,24 +3386,24 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2244 +#: sssd.conf.5.xml:2262 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" "<quote>proxy</quote> — для трансляції керування доступом до іншого модуля " "PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2247 +#: sssd.conf.5.xml:2265 msgid "Default: <quote>permit</quote>" msgstr "Типове значення: <quote>permit</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2252 +#: sssd.conf.5.xml:2270 msgid "chpass_provider (string)" msgstr "chpass_provider (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2255 +#: sssd.conf.5.xml:2273 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" @@ -3367,7 +3412,7 @@ msgstr "" "підтримку таких систем зміни паролів:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2260 +#: sssd.conf.5.xml:2278 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -3379,7 +3424,7 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2268 +#: sssd.conf.5.xml:2286 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3391,18 +3436,18 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2293 +#: sssd.conf.5.xml:2311 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "<quote>proxy</quote> — трансльована зміна пароля у іншій системі PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2297 +#: sssd.conf.5.xml:2315 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "<quote>none</quote> — явно вимкнути можливість зміни пароля." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2300 +#: sssd.conf.5.xml:2318 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." @@ -3411,19 +3456,19 @@ msgstr "" "цього параметра і якщо система здатна обробляти запити щодо паролів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2307 +#: sssd.conf.5.xml:2325 msgid "sudo_provider (string)" msgstr "sudo_provider (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2310 +#: sssd.conf.5.xml:2328 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" "Служба SUDO, яку використано для цього домену. Серед підтримуваних служб " "SUDO:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2314 +#: sssd.conf.5.xml:2332 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3435,7 +3480,7 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2322 +#: sssd.conf.5.xml:2340 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." @@ -3444,7 +3489,7 @@ msgstr "" "параметрами IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2326 +#: sssd.conf.5.xml:2344 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." @@ -3453,20 +3498,20 @@ msgstr "" "параметрами AD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2330 +#: sssd.conf.5.xml:2348 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "<quote>none</quote> явним чином вимикає SUDO." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2333 sssd.conf.5.xml:2411 sssd.conf.5.xml:2476 -#: sssd.conf.5.xml:2501 +#: sssd.conf.5.xml:2351 sssd.conf.5.xml:2437 sssd.conf.5.xml:2507 +#: sssd.conf.5.xml:2532 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" "Типове значення: використовується значення <quote>id_provider</quote>, якщо " "його встановлено." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2337 +#: sssd.conf.5.xml:2355 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -3484,13 +3529,22 @@ msgstr "" "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" "citerefentry>." +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2370 +msgid "" +"<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " +"background unless the sudo provider is explicitly disabled. Set " +"<emphasis>sudo_provider = None</emphasis> to disable all sudo-related " +"activity in SSSD if you do not want to use sudo with SSSD at all." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2354 +#: sssd.conf.5.xml:2380 msgid "selinux_provider (string)" msgstr "selinux_provider (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2357 +#: sssd.conf.5.xml:2383 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -3501,7 +3555,7 @@ msgstr "" "доступу. Передбачено підтримку таких засобів надання даних SELinux:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2363 +#: sssd.conf.5.xml:2389 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3513,14 +3567,14 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2371 +#: sssd.conf.5.xml:2397 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" "<quote>none</quote> явним чином забороняє отримання даних щодо параметрів " "SELinux." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2374 +#: sssd.conf.5.xml:2400 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." @@ -3529,12 +3583,12 @@ msgstr "" "спосіб встановлено і можлива обробка запитів щодо завантаження SELinux." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2380 +#: sssd.conf.5.xml:2406 msgid "subdomains_provider (string)" msgstr "subdomains_provider (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2383 +#: sssd.conf.5.xml:2409 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" @@ -3544,7 +3598,7 @@ msgstr "" "підтримку таких засобів надання даних піддоменів:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2389 +#: sssd.conf.5.xml:2415 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3556,7 +3610,7 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2398 +#: sssd.conf.5.xml:2424 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -3569,19 +3623,19 @@ msgstr "" "налаштовування засобу надання даних AD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2407 +#: sssd.conf.5.xml:2433 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "<quote>none</quote> забороняє ячним чином отримання даних піддоменів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2417 +#: sssd.conf.5.xml:2443 #, fuzzy #| msgid "selinux_provider (string)" msgid "session_provider (string)" msgstr "selinux_provider (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2420 +#: sssd.conf.5.xml:2446 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " @@ -3589,18 +3643,18 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2427 +#: sssd.conf.5.xml:2453 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2431 +#: sssd.conf.5.xml:2457 msgid "" "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2435 +#: sssd.conf.5.xml:2461 #, fuzzy #| msgid "" #| "Default: <quote>id_provider</quote> is used if it is set and can handle " @@ -3612,13 +3666,20 @@ msgstr "" "Типове значення: буде використано <quote>id_provider</quote>, якщо цей " "спосіб встановлено і можлива обробка запитів щодо завантаження SELinux." +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2465 +msgid "" +"<emphasis>NOTE:</emphasis> In order to have this feature working as expected " +"SSSD must be running as \"root\" and not as the unprivileged user." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2442 +#: sssd.conf.5.xml:2473 msgid "autofs_provider (string)" msgstr "autofs_provider (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2445 +#: sssd.conf.5.xml:2476 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" @@ -3626,7 +3687,7 @@ msgstr "" "autofs:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2449 +#: sssd.conf.5.xml:2480 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3638,7 +3699,7 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2456 +#: sssd.conf.5.xml:2487 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3650,7 +3711,7 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2464 +#: sssd.conf.5.xml:2495 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3662,17 +3723,17 @@ msgstr "" "надання даних AD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2473 +#: sssd.conf.5.xml:2504 msgid "<quote>none</quote> disables autofs explicitly." msgstr "<quote>none</quote> вимикає autofs повністю." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2483 +#: sssd.conf.5.xml:2514 msgid "hostid_provider (string)" msgstr "hostid_provider (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2486 +#: sssd.conf.5.xml:2517 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" @@ -3681,7 +3742,7 @@ msgstr "" "вузла. Серед підтримуваних засобів надання hostid:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2490 +#: sssd.conf.5.xml:2521 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3693,12 +3754,12 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2498 +#: sssd.conf.5.xml:2529 msgid "<quote>none</quote> disables hostid explicitly." msgstr "<quote>none</quote> вимикає hostid повністю." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2511 +#: sssd.conf.5.xml:2542 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -3712,7 +3773,7 @@ msgstr "" "IPA та доменів Active Directory, простій назві (NetBIOS) домену." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2520 +#: sssd.conf.5.xml:2551 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -3725,22 +3786,22 @@ msgstr "" "різні стилі запису імен користувачів:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2525 +#: sssd.conf.5.xml:2556 msgid "username" msgstr "користувач" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2528 +#: sssd.conf.5.xml:2559 msgid "username@domain.name" msgstr "користувач@назва.домену" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2531 +#: sssd.conf.5.xml:2562 msgid "domain\\username" msgstr "домен\\користувач" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2534 +#: sssd.conf.5.xml:2565 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." @@ -3749,7 +3810,7 @@ msgstr "" "того, щоб полегшити інтеграцію користувачів з доменів Windows." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2539 +#: sssd.conf.5.xml:2570 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -3760,7 +3821,7 @@ msgstr "" "домену — все після цього символу." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2545 +#: sssd.conf.5.xml:2576 msgid "" "PLEASE NOTE: the support for non-unique named subpatterns is not available " "on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre " @@ -3772,7 +3833,7 @@ msgstr "" "платформах з версією libpcre 7." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2552 +#: sssd.conf.5.xml:2583 msgid "" "PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?" "P<name>) to label subpatterns." @@ -3782,17 +3843,17 @@ msgstr "" "підшаблонів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2599 +#: sssd.conf.5.xml:2630 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "Типове значення: <quote>%1$s@%2$s</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2605 +#: sssd.conf.5.xml:2636 msgid "lookup_family_order (string)" msgstr "lookup_family_order (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2608 +#: sssd.conf.5.xml:2639 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." @@ -3801,48 +3862,48 @@ msgstr "" "під час виконання пошуків у DNS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2612 +#: sssd.conf.5.xml:2643 msgid "Supported values:" msgstr "Передбачено підтримку таких значень:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2615 +#: sssd.conf.5.xml:2646 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" "ipv4_first: спробувати визначити адресу у форматі IPv4, у разі невдачі " "спробувати формат IPv6" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2618 +#: sssd.conf.5.xml:2649 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" "ipv4_only: намагатися визначити назви вузлів лише у форматі адрес IPv4." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2621 +#: sssd.conf.5.xml:2652 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" "ipv6_first: спробувати визначити адресу у форматі IPv6, у разі невдачі " "спробувати формат IPv4" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2624 +#: sssd.conf.5.xml:2655 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" "ipv6_only: намагатися визначити назви вузлів лише у форматі адрес IPv6." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2627 +#: sssd.conf.5.xml:2658 msgid "Default: ipv4_first" msgstr "Типове значення: ipv4_first" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2633 +#: sssd.conf.5.xml:2664 msgid "dns_resolver_timeout (integer)" msgstr "dns_resolver_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2636 +#: sssd.conf.5.xml:2667 #, fuzzy #| msgid "" #| "Defines the amount of time (in seconds) to wait for a reply from the DNS " @@ -3859,25 +3920,25 @@ msgstr "" "очікування буде перевищено, домен продовжуватиме роботу у автономному режимі." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2643 +#: sssd.conf.5.xml:2674 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2648 sssd-ldap.5.xml:1278 sssd-ldap.5.xml:1320 -#: sssd-ldap.5.xml:1338 sssd-krb5.5.xml:248 +#: sssd.conf.5.xml:2679 sssd-ldap.5.xml:1396 sssd-ldap.5.xml:1438 +#: sssd-ldap.5.xml:1456 sssd-krb5.5.xml:248 msgid "Default: 6" msgstr "Типове значення: 6" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2654 +#: sssd.conf.5.xml:2685 msgid "dns_discovery_domain (string)" msgstr "dns_discovery_domain (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2657 +#: sssd.conf.5.xml:2688 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." @@ -3886,54 +3947,54 @@ msgstr "" "частину запиту визначення служб DNS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2661 +#: sssd.conf.5.xml:2692 msgid "Default: Use the domain part of machine's hostname" msgstr "" "Типова поведінка: використовувати назву домену з назви вузла комп’ютера." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2667 +#: sssd.conf.5.xml:2698 msgid "override_gid (integer)" msgstr "override_gid (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2670 +#: sssd.conf.5.xml:2701 msgid "Override the primary GID value with the one specified." msgstr "Замірити значення основного GID на вказане." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2676 +#: sssd.conf.5.xml:2707 msgid "case_sensitive (string)" msgstr "case_sensitive (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2684 +#: sssd.conf.5.xml:2715 msgid "True" msgstr "True" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2687 +#: sssd.conf.5.xml:2718 msgid "Case sensitive. This value is invalid for AD provider." msgstr "" "Враховується регістр. Це значення є некоректним для засобу надання даних AD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2693 +#: sssd.conf.5.xml:2724 msgid "False" msgstr "False" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2695 +#: sssd.conf.5.xml:2726 msgid "Case insensitive." msgstr "Без врахування регістру." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2699 +#: sssd.conf.5.xml:2730 msgid "Preserving" msgstr "Preserving" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2702 +#: sssd.conf.5.xml:2733 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " @@ -3945,7 +4006,7 @@ msgstr "" "буде переведено у нижній регістр." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2679 +#: sssd.conf.5.xml:2710 msgid "" "Treat user and group names as case sensitive. At the moment, this option is " "not supported in the local provider. Possible option values are: " @@ -3956,17 +4017,17 @@ msgstr "" "значення параметра: <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2714 +#: sssd.conf.5.xml:2745 msgid "Default: True (False for AD provider)" msgstr "Типове значення: True (False для засобу надання даних AD)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2720 +#: sssd.conf.5.xml:2751 msgid "subdomain_inherit (string)" msgstr "subdomain_inherit (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2723 +#: sssd.conf.5.xml:2754 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " @@ -3978,27 +4039,27 @@ msgstr "" "параметрів:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2729 +#: sssd.conf.5.xml:2760 msgid "ignore_group_members" msgstr "ignore_group_members" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2732 +#: sssd.conf.5.xml:2763 msgid "ldap_purge_cache_timeout" msgstr "ldap_purge_cache_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2735 sssd-ldap.5.xml:1111 +#: sssd.conf.5.xml:2766 sssd-ldap.5.xml:1120 msgid "ldap_use_tokengroups" msgstr "ldap_use_tokengroups" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2738 +#: sssd.conf.5.xml:2769 msgid "ldap_user_principal" msgstr "ldap_user_principal" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2741 +#: sssd.conf.5.xml:2772 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" @@ -4007,7 +4068,7 @@ msgstr "" "ldap_krb5_keytab не встановлено явним чином)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:2747 +#: sssd.conf.5.xml:2778 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" @@ -4017,33 +4078,33 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2745 sssd-secrets.5.xml:448 +#: sssd.conf.5.xml:2776 sssd-secrets.5.xml:448 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "Приклад: <placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2754 +#: sssd.conf.5.xml:2785 msgid "Note: This option only works with the IPA and AD provider." msgstr "" "Зауваження: цей параметр працює лише для засобів надання даних IPA і AD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2761 +#: sssd.conf.5.xml:2792 msgid "subdomain_homedir (string)" msgstr "subdomain_homedir (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2772 +#: sssd.conf.5.xml:2803 msgid "%F" msgstr "%F" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2773 +#: sssd.conf.5.xml:2804 msgid "flat (NetBIOS) name of a subdomain." msgstr "спрощена (NetBIOS) назва піддомену." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2764 +#: sssd.conf.5.xml:2795 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -4058,7 +4119,7 @@ msgstr "" "emphasis>. <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2778 +#: sssd.conf.5.xml:2809 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" @@ -4066,17 +4127,17 @@ msgstr "" "emphasis>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2782 +#: sssd.conf.5.xml:2813 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "Типове значення: <filename>/home/%d/%u</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2787 +#: sssd.conf.5.xml:2818 msgid "realmd_tags (string)" msgstr "realmd_tags (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2790 +#: sssd.conf.5.xml:2821 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" @@ -4084,12 +4145,12 @@ msgstr "" "домену." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2796 +#: sssd.conf.5.xml:2827 msgid "cached_auth_timeout (int)" msgstr "cached_auth_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2799 +#: sssd.conf.5.xml:2830 msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " @@ -4100,12 +4161,12 @@ msgstr "" "реєстраційних даних, доки SSSD перебуває у режимі «у мережі»." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2805 +#: sssd.conf.5.xml:2836 msgid "Special value 0 implies that this feature is disabled." msgstr "Спеціальне значення 0 означає, що цю можливість вимкнено." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2809 +#: sssd.conf.5.xml:2840 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " @@ -4115,8 +4176,46 @@ msgstr "" "значення за <quote>pam_id_timeout</quote>, модуль може бути викликано для " "обробки <quote>initgroups</quote>." +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2851 +#, fuzzy +#| msgid "ldap_user_primary_group (string)" +msgid "auto_private_groups (string)" +msgstr "ldap_user_primary_group (рядок)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2854 +msgid "" +"If this option is enabled, SSSD will automatically create user private " +"groups based on user's UID number. The GID number is ignored in this case." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2859 +msgid "" +"For POSIX subdomains, setting the option in the main domain is inherited in " +"the subdomain." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2863 +msgid "" +"For ID-mapping subdomains, auto_private_groups is already enabled for the " +"subdomains and setting it to false will not have any effect for the " +"subdomain." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2868 +msgid "" +"NOTE: Because the GID number and the user private group are inferred from " +"the UID number, it is not supported to have multiple entries with the same " +"UID or GID number with this option. In other words, enabling this option " +"enforces uniqueness across the ID space." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1670 +#: sssd.conf.5.xml:1677 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -4127,17 +4226,17 @@ msgstr "" "quote> <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2827 +#: sssd.conf.5.xml:2887 msgid "proxy_pam_target (string)" msgstr "proxy_pam_target (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2830 +#: sssd.conf.5.xml:2890 msgid "The proxy target PAM proxies to." msgstr "Комп’ютер, для якого виконує проксі-сервер PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2833 +#: sssd.conf.5.xml:2893 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." @@ -4146,12 +4245,12 @@ msgstr "" "налаштуваннями pam або створити нові і тут додати назву служби." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2841 +#: sssd.conf.5.xml:2901 msgid "proxy_lib_name (string)" msgstr "proxy_lib_name (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2844 +#: sssd.conf.5.xml:2904 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -4162,12 +4261,12 @@ msgstr "" "наприклад _nss_files_getpwent." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2854 +#: sssd.conf.5.xml:2914 msgid "proxy_fast_alias (boolean)" msgstr "proxy_fast_alias (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2857 +#: sssd.conf.5.xml:2917 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -4182,12 +4281,12 @@ msgstr "" "у кеші, щоб пришвидшити надання результатів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2871 +#: sssd.conf.5.xml:2931 msgid "proxy_max_children (integer)" msgstr "proxy_max_children (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2874 +#: sssd.conf.5.xml:2934 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " @@ -4199,7 +4298,7 @@ msgstr "" "використання черги запитів." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:2823 +#: sssd.conf.5.xml:2883 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" @@ -4208,12 +4307,12 @@ msgstr "" "\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2890 +#: sssd.conf.5.xml:2950 msgid "Application domains" msgstr "Домени програм (application)" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2892 +#: sssd.conf.5.xml:2952 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> <refentrytitle>sssd-ifp</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) is appealing to " @@ -4241,7 +4340,7 @@ msgstr "" "який може успадковувати параметр з традиційного домену SSSD." #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2912 +#: sssd.conf.5.xml:2972 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " @@ -4252,17 +4351,17 @@ msgstr "" "його доменом-близнюком у POSIX має бути встановлено належним чином." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:2918 +#: sssd.conf.5.xml:2978 msgid "Application domain parameters" msgstr "Параметри доменів програм" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2920 +#: sssd.conf.5.xml:2980 msgid "inherit_from (string)" msgstr "inherit_from (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2923 +#: sssd.conf.5.xml:2983 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " @@ -4274,7 +4373,7 @@ msgstr "" "розширюють або перевизначають параметри домену-<quote>близнюка</quote>." #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2937 +#: sssd.conf.5.xml:2997 #, fuzzy #| msgid "" #| "The following example illustrates the use of an application domain. In " @@ -4297,7 +4396,7 @@ msgstr "" "у кеші і робить атрибут phone доступним через інтерфейс D-Bus." #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:2945 +#: sssd.conf.5.xml:3005 #, no-wrap msgid "" "[sssd]\n" @@ -4331,12 +4430,12 @@ msgstr "" "ldap_user_extra_attrs = phone:telephoneNumber\n" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2963 +#: sssd.conf.5.xml:3023 msgid "The local domain section" msgstr "Розділ локального домену" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2965 +#: sssd.conf.5.xml:3025 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -4347,29 +4446,29 @@ msgstr "" "використовує <replaceable>id_provider=local</replaceable>." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2972 +#: sssd.conf.5.xml:3032 msgid "default_shell (string)" msgstr "default_shell (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2975 +#: sssd.conf.5.xml:3035 msgid "The default shell for users created with SSSD userspace tools." msgstr "" "Типова оболонка для записів користувачів, створених за допомогою " "інструментів простору користувачів SSSD." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2979 +#: sssd.conf.5.xml:3039 msgid "Default: <filename>/bin/bash</filename>" msgstr "Типове значення: <filename>/bin/bash</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2984 +#: sssd.conf.5.xml:3044 msgid "base_directory (string)" msgstr "base_directory (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2987 +#: sssd.conf.5.xml:3047 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." @@ -4378,17 +4477,17 @@ msgstr "" "replaceable> і використовують отриману адресу як адресу домашнього каталогу." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2992 +#: sssd.conf.5.xml:3052 msgid "Default: <filename>/home</filename>" msgstr "Типове значення: <filename>/home</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2997 +#: sssd.conf.5.xml:3057 msgid "create_homedir (bool)" msgstr "create_homedir (булеве значення)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3000 +#: sssd.conf.5.xml:3060 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." @@ -4397,17 +4496,17 @@ msgstr "" "Може бути перевизначено з командного рядка." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3004 sssd.conf.5.xml:3016 +#: sssd.conf.5.xml:3064 sssd.conf.5.xml:3076 msgid "Default: TRUE" msgstr "Типове значення: TRUE" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3009 +#: sssd.conf.5.xml:3069 msgid "remove_homedir (bool)" msgstr "remove_homedir (булівське значення)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3012 +#: sssd.conf.5.xml:3072 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." @@ -4416,12 +4515,12 @@ msgstr "" "користувачів. Може бути перевизначено з командного рядка." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3021 +#: sssd.conf.5.xml:3081 msgid "homedir_umask (integer)" msgstr "homedir_umask (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3024 +#: sssd.conf.5.xml:3084 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -4432,17 +4531,17 @@ msgstr "" "до щойно створеного домашнього каталогу." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3032 +#: sssd.conf.5.xml:3092 msgid "Default: 077" msgstr "Типове значення: 077" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3037 +#: sssd.conf.5.xml:3097 msgid "skel_dir (string)" msgstr "skel_dir (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3040 +#: sssd.conf.5.xml:3100 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -4455,17 +4554,17 @@ msgstr "" "<manvolnum>8</manvolnum> </citerefentry>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3050 +#: sssd.conf.5.xml:3110 msgid "Default: <filename>/etc/skel</filename>" msgstr "Типове значення: <filename>/etc/skel</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3055 +#: sssd.conf.5.xml:3115 msgid "mail_dir (string)" msgstr "mail_dir (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3058 +#: sssd.conf.5.xml:3118 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -4476,17 +4575,17 @@ msgstr "" "каталог не вказано, буде використано типове значення." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3065 +#: sssd.conf.5.xml:3125 msgid "Default: <filename>/var/mail</filename>" msgstr "Типове значення: <filename>/var/mail</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3070 +#: sssd.conf.5.xml:3130 msgid "userdel_cmd (string)" msgstr "userdel_cmd (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3073 +#: sssd.conf.5.xml:3133 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -4497,17 +4596,17 @@ msgstr "" "вилучається. Код виконання, повернутий програмою не обробляється." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3079 +#: sssd.conf.5.xml:3139 msgid "Default: None, no command is run" msgstr "Типове значення: None, не виконувати жодних команд" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3089 +#: sssd.conf.5.xml:3149 msgid "TRUSTED DOMAIN SECTION" msgstr "РОЗДІЛ ДОВІРЕНИХ ДОМЕНІВ" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3091 +#: sssd.conf.5.xml:3151 #, fuzzy #| msgid "" #| "Some options used in the domain section can also be used in the trusted " @@ -4531,52 +4630,52 @@ msgstr "" "параметри:" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3098 +#: sssd.conf.5.xml:3158 msgid "ldap_search_base," msgstr "ldap_search_base," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3099 +#: sssd.conf.5.xml:3159 msgid "ldap_user_search_base," msgstr "ldap_user_search_base," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3100 +#: sssd.conf.5.xml:3160 msgid "ldap_group_search_base," msgstr "ldap_group_search_base," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3101 +#: sssd.conf.5.xml:3161 msgid "ldap_netgroup_search_base," msgstr "ldap_netgroup_search_base," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3102 +#: sssd.conf.5.xml:3162 msgid "ldap_service_search_base," msgstr "ldap_service_search_base," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3103 +#: sssd.conf.5.xml:3163 msgid "ad_server," msgstr "ad_server," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3104 +#: sssd.conf.5.xml:3164 msgid "ad_backup_server," msgstr "ad_backup_server," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3105 +#: sssd.conf.5.xml:3165 msgid "ad_site," msgstr "ad_site," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3106 +#: sssd.conf.5.xml:3166 msgid "use_fully_qualified_names" msgstr "use_fully_qualified_names" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3108 +#: sssd.conf.5.xml:3168 msgid "" "For more details about these options see their individual description in the " "manual page." @@ -4585,12 +4684,12 @@ msgstr "" "підручника." #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3114 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:3174 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "ПРИКЛАДИ" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3120 +#: sssd.conf.5.xml:3180 #, no-wrap msgid "" "[sssd]\n" @@ -4644,7 +4743,7 @@ msgstr "" "enumerate = False\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3116 +#: sssd.conf.5.xml:3176 #, fuzzy #| msgid "" #| "The following example shows a typical SSSD config. It does not describe " @@ -4662,7 +4761,7 @@ msgstr "" "щодо налаштовування доменів. <placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3153 +#: sssd.conf.5.xml:3213 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" @@ -4670,7 +4769,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3147 +#: sssd.conf.5.xml:3207 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -4733,7 +4832,7 @@ msgstr "" "більше про використання LDAP, як засобу керування доступом." #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:75 sssd-ad.5.xml:99 +#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:81 sssd-ad.5.xml:112 #: sssd-krb5.5.xml:63 sssd-ifp.5.xml:44 sssd-files.5.xml:57 #: sssd-secrets.5.xml:120 sssd-session-recording.5.xml:58 sssd-kcm.8.xml:139 msgid "CONFIGURATION OPTIONS" @@ -4854,7 +4953,7 @@ msgstr "" "специфікації http://www.ietf.org/rfc/rfc2254.txt" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:662 sssd-ad.5.xml:270 +#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:662 sssd-ad.5.xml:283 #: sss_override.8.xml:137 sss_override.8.xml:234 msgid "Examples:" msgstr "Приклади:" @@ -5083,7 +5182,7 @@ msgid "The LDAP attribute that corresponds to the user's primary group id." msgstr "Атрибут LDAP, що відповідає ідентифікатору основної групи користувача." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:297 sssd-ldap.5.xml:920 +#: sssd-ldap.5.xml:297 sssd-ldap.5.xml:929 msgid "Default: gidNumber" msgstr "Типове значення: gidNumber" @@ -5166,7 +5265,7 @@ msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." msgstr "Атрибут LDAP, що містить UUID/GUID об’єкта користувача LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:364 sssd-ldap.5.xml:946 +#: sssd-ldap.5.xml:364 sssd-ldap.5.xml:955 msgid "" "Default: not set in the general case, objectGUID for AD and ipaUniqueID for " "IPA" @@ -5189,7 +5288,7 @@ msgstr "" "потрібен лише для серверів ActiveDirectory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:379 sssd-ldap.5.xml:961 +#: sssd-ldap.5.xml:379 sssd-ldap.5.xml:970 msgid "Default: objectSid for ActiveDirectory, not set for other servers." msgstr "" "Типове значення: objectSid для ActiveDirectory, не встановлено для інших " @@ -5201,7 +5300,7 @@ msgid "ldap_user_modify_timestamp (string)" msgstr "ldap_user_modify_timestamp (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:389 sssd-ldap.5.xml:971 sssd-ldap.5.xml:1194 +#: sssd-ldap.5.xml:389 sssd-ldap.5.xml:980 sssd-ldap.5.xml:1203 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." @@ -5210,7 +5309,7 @@ msgstr "" "об’єкта." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:393 sssd-ldap.5.xml:975 sssd-ldap.5.xml:1201 +#: sssd-ldap.5.xml:393 sssd-ldap.5.xml:984 sssd-ldap.5.xml:1210 msgid "Default: modifyTimestamp" msgstr "Типове значення: modifyTimestamp" @@ -5599,7 +5698,7 @@ msgid "The LDAP attribute that contains the user's SSH public keys." msgstr "Атрибут LDAP, який містить відкриті ключі SSH користувача." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:692 +#: sssd-ldap.5.xml:692 sssd-ldap.5.xml:1306 msgid "Default: sshPublicKey" msgstr "Типове значення: sshPublicKey" @@ -5677,8 +5776,8 @@ msgid "The LDAP attribute that corresponds to the user's full name." msgstr "Атрибут LDAP, що відповідає повному імені користувача." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:759 sssd-ldap.5.xml:1152 sssd-ldap.5.xml:1226 -#: sssd-ldap.5.xml:2276 sssd-ipa.5.xml:588 +#: sssd-ldap.5.xml:759 sssd-ldap.5.xml:1161 sssd-ldap.5.xml:1235 +#: sssd-ldap.5.xml:1344 sssd-ldap.5.xml:2394 sssd-ipa.5.xml:607 msgid "Default: cn" msgstr "Типове значення: cn" @@ -5693,7 +5792,7 @@ msgid "The LDAP attribute that lists the user's group memberships." msgstr "Атрибут LDAP зі списком груп, у яких бере участь користувач." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:772 +#: sssd-ldap.5.xml:772 sssd-ldap.5.xml:1274 msgid "Default: memberOf" msgstr "Типове значення: memberOf" @@ -5868,81 +5967,91 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:881 +msgid "" +"Note: If an email address of a user conflicts with an email address or fully " +"qualified name of another user, then SSSD will not be able to serve those " +"users properly. If for some reason several users need to share the same " +"email address then set this option to a nonexistent attribute name in order " +"to disable user lookup/login by email." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:890 msgid "Default: mail" msgstr "Типове значення: mail" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:887 +#: sssd-ldap.5.xml:896 msgid "ldap_group_object_class (string)" msgstr "ldap_group_object_class (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:890 +#: sssd-ldap.5.xml:899 msgid "The object class of a group entry in LDAP." msgstr "Клас об’єктів запису групи у LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:893 +#: sssd-ldap.5.xml:902 msgid "Default: posixGroup" msgstr "Типове значення: posixGroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:899 +#: sssd-ldap.5.xml:908 msgid "ldap_group_name (string)" msgstr "ldap_group_name (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:902 +#: sssd-ldap.5.xml:911 msgid "The LDAP attribute that corresponds to the group name." msgstr "Атрибут LDAP, що відповідає назві групи." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:906 +#: sssd-ldap.5.xml:915 msgid "Default: cn (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "Типове значення: cn (rfc2307, rfc2307bis і IPA), sAMAccountName (AD)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:913 +#: sssd-ldap.5.xml:922 msgid "ldap_group_gid_number (string)" msgstr "ldap_group_gid_number (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:916 +#: sssd-ldap.5.xml:925 msgid "The LDAP attribute that corresponds to the group's id." msgstr "Атрибут LDAP, що відповідає ідентифікатору групи." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:926 +#: sssd-ldap.5.xml:935 msgid "ldap_group_member (string)" msgstr "ldap_group_member (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:929 +#: sssd-ldap.5.xml:938 msgid "The LDAP attribute that contains the names of the group's members." msgstr "Атрибут LDAP, у якому містяться імена учасників групи." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:933 +#: sssd-ldap.5.xml:942 msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" msgstr "Типове значення: memberuid (rfc2307) / member (rfc2307bis)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:939 +#: sssd-ldap.5.xml:948 msgid "ldap_group_uuid (string)" msgstr "ldap_group_uuid (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:942 +#: sssd-ldap.5.xml:951 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." msgstr "Атрибут LDAP, що містить UUID/GUID об’єкта групи LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:953 +#: sssd-ldap.5.xml:962 msgid "ldap_group_objectsid (string)" msgstr "ldap_group_objectsid (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:956 +#: sssd-ldap.5.xml:965 msgid "" "The LDAP attribute that contains the objectSID of an LDAP group object. This " "is usually only necessary for ActiveDirectory servers." @@ -5951,17 +6060,17 @@ msgstr "" "лише для серверів ActiveDirectory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:968 +#: sssd-ldap.5.xml:977 msgid "ldap_group_modify_timestamp (string)" msgstr "ldap_group_modify_timestamp (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:981 +#: sssd-ldap.5.xml:990 msgid "ldap_group_type (integer)" msgstr "ldap_group_type (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:984 +#: sssd-ldap.5.xml:993 msgid "" "The LDAP attribute that contains an integer value indicating the type of the " "group and maybe other flags." @@ -5970,7 +6079,7 @@ msgstr "" "можливо, інші прапорці." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:989 +#: sssd-ldap.5.xml:998 msgid "" "This attribute is currently only used by the AD provider to determine if a " "group is a domain local groups and has to be filtered out for trusted " @@ -5981,19 +6090,19 @@ msgstr "" "відфільтровано у списку надійних (довірених) доменів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:995 +#: sssd-ldap.5.xml:1004 msgid "Default: groupType in the AD provider, otherwise not set" msgstr "" "Типове значення: groupType у засобі надання даних AD, у інших засобах не " "встановлено" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1002 +#: sssd-ldap.5.xml:1011 msgid "ldap_group_external_member (string)" msgstr "ldap_group_external_member (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1005 +#: sssd-ldap.5.xml:1014 msgid "" "The LDAP attribute that references group members that are defined in an " "external domain. At the moment, only IPA's external members are supported." @@ -6003,19 +6112,19 @@ msgstr "" "записів учасників IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1011 +#: sssd-ldap.5.xml:1020 msgid "Default: ipaExternalMember in the IPA provider, otherwise unset." msgstr "" "Типове значення: ipaExternalMember у засобі надання даних IPA, у інших " "засобах не визначено." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1018 +#: sssd-ldap.5.xml:1027 msgid "ldap_group_nesting_level (integer)" msgstr "ldap_group_nesting_level (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1021 +#: sssd-ldap.5.xml:1030 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -6027,7 +6136,7 @@ msgstr "" "параметра буде проігноровано, якщо використано схему RFC2307." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1028 +#: sssd-ldap.5.xml:1037 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -6043,7 +6152,7 @@ msgstr "" "початкового пошуку, якщо запити щодо пошуку надходять повторно." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1037 +#: sssd-ldap.5.xml:1046 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " @@ -6059,17 +6168,17 @@ msgstr "" "обмеження вкладеності у групах." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1046 +#: sssd-ldap.5.xml:1055 msgid "Default: 2" msgstr "Типове значення: 2" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1052 +#: sssd-ldap.5.xml:1061 msgid "ldap_groups_use_matching_rule_in_chain" msgstr "ldap_groups_use_matching_rule_in_chain" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1055 +#: sssd-ldap.5.xml:1064 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which may speed up group lookup operations on deployments with " @@ -6081,7 +6190,7 @@ msgstr "" "високим рівнем вкладеності." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1061 +#: sssd-ldap.5.xml:1070 msgid "" "In most common cases, it is best to leave this option disabled. It generally " "only provides a performance increase on very complex nestings." @@ -6090,7 +6199,7 @@ msgstr "" "можна буде спостерігати лише у дуже складних випадках вкладеності груп." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1066 sssd-ldap.5.xml:1093 +#: sssd-ldap.5.xml:1075 sssd-ldap.5.xml:1102 msgid "" "If this option is enabled, SSSD will use it if it detects that the server " "supports it during initial connection. So \"True\" here essentially means " @@ -6101,7 +6210,7 @@ msgstr "" "можливості. Отже, насправді значення «True» означає «визначити автоматично»." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1072 sssd-ldap.5.xml:1099 +#: sssd-ldap.5.xml:1081 sssd-ldap.5.xml:1108 msgid "" "Note: This feature is currently known to work only with Active Directory " "2008 R1 and later. See <ulink url=\"http://msdn.microsoft.com/en-us/library/" @@ -6114,12 +6223,12 @@ msgstr "" "windows/desktop/aa746475%28v=vs.85%29.aspx\">документації MSDN(TM)</ulink>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1084 +#: sssd-ldap.5.xml:1093 msgid "ldap_initgroups_use_matching_rule_in_chain" msgstr "ldap_initgroups_use_matching_rule_in_chain" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1087 +#: sssd-ldap.5.xml:1096 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which might speed up initgroups operations (most notably when " @@ -6132,7 +6241,7 @@ msgstr "" "вкладеності." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1114 +#: sssd-ldap.5.xml:1123 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." @@ -6142,115 +6251,251 @@ msgstr "" "Directory Server 2008 та новіших версій." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1119 +#: sssd-ldap.5.xml:1128 msgid "Default: True for AD and IPA otherwise False." msgstr "Типове значення: True для AD і IPA, інакше False." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1125 +#: sssd-ldap.5.xml:1134 msgid "ldap_netgroup_object_class (string)" msgstr "ldap_netgroup_object_class (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1128 +#: sssd-ldap.5.xml:1137 msgid "The object class of a netgroup entry in LDAP." msgstr "Клас об’єктів запису мережевої групи (netgroup) у LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1131 +#: sssd-ldap.5.xml:1140 msgid "In IPA provider, ipa_netgroup_object_class should be used instead." msgstr "У надавачі даних IPA має бути використано ipa_netgroup_object_class." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1135 +#: sssd-ldap.5.xml:1144 msgid "Default: nisNetgroup" msgstr "Типове значення: nisNetgroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1141 +#: sssd-ldap.5.xml:1150 msgid "ldap_netgroup_name (string)" msgstr "ldap_netgroup_name (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1144 +#: sssd-ldap.5.xml:1153 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "Атрибут LDAP, що відповідає назві мережевої групи (netgroup)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1148 +#: sssd-ldap.5.xml:1157 msgid "In IPA provider, ipa_netgroup_name should be used instead." msgstr "У надавачі даних IPA має бути використано ipa_netgroup_name." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1158 +#: sssd-ldap.5.xml:1167 msgid "ldap_netgroup_member (string)" msgstr "ldap_netgroup_member (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1161 +#: sssd-ldap.5.xml:1170 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "" "Атрибут LDAP, у якому містяться імена учасників мережевої групи (netgroup)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1165 +#: sssd-ldap.5.xml:1174 msgid "In IPA provider, ipa_netgroup_member should be used instead." msgstr "У надавачі даних IPA має бути використано ipa_netgroup_member." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1169 +#: sssd-ldap.5.xml:1178 msgid "Default: memberNisNetgroup" msgstr "Типове значення: memberNisNetgroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1175 +#: sssd-ldap.5.xml:1184 msgid "ldap_netgroup_triple (string)" msgstr "ldap_netgroup_triple (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1178 +#: sssd-ldap.5.xml:1187 msgid "" "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" "Атрибут LDAP, що містить трійки мережевої групи (вузол, користувач, домен)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1182 sssd-ldap.5.xml:1198 +#: sssd-ldap.5.xml:1191 sssd-ldap.5.xml:1207 msgid "This option is not available in IPA provider." msgstr "Цим параметром не можна скористатися у надавачі даних IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1185 +#: sssd-ldap.5.xml:1194 msgid "Default: nisNetgroupTriple" msgstr "Типове значення: nisNetgroupTriple" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1191 +#: sssd-ldap.5.xml:1200 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "ldap_netgroup_modify_timestamp (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1207 -msgid "ldap_service_object_class (string)" -msgstr "ldap_service_object_class (рядок)" +#: sssd-ldap.5.xml:1216 +#, fuzzy +#| msgid "ldap_user_object_class (string)" +msgid "ldap_host_object_class (string)" +msgstr "ldap_user_object_class (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1210 -msgid "The object class of a service entry in LDAP." -msgstr "Клас об’єктів запису служби у LDAP." +#: sssd-ldap.5.xml:1219 +#, fuzzy +#| msgid "The object class of a user entry in LDAP." +msgid "The object class of a host entry in LDAP." +msgstr "Клас об’єктів запису користувача у LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1213 +#: sssd-ldap.5.xml:1222 sssd-ldap.5.xml:1331 msgid "Default: ipService" msgstr "Типове значення: ipService" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1219 +#: sssd-ldap.5.xml:1228 +#, fuzzy +#| msgid "ad_hostname (string)" +msgid "ldap_host_name (string)" +msgstr "ad_hostname (рядок)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1231 sssd-ldap.5.xml:1257 +#, fuzzy +#| msgid "The LDAP attribute that corresponds to the group name." +msgid "The LDAP attribute that corresponds to the host's name." +msgstr "Атрибут LDAP, що відповідає назві групи." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1241 +#, fuzzy +#| msgid "ldap_pwdlockout_dn (string)" +msgid "ldap_host_fqdn (string)" +msgstr "ldap_pwdlockout_dn (рядок)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1244 +#, fuzzy +#| msgid "The LDAP attribute that corresponds to the user's full name." +msgid "" +"The LDAP attribute that corresponds to the host's fully-qualified domain " +"name." +msgstr "Атрибут LDAP, що відповідає повному імені користувача." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1248 +#, fuzzy +#| msgid "Default: deny" +msgid "Default: fqdn" +msgstr "Типове значення: deny" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1254 +#, fuzzy +#| msgid "ldap_dns_service_name (string)" +msgid "ldap_host_serverhostname (string)" +msgstr "ldap_dns_service_name (рядок)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1261 +#, fuzzy +#| msgid "Default: sudoHost" +msgid "Default: serverHostname" +msgstr "Типове значення: sudoHost" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1267 +#, fuzzy +#| msgid "ldap_user_member_of (string)" +msgid "ldap_host_member_of (string)" +msgstr "ldap_user_member_of (рядок)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1270 +#, fuzzy +#| msgid "The LDAP attribute that lists the user's group memberships." +msgid "The LDAP attribute that lists the host's group memberships." +msgstr "Атрибут LDAP зі списком груп, у яких бере участь користувач." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1280 +#, fuzzy +#| msgid "ipa_host_search_base (string)" +msgid "ldap_host_search_base (string)" +msgstr "ipa_host_search_base (рядок)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1283 +msgid "Optional. Use the given string as search base for host objects." +msgstr "" +"Необов’язковий. Використати вказаний рядок як основу пошуку об’єктів вузлів." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1287 sssd-ipa.5.xml:359 sssd-ipa.5.xml:378 +#: sssd-ipa.5.xml:397 sssd-ipa.5.xml:416 +msgid "" +"See <quote>ldap_search_base</quote> for information about configuring " +"multiple search bases." +msgstr "" +"Ознайомтеся з розділом щодо «ldap_search_base», щоб дізнатися більше про " +"налаштування декількох основ пошуку." + +#. type: Content of: <listitem><para> +#: sssd-ldap.5.xml:1292 sssd-ipa.5.xml:364 include/ldap_search_bases.xml:27 +msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" +msgstr "Типове значення: значення <emphasis>ldap_search_base</emphasis>" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1299 +#, fuzzy +#| msgid "ldap_user_ssh_public_key (string)" +msgid "ldap_host_ssh_public_key (string)" +msgstr "ldap_user_ssh_public_key (рядок)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1302 +#, fuzzy +#| msgid "The LDAP attribute that contains the user's SSH public keys." +msgid "The LDAP attribute that contains the host's SSH public keys." +msgstr "Атрибут LDAP, який містить відкриті ключі SSH користувача." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1312 +#, fuzzy +#| msgid "ldap_user_uuid (string)" +msgid "ldap_host_uuid (string)" +msgstr "ldap_user_uuid (рядок)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1315 +#, fuzzy +#| msgid "" +#| "The LDAP attribute that contains the UUID/GUID of an LDAP user object." +msgid "The LDAP attribute that contains the UUID/GUID of an LDAP host object." +msgstr "Атрибут LDAP, що містить UUID/GUID об’єкта користувача LDAP." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1325 +msgid "ldap_service_object_class (string)" +msgstr "ldap_service_object_class (рядок)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1328 +msgid "The object class of a service entry in LDAP." +msgstr "Клас об’єктів запису служби у LDAP." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1337 msgid "ldap_service_name (string)" msgstr "ldap_service_name (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1222 +#: sssd-ldap.5.xml:1340 msgid "" "The LDAP attribute that contains the name of service attributes and their " "aliases." @@ -6258,48 +6503,48 @@ msgstr "" "Атрибут LDAP, що містить назву атрибутів служби та замінників цих атрибутів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1232 +#: sssd-ldap.5.xml:1350 msgid "ldap_service_port (string)" msgstr "ldap_service_port (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1235 +#: sssd-ldap.5.xml:1353 msgid "The LDAP attribute that contains the port managed by this service." msgstr "Атрибут LDAP, що містить номер порту, яким керує ця служба." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1239 +#: sssd-ldap.5.xml:1357 msgid "Default: ipServicePort" msgstr "Типове значення: ipServicePort" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1245 +#: sssd-ldap.5.xml:1363 msgid "ldap_service_proto (string)" msgstr "ldap_service_proto (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1248 +#: sssd-ldap.5.xml:1366 msgid "" "The LDAP attribute that contains the protocols understood by this service." msgstr "Атрибут LDAP, що містить протоколи, за яким може працювати ця служба." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1252 +#: sssd-ldap.5.xml:1370 msgid "Default: ipServiceProtocol" msgstr "Типове значення: ipServiceProtocol" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1258 +#: sssd-ldap.5.xml:1376 msgid "ldap_service_search_base (string)" msgstr "ldap_service_search_base (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1263 +#: sssd-ldap.5.xml:1381 msgid "ldap_search_timeout (integer)" msgstr "ldap_search_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1266 +#: sssd-ldap.5.xml:1384 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -6310,7 +6555,7 @@ msgstr "" "автономного режиму роботи)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1272 +#: sssd-ldap.5.xml:1390 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -6321,12 +6566,12 @@ msgstr "" "окремих типів пошуків." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1284 +#: sssd-ldap.5.xml:1402 msgid "ldap_enumeration_search_timeout (integer)" msgstr "ldap_enumeration_search_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1287 +#: sssd-ldap.5.xml:1405 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -6337,12 +6582,12 @@ msgstr "" "кешованих даних (і переходом до автономного режиму роботи)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1300 +#: sssd-ldap.5.xml:1418 msgid "ldap_network_timeout (integer)" msgstr "ldap_network_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1303 +#: sssd-ldap.5.xml:1421 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -6359,12 +6604,12 @@ msgstr "" "citerefentry> повертається до стану бездіяльності." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1326 +#: sssd-ldap.5.xml:1444 msgid "ldap_opt_timeout (integer)" msgstr "ldap_opt_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1329 +#: sssd-ldap.5.xml:1447 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -6378,12 +6623,12 @@ msgstr "" "розширеної операції зі зміни пароля та дії StartTLS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1344 +#: sssd-ldap.5.xml:1462 msgid "ldap_connection_expire_timeout (integer)" msgstr "ldap_connection_expire_timeout (ціле значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1347 +#: sssd-ldap.5.xml:1465 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -6397,17 +6642,17 @@ msgstr "" "дії TGT)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1355 sssd-ldap.5.xml:2433 +#: sssd-ldap.5.xml:1473 sssd-ldap.5.xml:2551 msgid "Default: 900 (15 minutes)" msgstr "Типове значення: 900 (15 хвилин)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1361 +#: sssd-ldap.5.xml:1479 msgid "ldap_page_size (integer)" msgstr "ldap_page_size (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1364 +#: sssd-ldap.5.xml:1482 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." @@ -6417,17 +6662,17 @@ msgstr "" "один запит." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1369 +#: sssd-ldap.5.xml:1487 msgid "Default: 1000" msgstr "Типове значення: 1000" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1375 +#: sssd-ldap.5.xml:1493 msgid "ldap_disable_paging (boolean)" msgstr "ldap_disable_paging (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1378 +#: sssd-ldap.5.xml:1496 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -6438,7 +6683,7 @@ msgstr "" "RootDSE, але цю підтримку не увімкнено або вона не працює належним чином." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1384 +#: sssd-ldap.5.xml:1502 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." @@ -6448,7 +6693,7 @@ msgstr "" "підтримкою не можна скористатися." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1390 +#: sssd-ldap.5.xml:1508 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -6459,17 +6704,17 @@ msgstr "" "це може призвести до відмови у виконанні запитів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1402 +#: sssd-ldap.5.xml:1520 msgid "ldap_disable_range_retrieval (boolean)" msgstr "ldap_disable_range_retrieval (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1405 +#: sssd-ldap.5.xml:1523 msgid "Disable Active Directory range retrieval." msgstr "Вимкнути отримання діапазону Active Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1408 +#: sssd-ldap.5.xml:1526 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -6485,12 +6730,12 @@ msgstr "" "буде представлено як такі, у яких немає учасників." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1423 +#: sssd-ldap.5.xml:1541 msgid "ldap_sasl_minssf (integer)" msgstr "ldap_sasl_minssf (ціле значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1426 +#: sssd-ldap.5.xml:1544 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -6501,19 +6746,19 @@ msgstr "" "параметра визначається OpenLDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1432 +#: sssd-ldap.5.xml:1550 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" "Типове значення: типове для системи значення (зазвичай, визначається у ldap." "conf)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1439 +#: sssd-ldap.5.xml:1557 msgid "ldap_deref_threshold (integer)" msgstr "ldap_deref_threshold (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1442 +#: sssd-ldap.5.xml:1560 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -6525,7 +6770,7 @@ msgstr "" "виконуватиметься окремо." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1448 +#: sssd-ldap.5.xml:1566 msgid "" "You can turn off dereference lookups completely by setting the value to 0." msgstr "" @@ -6533,7 +6778,7 @@ msgstr "" "(розіменуванням), якщо вкажете значення 0." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1452 +#: sssd-ldap.5.xml:1570 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -6546,7 +6791,7 @@ msgstr "" "OpenLDAP та Active Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1460 +#: sssd-ldap.5.xml:1578 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -6557,12 +6802,12 @@ msgstr "" "незалежно від використання цього параметра." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1473 +#: sssd-ldap.5.xml:1591 msgid "ldap_tls_reqcert (string)" msgstr "ldap_tls_reqcert (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1476 +#: sssd-ldap.5.xml:1594 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" @@ -6572,7 +6817,7 @@ msgstr "" "таких значень:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1482 +#: sssd-ldap.5.xml:1600 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." @@ -6581,7 +6826,7 @@ msgstr "" "жодних сертифікатів сервера." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1486 +#: sssd-ldap.5.xml:1604 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -6593,7 +6838,7 @@ msgstr "" "режимі." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1493 +#: sssd-ldap.5.xml:1611 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -6604,7 +6849,7 @@ msgstr "" "надано помилковий сертифікат, негайно перервати сеанс." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1499 +#: sssd-ldap.5.xml:1617 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -6615,22 +6860,22 @@ msgstr "" "перервати сеанс." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1505 +#: sssd-ldap.5.xml:1623 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "<emphasis>hard</emphasis> = те саме, що і <quote>demand</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1509 +#: sssd-ldap.5.xml:1627 msgid "Default: hard" msgstr "Типове значення: hard" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1515 +#: sssd-ldap.5.xml:1633 msgid "ldap_tls_cacert (string)" msgstr "ldap_tls_cacert (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1518 +#: sssd-ldap.5.xml:1636 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." @@ -6639,7 +6884,7 @@ msgstr "" "розпізнаються <command>sssd</command>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1523 sssd-ldap.5.xml:1541 sssd-ldap.5.xml:1582 +#: sssd-ldap.5.xml:1641 sssd-ldap.5.xml:1659 sssd-ldap.5.xml:1700 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" @@ -6648,12 +6893,12 @@ msgstr "" "у <filename>/etc/openldap/ldap.conf</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1530 +#: sssd-ldap.5.xml:1648 msgid "ldap_tls_cacertdir (string)" msgstr "ldap_tls_cacertdir (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1533 +#: sssd-ldap.5.xml:1651 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -6666,32 +6911,32 @@ msgstr "" "<command>cacertdir_rehash</command>, якщо ця програма є доступною." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1548 +#: sssd-ldap.5.xml:1666 msgid "ldap_tls_cert (string)" msgstr "ldap_tls_cert (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1551 +#: sssd-ldap.5.xml:1669 msgid "Specifies the file that contains the certificate for the client's key." msgstr "Визначає файл, який містить сертифікат для ключа клієнта." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1561 +#: sssd-ldap.5.xml:1679 msgid "ldap_tls_key (string)" msgstr "ldap_tls_key (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1564 +#: sssd-ldap.5.xml:1682 msgid "Specifies the file that contains the client's key." msgstr "Визначає файл, у якому міститься ключ клієнта." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1573 +#: sssd-ldap.5.xml:1691 msgid "ldap_tls_cipher_suite (string)" msgstr "ldap_tls_cipher_suite (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1576 +#: sssd-ldap.5.xml:1694 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -6703,12 +6948,12 @@ msgstr "" "<manvolnum>5</manvolnum></citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1589 +#: sssd-ldap.5.xml:1707 msgid "ldap_id_use_start_tls (boolean)" msgstr "ldap_id_use_start_tls (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1592 +#: sssd-ldap.5.xml:1710 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." @@ -6717,12 +6962,12 @@ msgstr "" "class=\"protocol\">tls</systemitem> для захисту каналу." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1602 +#: sssd-ldap.5.xml:1720 msgid "ldap_id_mapping (boolean)" msgstr "ldap_id_mapping (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1605 +#: sssd-ldap.5.xml:1723 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -6734,19 +6979,19 @@ msgstr "" "ldap_group_gid_number." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1611 +#: sssd-ldap.5.xml:1729 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" "У поточній версії у цій можливості передбачено підтримку лише встановлення " "відповідності objectSID у ActiveDirectory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1621 +#: sssd-ldap.5.xml:1739 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "ldap_min_id, ldap_max_id (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1624 +#: sssd-ldap.5.xml:1742 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -6766,18 +7011,18 @@ msgstr "" "ідентифікаторів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1636 +#: sssd-ldap.5.xml:1754 msgid "Default: not set (both options are set to 0)" msgstr "" "Типове значення: не встановлено (обидва параметри встановлено у значення 0)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1642 +#: sssd-ldap.5.xml:1760 msgid "ldap_sasl_mech (string)" msgstr "ldap_sasl_mech (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1645 +#: sssd-ldap.5.xml:1763 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI is tested and " "supported." @@ -6786,12 +7031,12 @@ msgstr "" "перевірено і підтримується лише механізм GSSAPI." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1655 +#: sssd-ldap.5.xml:1773 msgid "ldap_sasl_authid (string)" msgstr "ldap_sasl_authid (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1658 +#: sssd-ldap.5.xml:1776 msgid "" "Specify the SASL authorization id to use. When GSSAPI is used, this " "represents the Kerberos principal used for authentication to the directory. " @@ -6806,17 +7051,17 @@ msgstr "" "myhost)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1666 +#: sssd-ldap.5.xml:1784 msgid "Default: host/hostname@REALM" msgstr "Типове значення: вузол/назва_вузла@ОБЛАСТЬ" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1672 +#: sssd-ldap.5.xml:1790 msgid "ldap_sasl_realm (string)" msgstr "ldap_sasl_realm (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1675 +#: sssd-ldap.5.xml:1793 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -6828,17 +7073,17 @@ msgstr "" "проігноровано." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1681 +#: sssd-ldap.5.xml:1799 msgid "Default: the value of krb5_realm." msgstr "Типове значення: значення krb5_realm." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1687 +#: sssd-ldap.5.xml:1805 msgid "ldap_sasl_canonicalize (boolean)" msgstr "ldap_sasl_canonicalize (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1690 +#: sssd-ldap.5.xml:1808 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." @@ -6848,34 +7093,34 @@ msgstr "" "SASL." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1695 +#: sssd-ldap.5.xml:1813 msgid "Default: false;" msgstr "Типове значення: false;" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1701 +#: sssd-ldap.5.xml:1819 msgid "ldap_krb5_keytab (string)" msgstr "ldap_krb5_keytab (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1704 +#: sssd-ldap.5.xml:1822 msgid "Specify the keytab to use when using SASL/GSSAPI." msgstr "Визначає таблицю ключів, яку слід використовувати разом з SASL/GSSAPI." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1707 +#: sssd-ldap.5.xml:1825 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" "Типове значення: системна таблиця ключів, зазвичай <filename>/etc/krb5." "keytab</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1713 +#: sssd-ldap.5.xml:1831 msgid "ldap_krb5_init_creds (boolean)" msgstr "ldap_krb5_init_creds (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1716 +#: sssd-ldap.5.xml:1834 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -6886,27 +7131,27 @@ msgstr "" "механізм GSSAPI." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1728 +#: sssd-ldap.5.xml:1846 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "ldap_krb5_ticket_lifetime (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1731 +#: sssd-ldap.5.xml:1849 msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." msgstr "Визначає строк дії (у секундах) TGT, якщо використовується GSSAPI." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1735 sssd-ad.5.xml:914 +#: sssd-ldap.5.xml:1853 sssd-ad.5.xml:934 msgid "Default: 86400 (24 hours)" msgstr "Типове значення: 86400 (24 години)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1741 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1859 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "krb5_server, krb5_backup_server (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1744 +#: sssd-ldap.5.xml:1862 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -6925,7 +7170,7 @@ msgstr "" "про виявлення служб можна дізнатися з розділу «ПОШУК СЛУЖБ»." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1756 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1874 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -6937,7 +7182,7 @@ msgstr "" "вдасться знайти." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1761 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1879 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -6948,29 +7193,29 @@ msgstr "" "варто перейти на використання «krb5_server» у файлах налаштувань." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1770 sssd-ipa.5.xml:432 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1888 sssd-ipa.5.xml:428 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "krb5_realm (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1773 +#: sssd-ldap.5.xml:1891 msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." msgstr "Вказати область Kerberos (для розпізнавання за SASL/GSSAPI)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1776 +#: sssd-ldap.5.xml:1894 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" "Типове значення: типове значення системи, див. <filename>/etc/krb5.conf</" "filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1782 sssd-krb5.5.xml:462 +#: sssd-ldap.5.xml:1900 sssd-krb5.5.xml:462 msgid "krb5_canonicalize (boolean)" msgstr "krb5_canonicalize (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1785 +#: sssd-ldap.5.xml:1903 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" @@ -6980,12 +7225,12 @@ msgstr "" "версії MIT Kerberos >= 1.7" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1797 sssd-krb5.5.xml:477 +#: sssd-ldap.5.xml:1915 sssd-krb5.5.xml:477 msgid "krb5_use_kdcinfo (boolean)" msgstr "krb5_use_kdcinfo (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1800 sssd-krb5.5.xml:480 +#: sssd-ldap.5.xml:1918 sssd-krb5.5.xml:480 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -7000,7 +7245,7 @@ msgstr "" "<manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1811 sssd-krb5.5.xml:491 +#: sssd-ldap.5.xml:1929 sssd-krb5.5.xml:491 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -7011,12 +7256,12 @@ msgstr "" "manvolnum> </citerefentry>, щоб дізнатися більше про додаток пошуку." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1825 +#: sssd-ldap.5.xml:1943 msgid "ldap_pwd_policy (string)" msgstr "ldap_pwd_policy (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1828 +#: sssd-ldap.5.xml:1946 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" @@ -7025,7 +7270,7 @@ msgstr "" "використовувати такі значення:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1833 +#: sssd-ldap.5.xml:1951 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." @@ -7034,7 +7279,7 @@ msgstr "" "разі використання цього варіанта перевірку на боці сервера вимкнено не буде." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1838 +#: sssd-ldap.5.xml:1956 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -7045,7 +7290,7 @@ msgstr "" "manvolnum></citerefentry> для визначення того, чи чинним є пароль." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1844 +#: sssd-ldap.5.xml:1962 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -7056,7 +7301,7 @@ msgstr "" "скористайтеся chpass_provider=krb5 для оновлення цих атрибутів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1853 +#: sssd-ldap.5.xml:1971 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." @@ -7066,18 +7311,18 @@ msgstr "" "встановленими за допомогою цього параметра." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1861 +#: sssd-ldap.5.xml:1979 msgid "ldap_referrals (boolean)" msgstr "ldap_referrals (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1864 +#: sssd-ldap.5.xml:1982 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" "Визначає, чи має бути увімкнено автоматичне визначення напрямків пошуку." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1868 +#: sssd-ldap.5.xml:1986 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." @@ -7086,7 +7331,7 @@ msgstr "" "з версією OpenLDAP 2.4.13 або новішою версією." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1873 +#: sssd-ldap.5.xml:1991 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -7100,28 +7345,28 @@ msgstr "" "«false» може значно пришвидшити роботу." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1887 +#: sssd-ldap.5.xml:2005 msgid "ldap_dns_service_name (string)" msgstr "ldap_dns_service_name (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1890 +#: sssd-ldap.5.xml:2008 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" "Визначає назву служби, яку буде використано у разі вмикання визначення служб." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1894 +#: sssd-ldap.5.xml:2012 msgid "Default: ldap" msgstr "Типове значення: ldap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1900 +#: sssd-ldap.5.xml:2018 msgid "ldap_chpass_dns_service_name (string)" msgstr "ldap_chpass_dns_service_name (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1903 +#: sssd-ldap.5.xml:2021 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." @@ -7130,17 +7375,17 @@ msgstr "" "уможливлює зміну паролів, у разі вмикання визначення служб." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1908 +#: sssd-ldap.5.xml:2026 msgid "Default: not set, i.e. service discovery is disabled" msgstr "Типове значення: не встановлено, тобто пошук служб вимкнено" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1914 +#: sssd-ldap.5.xml:2032 msgid "ldap_chpass_update_last_change (bool)" msgstr "ldap_chpass_update_last_change (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1917 +#: sssd-ldap.5.xml:2035 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." @@ -7149,12 +7394,12 @@ msgstr "" "щодо кількості днів з часу виконання дії зі зміни пароля." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1929 +#: sssd-ldap.5.xml:2047 msgid "ldap_access_filter (string)" msgstr "ldap_access_filter (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1932 +#: sssd-ldap.5.xml:2050 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -7183,12 +7428,12 @@ msgstr "" "refentrytitle><manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1952 +#: sssd-ldap.5.xml:2070 msgid "Example:" msgstr "Приклад:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1955 +#: sssd-ldap.5.xml:2073 #, no-wrap msgid "" "access_provider = ldap\n" @@ -7200,7 +7445,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1959 +#: sssd-ldap.5.xml:2077 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." @@ -7209,7 +7454,7 @@ msgstr "" "employeeType встановлено у значення «admin»." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1964 +#: sssd-ldap.5.xml:2082 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -7223,17 +7468,17 @@ msgstr "" "таких прав не було надано, у автономному режимі їх також не буде надано." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1972 sssd-ldap.5.xml:2029 +#: sssd-ldap.5.xml:2090 sssd-ldap.5.xml:2147 msgid "Default: Empty" msgstr "Типове значення: порожній рядок" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1978 +#: sssd-ldap.5.xml:2096 msgid "ldap_account_expire_policy (string)" msgstr "ldap_account_expire_policy (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1981 +#: sssd-ldap.5.xml:2099 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." @@ -7242,7 +7487,7 @@ msgstr "" "керування доступом на боці клієнта." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1985 +#: sssd-ldap.5.xml:2103 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -7253,12 +7498,12 @@ msgstr "" "з відповідним кодом помилки, навіть якщо вказано правильний пароль." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1992 +#: sssd-ldap.5.xml:2110 msgid "The following values are allowed:" msgstr "Можна використовувати такі значення:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1995 +#: sssd-ldap.5.xml:2113 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." @@ -7267,7 +7512,7 @@ msgstr "" "визначити, чи завершено строк дії облікового запису." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2000 +#: sssd-ldap.5.xml:2118 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -7280,7 +7525,7 @@ msgstr "" "Також буде перевірено, чи не вичерпано строк дії облікового запису." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2007 +#: sssd-ldap.5.xml:2125 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -7291,7 +7536,7 @@ msgstr "" "ldap_ns_account_lock." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2013 +#: sssd-ldap.5.xml:2131 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -7304,7 +7549,7 @@ msgstr "" "атрибутів, надати доступ." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2022 +#: sssd-ldap.5.xml:2140 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -7315,24 +7560,24 @@ msgstr "" "користуватися параметром ldap_account_expire_policy." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2035 +#: sssd-ldap.5.xml:2153 msgid "ldap_access_order (string)" msgstr "ldap_access_order (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2038 +#: sssd-ldap.5.xml:2156 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" "Список відокремлених комами параметрів керування доступом. Можливі значення " "списку:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2042 +#: sssd-ldap.5.xml:2160 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "<emphasis>filter</emphasis>: використовувати ldap_access_filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2045 +#: sssd-ldap.5.xml:2163 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -7347,7 +7592,7 @@ msgstr "" "для працездатності цієї можливості слід встановити «access_provider = ldap»." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2055 +#: sssd-ldap.5.xml:2173 msgid "" "<emphasis> Please note that this option is superseded by the <quote>ppolicy</" "quote> option and might be removed in a future release. </emphasis>" @@ -7357,7 +7602,7 @@ msgstr "" "emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2062 +#: sssd-ldap.5.xml:2180 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -7380,13 +7625,13 @@ msgstr "" "параметра слід встановити значення «access_provider = ldap»." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2079 +#: sssd-ldap.5.xml:2197 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" "<emphasis>expire</emphasis>: використовувати ldap_account_expire_policy" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2083 +#: sssd-ldap.5.xml:2201 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " @@ -7401,7 +7646,7 @@ msgstr "" "наприклад на ключах SSH." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2093 +#: sssd-ldap.5.xml:2211 msgid "" "The difference between these options is the action taken if user password is " "expired: pwd_expire_policy_reject - user is denied to log in, " @@ -7416,7 +7661,7 @@ msgstr "" "негайно змінити пароль." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2101 +#: sssd-ldap.5.xml:2219 msgid "" "Note If user password is expired no explicit message is prompted by SSSD." msgstr "" @@ -7424,7 +7669,7 @@ msgstr "" "від SSSD не надходитиме." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2105 +#: sssd-ldap.5.xml:2223 msgid "" "Please note that 'access_provider = ldap' must be set for this feature to " "work. Also 'ldap_pwd_policy' must be set to an appropriate password policy." @@ -7434,7 +7679,7 @@ msgstr "" "параметра «ldap_pwd_policy» відповідні правила поводження із паролями." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2110 +#: sssd-ldap.5.xml:2228 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" @@ -7443,14 +7688,14 @@ msgstr "" "можливості доступу атрибут authorizedService" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2115 +#: sssd-ldap.5.xml:2233 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" "<emphasis>host</emphasis>: за допомогою цього атрибута вузла можна визначити " "права доступу" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2119 +#: sssd-ldap.5.xml:2237 #, fuzzy #| msgid "" #| "<emphasis>host</emphasis>: use the host attribute to determine access" @@ -7462,19 +7707,19 @@ msgstr "" "права доступу" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2123 +#: sssd-ldap.5.xml:2241 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control option" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2128 +#: sssd-ldap.5.xml:2246 msgid "Default: filter" msgstr "Типове значення: filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2131 +#: sssd-ldap.5.xml:2249 msgid "" "Please note that it is a configuration error if a value is used more than " "once." @@ -7483,12 +7728,12 @@ msgstr "" "використано декілька разів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2138 +#: sssd-ldap.5.xml:2256 msgid "ldap_pwdlockout_dn (string)" msgstr "ldap_pwdlockout_dn (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2141 +#: sssd-ldap.5.xml:2259 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " @@ -7502,22 +7747,22 @@ msgstr "" "можна буде перевірити належним чином." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2149 +#: sssd-ldap.5.xml:2267 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "Приклад: cn=ppolicy,ou=policies,dc=example,dc=com" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2152 +#: sssd-ldap.5.xml:2270 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "Типове значення: cn=ppolicy,ou=policies,$ldap_search_base" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2158 +#: sssd-ldap.5.xml:2276 msgid "ldap_deref (string)" msgstr "ldap_deref (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2161 +#: sssd-ldap.5.xml:2279 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" @@ -7526,13 +7771,13 @@ msgstr "" "пошуку. Можливі такі варіанти:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2166 +#: sssd-ldap.5.xml:2284 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" "<emphasis>never</emphasis>: ніколи не виконувати розіменування псевдонімів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2170 +#: sssd-ldap.5.xml:2288 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." @@ -7542,7 +7787,7 @@ msgstr "" "пошуку." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2175 +#: sssd-ldap.5.xml:2293 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." @@ -7551,7 +7796,7 @@ msgstr "" "під час визначення місця основного об’єкта пошуку." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2180 +#: sssd-ldap.5.xml:2298 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." @@ -7560,7 +7805,7 @@ msgstr "" "час пошуку, так і під час визначення місця основного об’єкта пошуку." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2185 +#: sssd-ldap.5.xml:2303 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" @@ -7569,12 +7814,12 @@ msgstr "" "сценарієм <emphasis>never</emphasis>)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2193 +#: sssd-ldap.5.xml:2311 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "ldap_rfc2307_fallback_to_local_users (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2196 +#: sssd-ldap.5.xml:2314 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." @@ -7583,7 +7828,7 @@ msgstr "" "серверів, у яких використовується схема RFC2307." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2200 +#: sssd-ldap.5.xml:2318 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -7601,7 +7846,7 @@ msgstr "" "користувачів за допомогою виклику getpw*() або initgroups()." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2211 +#: sssd-ldap.5.xml:2329 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -7613,14 +7858,14 @@ msgstr "" "групами LDAP." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2223 sssd-ifp.5.xml:136 +#: sssd-ldap.5.xml:2341 sssd-ifp.5.xml:136 #, fuzzy #| msgid "wildcart_limit (integer)" msgid "wildcard_limit (integer)" msgstr "wildcart_limit (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2226 +#: sssd-ldap.5.xml:2344 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." @@ -7629,14 +7874,14 @@ msgstr "" "пошуку з використанням символів-замінників." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2230 +#: sssd-ldap.5.xml:2348 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" "У поточній версії пошук із використанням символів-замінників передбачено " "лише для відповідача InfoPipe." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2234 +#: sssd-ldap.5.xml:2352 msgid "Default: 1000 (often the size of one page)" msgstr "Типове значення: 1000 (часто розмір однієї сторінки)" @@ -7656,12 +7901,12 @@ msgstr "" "<placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2244 +#: sssd-ldap.5.xml:2362 msgid "SUDO OPTIONS" msgstr "ПАРАМЕТРИ SUDO" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2246 +#: sssd-ldap.5.xml:2364 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -7672,52 +7917,52 @@ msgstr "" "<manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2257 +#: sssd-ldap.5.xml:2375 msgid "ldap_sudorule_object_class (string)" msgstr "ldap_sudorule_object_class (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2260 +#: sssd-ldap.5.xml:2378 msgid "The object class of a sudo rule entry in LDAP." msgstr "Клас об’єктів запису правила sudo у LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2263 +#: sssd-ldap.5.xml:2381 msgid "Default: sudoRole" msgstr "Типове значення: sudoRole" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2269 +#: sssd-ldap.5.xml:2387 msgid "ldap_sudorule_name (string)" msgstr "ldap_sudorule_name (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2272 +#: sssd-ldap.5.xml:2390 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "Атрибут LDAP, що відповідає назві правила sudo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2282 +#: sssd-ldap.5.xml:2400 msgid "ldap_sudorule_command (string)" msgstr "ldap_sudorule_command (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2285 +#: sssd-ldap.5.xml:2403 msgid "The LDAP attribute that corresponds to the command name." msgstr "Атрибут LDAP, що відповідає назві команди." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2289 +#: sssd-ldap.5.xml:2407 msgid "Default: sudoCommand" msgstr "Типове значення: sudoCommand" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2295 +#: sssd-ldap.5.xml:2413 msgid "ldap_sudorule_host (string)" msgstr "ldap_sudorule_host (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2298 +#: sssd-ldap.5.xml:2416 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" @@ -7726,17 +7971,17 @@ msgstr "" "вузла, мережевій групі вузла)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2303 +#: sssd-ldap.5.xml:2421 msgid "Default: sudoHost" msgstr "Типове значення: sudoHost" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2309 +#: sssd-ldap.5.xml:2427 msgid "ldap_sudorule_user (string)" msgstr "ldap_sudorule_user (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2312 +#: sssd-ldap.5.xml:2430 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" @@ -7745,32 +7990,32 @@ msgstr "" "або назві мережевої групи користувача)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2316 +#: sssd-ldap.5.xml:2434 msgid "Default: sudoUser" msgstr "Типове значення: sudoUser" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2322 +#: sssd-ldap.5.xml:2440 msgid "ldap_sudorule_option (string)" msgstr "ldap_sudorule_option (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2325 +#: sssd-ldap.5.xml:2443 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "Атрибут LDAP, що відповідає параметрам sudo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2329 +#: sssd-ldap.5.xml:2447 msgid "Default: sudoOption" msgstr "Типове значення: sudoOption" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2335 +#: sssd-ldap.5.xml:2453 msgid "ldap_sudorule_runasuser (string)" msgstr "ldap_sudorule_runasuser (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2338 +#: sssd-ldap.5.xml:2456 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." @@ -7779,17 +8024,17 @@ msgstr "" "команди." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2342 +#: sssd-ldap.5.xml:2460 msgid "Default: sudoRunAsUser" msgstr "Типове значення: sudoRunAsUser" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2348 +#: sssd-ldap.5.xml:2466 msgid "ldap_sudorule_runasgroup (string)" msgstr "ldap_sudorule_runasgroup (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2351 +#: sssd-ldap.5.xml:2469 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." @@ -7798,17 +8043,17 @@ msgstr "" "виконувати команди." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2355 +#: sssd-ldap.5.xml:2473 msgid "Default: sudoRunAsGroup" msgstr "Типове значення: sudoRunAsGroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2361 +#: sssd-ldap.5.xml:2479 msgid "ldap_sudorule_notbefore (string)" msgstr "ldap_sudorule_notbefore (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2364 +#: sssd-ldap.5.xml:2482 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." @@ -7816,49 +8061,49 @@ msgstr "" "Атрибут LDAP, що відповідає даті і часу набуття чинності правилом sudo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2368 +#: sssd-ldap.5.xml:2486 msgid "Default: sudoNotBefore" msgstr "Типове значення: sudoNotBefore" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2374 +#: sssd-ldap.5.xml:2492 msgid "ldap_sudorule_notafter (string)" msgstr "ldap_sudorule_notafter (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2377 +#: sssd-ldap.5.xml:2495 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." msgstr "Атрибут LDAP, що відповідає даті і часу втрати чинності правилом sudo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2382 +#: sssd-ldap.5.xml:2500 msgid "Default: sudoNotAfter" msgstr "Типове значення: sudoNotAfter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2388 +#: sssd-ldap.5.xml:2506 msgid "ldap_sudorule_order (string)" msgstr "ldap_sudorule_order (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2391 +#: sssd-ldap.5.xml:2509 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "Атрибут LDAP, що відповідає порядковому номеру правила." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2395 +#: sssd-ldap.5.xml:2513 msgid "Default: sudoOrder" msgstr "Типове значення: sudoOrder" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2401 +#: sssd-ldap.5.xml:2519 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "ldap_sudo_full_refresh_interval (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2404 +#: sssd-ldap.5.xml:2522 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." @@ -7868,7 +8113,7 @@ msgstr "" "набір правил, що зберігаються на сервері." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2409 +#: sssd-ldap.5.xml:2527 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" @@ -7877,17 +8122,17 @@ msgstr "" "<emphasis>ldap_sudo_smart_refresh_interval </emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2414 +#: sssd-ldap.5.xml:2532 msgid "Default: 21600 (6 hours)" msgstr "Типове значення: 21600 (6 годин)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2420 +#: sssd-ldap.5.xml:2538 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "ldap_sudo_smart_refresh_interval (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2423 +#: sssd-ldap.5.xml:2541 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest USN " @@ -7898,7 +8143,7 @@ msgstr "" "правил, USN яких перевищує найбільше значення USN у кешованих правилах." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2429 +#: sssd-ldap.5.xml:2547 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." @@ -7907,12 +8152,12 @@ msgstr "" "дані атрибута modifyTimestamp." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2439 +#: sssd-ldap.5.xml:2557 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "ldap_sudo_use_host_filter (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2442 +#: sssd-ldap.5.xml:2560 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." @@ -7922,12 +8167,12 @@ msgstr "" "назв вузлів)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2453 +#: sssd-ldap.5.xml:2571 msgid "ldap_sudo_hostnames (string)" msgstr "ldap_sudo_hostnames (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2456 +#: sssd-ldap.5.xml:2574 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." @@ -7936,7 +8181,7 @@ msgstr "" "фільтрування списку правил." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2461 +#: sssd-ldap.5.xml:2579 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." @@ -7945,8 +8190,8 @@ msgstr "" "назву вузла та повну назву комп’ютера у домені у автоматичному режимі." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2466 sssd-ldap.5.xml:2489 sssd-ldap.5.xml:2507 -#: sssd-ldap.5.xml:2525 +#: sssd-ldap.5.xml:2584 sssd-ldap.5.xml:2607 sssd-ldap.5.xml:2625 +#: sssd-ldap.5.xml:2643 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." @@ -7955,17 +8200,17 @@ msgstr "" "<emphasis>false</emphasis>, цей параметр ні на що не впливатиме." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2471 sssd-ldap.5.xml:2494 +#: sssd-ldap.5.xml:2589 sssd-ldap.5.xml:2612 msgid "Default: not specified" msgstr "Типове значення: не вказано" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2477 +#: sssd-ldap.5.xml:2595 msgid "ldap_sudo_ip (string)" msgstr "ldap_sudo_ip (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2480 +#: sssd-ldap.5.xml:2598 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." @@ -7974,7 +8219,7 @@ msgstr "" "правил." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2485 +#: sssd-ldap.5.xml:2603 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." @@ -7983,12 +8228,12 @@ msgstr "" "адресу у автоматичному режимі." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2500 +#: sssd-ldap.5.xml:2618 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "ldap_sudo_include_netgroups (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2503 +#: sssd-ldap.5.xml:2621 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." @@ -7997,12 +8242,12 @@ msgstr "" "мережеву групу (netgroup) у атрибуті sudoHost." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2518 +#: sssd-ldap.5.xml:2636 msgid "ldap_sudo_include_regexp (boolean)" msgstr "ldap_sudo_include_regexp (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2521 +#: sssd-ldap.5.xml:2639 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." @@ -8011,7 +8256,7 @@ msgstr "" "заміни у атрибуті sudoHost." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2537 +#: sssd-ldap.5.xml:2655 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -8024,12 +8269,12 @@ msgstr "" "refentrytitle><manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2547 +#: sssd-ldap.5.xml:2665 msgid "AUTOFS OPTIONS" msgstr "ПАРАМЕТРИ AUTOFS" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2549 +#: sssd-ldap.5.xml:2667 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." @@ -8038,49 +8283,49 @@ msgstr "" "LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2555 +#: sssd-ldap.5.xml:2673 msgid "ldap_autofs_map_master_name (string)" msgstr "ldap_autofs_map_master_name (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2558 +#: sssd-ldap.5.xml:2676 msgid "The name of the automount master map in LDAP." msgstr "Назва основної карти автоматичного монтування у LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2561 +#: sssd-ldap.5.xml:2679 msgid "Default: auto.master" msgstr "Типове значення: auto.master" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2568 +#: sssd-ldap.5.xml:2686 msgid "ldap_autofs_map_object_class (string)" msgstr "ldap_autofs_map_object_class (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2571 +#: sssd-ldap.5.xml:2689 msgid "The object class of an automount map entry in LDAP." msgstr "Клас об’єктів запису карти автоматичного монтування у LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2574 +#: sssd-ldap.5.xml:2692 msgid "Default: nisMap (rfc2307, autofs_provider=ad), otherwise automountMap" msgstr "" "Типове значення: nisMap (rfc2307, autofs_provider=ad), у інших випадках " "automountMap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2582 +#: sssd-ldap.5.xml:2700 msgid "ldap_autofs_map_name (string)" msgstr "ldap_autofs_map_name (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2585 +#: sssd-ldap.5.xml:2703 msgid "The name of an automount map entry in LDAP." msgstr "Назва запису карти автоматичного монтування у LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2588 +#: sssd-ldap.5.xml:2706 msgid "" "Default: nisMapName (rfc2307, autofs_provider=ad), otherwise automountMapName" msgstr "" @@ -8088,12 +8333,12 @@ msgstr "" "automountMapName" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2596 +#: sssd-ldap.5.xml:2714 msgid "ldap_autofs_entry_object_class (string)" msgstr "ldap_autofs_entry_object_class (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2599 +#: sssd-ldap.5.xml:2717 msgid "" "The object class of an automount entry in LDAP. The entry usually " "corresponds to a mount point." @@ -8102,19 +8347,19 @@ msgstr "" "точні монтування." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2604 +#: sssd-ldap.5.xml:2722 msgid "Default: nisObject (rfc2307, autofs_provider=ad), otherwise automount" msgstr "" "Типове значення: nisObject (rfc2307, autofs_provider=ad), у інших випадках " "automount" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2612 +#: sssd-ldap.5.xml:2730 msgid "ldap_autofs_entry_key (string)" msgstr "ldap_autofs_entry_key (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2615 sssd-ldap.5.xml:2630 +#: sssd-ldap.5.xml:2733 sssd-ldap.5.xml:2748 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." @@ -8123,19 +8368,19 @@ msgstr "" "точні монтування." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2619 +#: sssd-ldap.5.xml:2737 msgid "Default: cn (rfc2307, autofs_provider=ad), otherwise automountKey" msgstr "" "Типове значення: cn (rfc2307, autofs_provider=ad), у інших випадках " "automountKey" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2627 +#: sssd-ldap.5.xml:2745 msgid "ldap_autofs_entry_value (string)" msgstr "ldap_autofs_entry_value (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2634 +#: sssd-ldap.5.xml:2752 msgid "" "Default: nisMapEntry (rfc2307, autofs_provider=ad), otherwise " "automountInformation" @@ -8144,7 +8389,7 @@ msgstr "" "automountInformation" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2553 +#: sssd-ldap.5.xml:2671 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " @@ -8157,32 +8402,32 @@ msgstr "" "\"variablelist\" id=\"4\"/> <placeholder type=\"variablelist\" id=\"5\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2645 +#: sssd-ldap.5.xml:2763 msgid "ADVANCED OPTIONS" msgstr "ДОДАТКОВІ ПАРАМЕТРИ" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2652 +#: sssd-ldap.5.xml:2770 msgid "ldap_netgroup_search_base (string)" msgstr "ldap_netgroup_search_base (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2657 +#: sssd-ldap.5.xml:2775 msgid "ldap_user_search_base (string)" msgstr "ldap_user_search_base (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2662 +#: sssd-ldap.5.xml:2780 msgid "ldap_group_search_base (string)" msgstr "ldap_group_search_base (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> -#: sssd-ldap.5.xml:2667 +#: sssd-ldap.5.xml:2785 msgid "<note>" msgstr "<note>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> -#: sssd-ldap.5.xml:2669 +#: sssd-ldap.5.xml:2787 #, fuzzy #| msgid "" #| "If the option <quote>ldap_use_tokengroups</quote> is enabled. The " @@ -8201,22 +8446,22 @@ msgstr "" "груп показуються неправильно." #. type: Content of: <reference><refentry><refsect1><para><variablelist> -#: sssd-ldap.5.xml:2676 +#: sssd-ldap.5.xml:2794 msgid "</note>" msgstr "</note>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2678 +#: sssd-ldap.5.xml:2796 msgid "ldap_sudo_search_base (string)" msgstr "ldap_sudo_search_base (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2683 +#: sssd-ldap.5.xml:2801 msgid "ldap_autofs_search_base (string)" msgstr "ldap_autofs_search_base (рядок)" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2647 +#: sssd-ldap.5.xml:2765 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -8229,14 +8474,14 @@ msgstr "" "<placeholder type=\"variablelist\" id=\"1\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2698 sssd-simple.5.xml:131 sssd-ipa.5.xml:717 -#: sssd-ad.5.xml:1018 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 +#: sssd-ldap.5.xml:2816 sssd-simple.5.xml:131 sssd-ipa.5.xml:736 +#: sssd-ad.5.xml:1038 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 #: sssd-files.5.xml:71 sssd-session-recording.5.xml:144 msgid "EXAMPLE" msgstr "ПРИКЛАД" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2700 +#: sssd-ldap.5.xml:2818 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -8247,7 +8492,7 @@ msgstr "" "<replaceable>[domains]</replaceable>." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2706 +#: sssd-ldap.5.xml:2824 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -8267,20 +8512,20 @@ msgstr "" "cache_credentials = true\n" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2705 sssd-ldap.5.xml:2723 sssd-simple.5.xml:139 -#: sssd-ipa.5.xml:725 sssd-ad.5.xml:1026 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 +#: sssd-ldap.5.xml:2823 sssd-ldap.5.xml:2841 sssd-simple.5.xml:139 +#: sssd-ipa.5.xml:744 sssd-ad.5.xml:1046 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 #: sssd-files.5.xml:78 sssd-session-recording.5.xml:150 #: include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "<placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2717 +#: sssd-ldap.5.xml:2835 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "ПРИКЛАД ФІЛЬТРА ДОСТУПУ LDAP" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2719 +#: sssd-ldap.5.xml:2837 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." @@ -8289,7 +8534,7 @@ msgstr "" "чином і використано ldap_access_order=lockout." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2724 +#: sssd-ldap.5.xml:2842 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -8315,13 +8560,13 @@ msgstr "" "cache_credentials = true\n" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2739 sssd_krb5_locator_plugin.8.xml:61 sssd-simple.5.xml:148 -#: sssd-ad.5.xml:1041 sssd.8.xml:195 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2857 sssd_krb5_locator_plugin.8.xml:61 sssd-simple.5.xml:148 +#: sssd-ad.5.xml:1061 sssd.8.xml:230 sss_seed.8.xml:163 msgid "NOTES" msgstr "ЗАУВАЖЕННЯ" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2741 +#: sssd-ldap.5.xml:2859 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -8858,7 +9103,7 @@ msgstr "" "обробляються." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:70 sssd-ipa.5.xml:76 sssd-ad.5.xml:100 +#: sssd-simple.5.xml:70 sssd-ipa.5.xml:82 sssd-ad.5.xml:113 msgid "" "Refer to the section <quote>DOMAIN SECTIONS</quote> of the <citerefentry> " "<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" @@ -9926,9 +10171,13 @@ msgstr "{subject_registered_id}" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:577 +#, fuzzy +#| msgid "" +#| "This template will add the OID which is stored in the registeredID " +#| "component of the SAN as as dotted-decimal string." msgid "" "This template will add the OID which is stored in the registeredID component " -"of the SAN as as dotted-decimal string." +"of the SAN as a dotted-decimal string." msgstr "" "Цей шаблон додає OID, який зберігається у компоненті registeredID SAN у " "форматі точково-десяткового рядка." @@ -10064,6 +10313,14 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:67 msgid "" +"If <quote>auth_provider=ipa</quote> or <quote>access_provider=ipa</quote> is " +"configured in sssd.conf then the id_provider must also be set to <quote>ipa</" +"quote>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:73 +msgid "" "The IPA provider will use the PAC responder if the Kerberos tickets of users " "from trusted realms contain a PAC. To make configuration easier the PAC " "responder is started automatically if the IPA ID provider is configured." @@ -10074,12 +10331,12 @@ msgstr "" "інструмент надання даних ідентифікаторів IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:83 +#: sssd-ipa.5.xml:89 msgid "ipa_domain (string)" msgstr "ipa_domain (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:86 +#: sssd-ipa.5.xml:92 msgid "" "Specifies the name of the IPA domain. This is optional. If not provided, " "the configuration domain name is used." @@ -10088,12 +10345,12 @@ msgstr "" "використано назву домену з налаштувань." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:94 +#: sssd-ipa.5.xml:100 msgid "ipa_server, ipa_backup_server (string)" msgstr "ipa_server, ipa_backup_server (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:97 +#: sssd-ipa.5.xml:103 msgid "" "The comma-separated list of IP addresses or hostnames of the IPA servers to " "which SSSD should connect in the order of preference. For more information " @@ -10109,12 +10366,12 @@ msgstr "" "СЛУЖБ»." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:110 +#: sssd-ipa.5.xml:116 msgid "ipa_hostname (string)" msgstr "ipa_hostname (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:113 +#: sssd-ipa.5.xml:119 #, fuzzy #| msgid "" #| "Optional. May be set on machines where the hostname(5) does not reflect " @@ -10129,12 +10386,12 @@ msgstr "" "цього вузла." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:122 sssd-ad.5.xml:843 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:863 msgid "dyndns_update (boolean)" msgstr "dyndns_update (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:125 +#: sssd-ipa.5.xml:131 msgid "" "Optional. This option tells SSSD to automatically update the DNS server " "built into FreeIPA with the IP address of this client. The update is secured " @@ -10149,7 +10406,7 @@ msgstr "" "допомогою параметра «dyndns_iface»." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:134 sssd-ad.5.xml:857 +#: sssd-ipa.5.xml:140 sssd-ad.5.xml:877 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -10159,7 +10416,7 @@ msgstr "" "у /etc/krb5.conf" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:139 +#: sssd-ipa.5.xml:145 msgid "" "NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_update</" "emphasis> option, users should migrate to using <emphasis>dyndns_update</" @@ -10170,12 +10427,12 @@ msgstr "" "назву, <emphasis>dyndns_update</emphasis>, у файлі налаштувань." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:151 sssd-ad.5.xml:868 +#: sssd-ipa.5.xml:157 sssd-ad.5.xml:888 msgid "dyndns_ttl (integer)" msgstr "dyndns_ttl (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:154 sssd-ad.5.xml:871 +#: sssd-ipa.5.xml:160 sssd-ad.5.xml:891 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -10186,7 +10443,7 @@ msgstr "" "Перевизначає TTL на боці сервера, якщо встановлено адміністратором." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:159 +#: sssd-ipa.5.xml:165 msgid "" "NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_ttl</" "emphasis> option, users should migrate to using <emphasis>dyndns_ttl</" @@ -10197,17 +10454,17 @@ msgstr "" "назву, <emphasis>dyndns_ttl</emphasis>, у файлі налаштувань." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:165 +#: sssd-ipa.5.xml:171 msgid "Default: 1200 (seconds)" msgstr "Типове значення: 1200 (секунд)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:171 sssd-ad.5.xml:882 +#: sssd-ipa.5.xml:177 sssd-ad.5.xml:902 msgid "dyndns_iface (string)" msgstr "dyndns_iface (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:174 sssd-ad.5.xml:885 +#: sssd-ipa.5.xml:180 sssd-ad.5.xml:905 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " @@ -10220,7 +10477,7 @@ msgstr "" "quote> означає, що слід використовувати IP-адреси з усіх інтерфейсів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:181 +#: sssd-ipa.5.xml:187 msgid "" "NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_iface</" "emphasis> option, users should migrate to using <emphasis>dyndns_iface</" @@ -10231,7 +10488,7 @@ msgstr "" "назву, <emphasis>dyndns_iface</emphasis>, у файлі налаштувань." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:187 +#: sssd-ipa.5.xml:193 msgid "" "Default: Use the IP addresses of the interface which is used for IPA LDAP " "connection" @@ -10240,17 +10497,17 @@ msgstr "" "для з’єднання LDAP IPA" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:191 sssd-ad.5.xml:896 +#: sssd-ipa.5.xml:197 sssd-ad.5.xml:916 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "Приклад: dyndns_iface = em1, vnet1, vnet2" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:197 sssd-ad.5.xml:947 +#: sssd-ipa.5.xml:203 sssd-ad.5.xml:967 msgid "dyndns_auth (string)" msgstr "dyndns_auth (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:200 sssd-ad.5.xml:950 +#: sssd-ipa.5.xml:206 sssd-ad.5.xml:970 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " @@ -10261,22 +10518,22 @@ msgstr "" "можна надсилати встановленням для цього параметра значення «none»." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:206 sssd-ad.5.xml:956 +#: sssd-ipa.5.xml:212 sssd-ad.5.xml:976 msgid "Default: GSS-TSIG" msgstr "Типове значення: GSS-TSIG" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:212 +#: sssd-ipa.5.xml:218 msgid "ipa_enable_dns_sites (boolean)" msgstr "ipa_enable_dns_sites (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:215 sssd-ad.5.xml:197 +#: sssd-ipa.5.xml:221 sssd-ad.5.xml:210 msgid "Enables DNS sites - location based service discovery." msgstr "Вмикає сайти DNS — визначення служб на основі адрес." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:219 +#: sssd-ipa.5.xml:225 msgid "" "If true and service discovery (see Service Discovery paragraph at the bottom " "of the man page) is enabled, then the SSSD will first attempt location " @@ -10296,12 +10553,12 @@ msgstr "" "вважатимуться резервними серверами." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:238 sssd-ad.5.xml:902 +#: sssd-ipa.5.xml:244 sssd-ad.5.xml:922 msgid "dyndns_refresh_interval (integer)" msgstr "dyndns_refresh_interval (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:241 +#: sssd-ipa.5.xml:247 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -10313,12 +10570,12 @@ msgstr "" "є обов’язкоми, його застосовують, лише якщо dyndns_update має значення true." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:254 sssd-ad.5.xml:920 +#: sssd-ipa.5.xml:260 sssd-ad.5.xml:940 msgid "dyndns_update_ptr (bool)" msgstr "dyndns_update_ptr (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:257 sssd-ad.5.xml:923 +#: sssd-ipa.5.xml:263 sssd-ad.5.xml:943 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -10327,7 +10584,7 @@ msgstr "" "DNS клієнта. Застосовується, лише якщо значенням dyndns_update буде true." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:262 +#: sssd-ipa.5.xml:268 msgid "" "This option should be False in most IPA deployments as the IPA server " "generates the PTR records automatically when forward records are changed." @@ -10337,17 +10594,17 @@ msgstr "" "переспрямовування." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:268 +#: sssd-ipa.5.xml:274 msgid "Default: False (disabled)" msgstr "Типове значення: False (вимкнено)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:274 sssd-ad.5.xml:934 +#: sssd-ipa.5.xml:280 sssd-ad.5.xml:954 msgid "dyndns_force_tcp (bool)" msgstr "dyndns_force_tcp (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:277 sssd-ad.5.xml:937 +#: sssd-ipa.5.xml:283 sssd-ad.5.xml:957 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." @@ -10356,17 +10613,17 @@ msgstr "" "даними з сервером DNS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:281 sssd-ad.5.xml:941 +#: sssd-ipa.5.xml:287 sssd-ad.5.xml:961 msgid "Default: False (let nsupdate choose the protocol)" msgstr "Типове значення: False (надати змогу nsupdate вибирати протокол)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:287 sssd-ad.5.xml:962 +#: sssd-ipa.5.xml:293 sssd-ad.5.xml:982 msgid "dyndns_server (string)" msgstr "dyndns_server (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:290 sssd-ad.5.xml:965 +#: sssd-ipa.5.xml:296 sssd-ad.5.xml:985 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." @@ -10376,7 +10633,7 @@ msgstr "" "параметра." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:295 sssd-ad.5.xml:970 +#: sssd-ipa.5.xml:301 sssd-ad.5.xml:990 msgid "" "Setting this option makes sense for environments where the DNS server is " "different from the identity server." @@ -10385,7 +10642,7 @@ msgstr "" "DNS відрізняється від сервера профілів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:300 sssd-ad.5.xml:975 +#: sssd-ipa.5.xml:306 sssd-ad.5.xml:995 msgid "" "Please note that this option will be only used in fallback attempt when " "previous attempt using autodetected settings failed." @@ -10395,19 +10652,19 @@ msgstr "" "невдало." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:305 sssd-ad.5.xml:980 +#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1000 msgid "Default: None (let nsupdate choose the server)" msgstr "Типове значення: немає (надати nsupdate змогу вибирати сервер)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:311 +#: sssd-ipa.5.xml:317 #, fuzzy #| msgid "ipa_views_search_base (string)" msgid "ipa_deskprofile_search_base (string)" msgstr "ipa_views_search_base (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:314 +#: sssd-ipa.5.xml:320 #, fuzzy #| msgid "" #| "Optional. Use the given string as search base for HBAC related objects." @@ -10419,114 +10676,98 @@ msgstr "" "HBAC об’єктів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:318 sssd-ipa.5.xml:331 +#: sssd-ipa.5.xml:324 sssd-ipa.5.xml:337 msgid "Default: Use base DN" msgstr "Типове значення: використання базової назви домену" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:324 +#: sssd-ipa.5.xml:330 msgid "ipa_hbac_search_base (string)" msgstr "ipa_hbac_search_base (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:327 +#: sssd-ipa.5.xml:333 msgid "Optional. Use the given string as search base for HBAC related objects." msgstr "" "Необов’язковий. Використати вказаний рядок як основу пошуку пов’язаних з " "HBAC об’єктів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:337 +#: sssd-ipa.5.xml:343 msgid "ipa_host_search_base (string)" msgstr "ipa_host_search_base (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:340 -msgid "Optional. Use the given string as search base for host objects." +#: sssd-ipa.5.xml:346 +msgid "Deprecated. Use ldap_host_search_base instead." msgstr "" -"Необов’язковий. Використати вказаний рядок як основу пошуку об’єктів вузлів." - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:344 sssd-ipa.5.xml:363 sssd-ipa.5.xml:382 sssd-ipa.5.xml:401 -#: sssd-ipa.5.xml:420 -msgid "" -"See <quote>ldap_search_base</quote> for information about configuring " -"multiple search bases." -msgstr "" -"Ознайомтеся з розділом щодо «ldap_search_base», щоб дізнатися більше про " -"налаштування декількох основ пошуку." - -#. type: Content of: <listitem><para> -#: sssd-ipa.5.xml:349 sssd-ipa.5.xml:368 include/ldap_search_bases.xml:27 -msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" -msgstr "Типове значення: значення <emphasis>ldap_search_base</emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:356 +#: sssd-ipa.5.xml:352 msgid "ipa_selinux_search_base (string)" msgstr "ipa_selinux_search_base (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:359 +#: sssd-ipa.5.xml:355 msgid "Optional. Use the given string as search base for SELinux user maps." msgstr "" "Необов’язковий. Використати вказаний рядок як основу пошуку карт " "користувачів SELinux." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:375 +#: sssd-ipa.5.xml:371 msgid "ipa_subdomains_search_base (string)" msgstr "ipa_subdomains_search_base (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:378 +#: sssd-ipa.5.xml:374 msgid "Optional. Use the given string as search base for trusted domains." msgstr "" "Необов’язковий. Використати вказаний рядок як основу пошуку надійних доменів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:387 +#: sssd-ipa.5.xml:383 msgid "Default: the value of <emphasis>cn=trusts,%basedn</emphasis>" msgstr "Типове значення: значення <emphasis>cn=trusts,%basedn</emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:394 +#: sssd-ipa.5.xml:390 msgid "ipa_master_domain_search_base (string)" msgstr "ipa_master_domain_search_base (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:397 +#: sssd-ipa.5.xml:393 msgid "Optional. Use the given string as search base for master domain object." msgstr "" "Необов’язковий. Використати вказаний рядок як основу пошуку основного " "об’єкта домену." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:406 +#: sssd-ipa.5.xml:402 msgid "Default: the value of <emphasis>cn=ad,cn=etc,%basedn</emphasis>" msgstr "" "Типове значення: значення виразу <emphasis>cn=ad,cn=etc,%basedn</emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:413 +#: sssd-ipa.5.xml:409 msgid "ipa_views_search_base (string)" msgstr "ipa_views_search_base (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:416 +#: sssd-ipa.5.xml:412 msgid "Optional. Use the given string as search base for views containers." msgstr "" "Необов’язковий. Використати вказаний рядок як основу пошуку контейнерів " "перегляду." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:425 +#: sssd-ipa.5.xml:421 msgid "Default: the value of <emphasis>cn=views,cn=accounts,%basedn</emphasis>" msgstr "" "Типове значення: значення <emphasis>cn=views,cn=accounts,%basedn</emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:435 +#: sssd-ipa.5.xml:431 msgid "" "The name of the Kerberos realm. This is optional and defaults to the value " "of <quote>ipa_domain</quote>." @@ -10535,7 +10776,7 @@ msgstr "" "«ipa_domain»." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:439 +#: sssd-ipa.5.xml:435 msgid "" "The name of the Kerberos realm has a special meaning in IPA - it is " "converted into the base DN to use for performing LDAP operations." @@ -10544,12 +10785,12 @@ msgstr "" "перетворено у основний DN для виконання дій LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:447 sssd-ad.5.xml:989 +#: sssd-ipa.5.xml:443 sssd-ad.5.xml:1009 msgid "krb5_confd_path (string)" msgstr "krb5_confd_path (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:450 sssd-ad.5.xml:992 +#: sssd-ipa.5.xml:446 sssd-ad.5.xml:1012 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." @@ -10558,7 +10799,7 @@ msgstr "" "налаштувань Kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:454 sssd-ad.5.xml:996 +#: sssd-ipa.5.xml:450 sssd-ad.5.xml:1016 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." @@ -10567,7 +10808,7 @@ msgstr "" "значення «none»." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:458 sssd-ad.5.xml:1000 +#: sssd-ipa.5.xml:454 sssd-ad.5.xml:1020 msgid "" "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" @@ -10575,14 +10816,14 @@ msgstr "" "SSSD)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:465 +#: sssd-ipa.5.xml:461 #, fuzzy #| msgid "ipa_hbac_refresh (integer)" msgid "ipa_deskprofile_refresh (integer)" msgstr "ipa_hbac_refresh (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:468 +#: sssd-ipa.5.xml:464 #, fuzzy #| msgid "" #| "The amount of time between lookups of the HBAC rules against the IPA " @@ -10598,19 +10839,19 @@ msgstr "" "короткого періоду часу надходить багато запитів щодо керування доступом." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:475 sssd-ipa.5.xml:505 sssd-ipa.5.xml:521 sssd-ad.5.xml:408 +#: sssd-ipa.5.xml:471 sssd-ipa.5.xml:501 sssd-ipa.5.xml:517 sssd-ad.5.xml:428 msgid "Default: 5 (seconds)" msgstr "Типове значення: 5 (секунд)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:481 +#: sssd-ipa.5.xml:477 #, fuzzy #| msgid "ldap_sudo_full_refresh_interval (integer)" msgid "ipa_deskprofile_request_interval (integer)" msgstr "ldap_sudo_full_refresh_interval (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:484 +#: sssd-ipa.5.xml:480 #, fuzzy #| msgid "" #| "The amount of time between lookups of the HBAC rules against the IPA " @@ -10625,19 +10866,19 @@ msgstr "" "короткого періоду часу надходить багато запитів щодо керування доступом." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:489 +#: sssd-ipa.5.xml:485 #, fuzzy #| msgid "Default: 900 (15 minutes)" msgid "Default: 60 (minutes)" msgstr "Типове значення: 900 (15 хвилин)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:495 +#: sssd-ipa.5.xml:491 msgid "ipa_hbac_refresh (integer)" msgstr "ipa_hbac_refresh (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:498 +#: sssd-ipa.5.xml:494 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server. " "This will reduce the latency and load on the IPA server if there are many " @@ -10648,12 +10889,12 @@ msgstr "" "короткого періоду часу надходить багато запитів щодо керування доступом." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:511 +#: sssd-ipa.5.xml:507 msgid "ipa_hbac_selinux (integer)" msgstr "ipa_hbac_selinux (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:514 +#: sssd-ipa.5.xml:510 msgid "" "The amount of time between lookups of the SELinux maps against the IPA " "server. This will reduce the latency and load on the IPA server if there are " @@ -10665,12 +10906,12 @@ msgstr "" "користувача до системи." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:527 +#: sssd-ipa.5.xml:523 msgid "ipa_server_mode (boolean)" msgstr "ipa_server_mode (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:530 +#: sssd-ipa.5.xml:526 msgid "" "This option will be set by the IPA installer (ipa-server-install) " "automatically and denotes if SSSD is running on an IPA server or not." @@ -10679,7 +10920,7 @@ msgstr "" "автоматично, він визначає, чи запущено SSSD на сервері IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:535 +#: sssd-ipa.5.xml:531 msgid "" "On an IPA server SSSD will lookup users and groups from trusted domains " "directly while on a client it will ask an IPA server." @@ -10687,74 +10928,96 @@ msgstr "" "На сервері IPA SSSD шукатиме записи користувачів і груп із довірених доменів " "безпосередньо, хоча на клієнті SSSD надсилатиме запит на сервер IPA." +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:536 +msgid "" +"NOTE: There are currently some assumptions that must be met when SSSD is " +"running on an IPA server." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ipa.5.xml:541 +msgid "" +"The <quote>ipa_server</quote> option must be configured to point to the IPA " +"server itself. This is already the default set by the IPA installer, so no " +"manual change is required." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ipa.5.xml:550 +msgid "" +"The <quote>full_name_format</quote> option must not be tweaked to only print " +"short names for users from trusted domains." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:546 +#: sssd-ipa.5.xml:565 msgid "ipa_automount_location (string)" msgstr "ipa_automount_location (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:549 +#: sssd-ipa.5.xml:568 msgid "The automounter location this IPA client will be using" msgstr "" "Адреса автоматичного монтування, яку буде використовувати цей клієнт IPA" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:552 +#: sssd-ipa.5.xml:571 msgid "Default: The location named \"default\"" msgstr "Типове значення: адреса з назвою \"default\"" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:560 +#: sssd-ipa.5.xml:579 msgid "VIEWS AND OVERRIDES" msgstr "ПЕРЕГЛЯДИ і ПЕРЕВИЗНАЧЕННЯ" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:569 +#: sssd-ipa.5.xml:588 msgid "ipa_view_class (string)" msgstr "ipa_view_class (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:572 +#: sssd-ipa.5.xml:591 msgid "Objectclass of the view container." msgstr "Клас об’єктів для контейнерів перегляду." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:575 +#: sssd-ipa.5.xml:594 msgid "Default: nsContainer" msgstr "Типове значення: nsContainer" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:581 +#: sssd-ipa.5.xml:600 msgid "ipa_view_name (string)" msgstr "ipa_view_name (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:584 +#: sssd-ipa.5.xml:603 msgid "Name of the attribute holding the name of the view." msgstr "Назва атрибута, у якому зберігається назва перегляду." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:594 +#: sssd-ipa.5.xml:613 msgid "ipa_override_object_class (string)" msgstr "ipa_override_object_class (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:597 +#: sssd-ipa.5.xml:616 msgid "Objectclass of the override objects." msgstr "Клас об’єктів для об’єктів перевизначення" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:600 +#: sssd-ipa.5.xml:619 msgid "Default: ipaOverrideAnchor" msgstr "Типове значення: ipaOverrideAnchor" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:606 +#: sssd-ipa.5.xml:625 msgid "ipa_anchor_uuid (string)" msgstr "ipa_anchor_uuid (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:609 +#: sssd-ipa.5.xml:628 msgid "" "Name of the attribute containing the reference to the original object in a " "remote domain." @@ -10763,17 +11026,17 @@ msgstr "" "віддаленому домені." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:613 +#: sssd-ipa.5.xml:632 msgid "Default: ipaAnchorUUID" msgstr "Типове значення: ipaAnchorUUID" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:619 +#: sssd-ipa.5.xml:638 msgid "ipa_user_override_object_class (string)" msgstr "ipa_user_override_object_class (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:622 +#: sssd-ipa.5.xml:641 msgid "" "Name of the objectclass for user overrides. It is used to determine if the " "found override object is related to a user or a group." @@ -10783,57 +11046,57 @@ msgstr "" "або групою." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:627 +#: sssd-ipa.5.xml:646 msgid "User overrides can contain attributes given by" msgstr "Перевизначення користувачів можуть містити атрибути, задані" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:630 +#: sssd-ipa.5.xml:649 msgid "ldap_user_name" msgstr "ldap_user_name" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:633 +#: sssd-ipa.5.xml:652 msgid "ldap_user_uid_number" msgstr "ldap_user_uid_number" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:636 +#: sssd-ipa.5.xml:655 msgid "ldap_user_gid_number" msgstr "ldap_user_gid_number" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:639 +#: sssd-ipa.5.xml:658 msgid "ldap_user_gecos" msgstr "ldap_user_gecos" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:642 +#: sssd-ipa.5.xml:661 msgid "ldap_user_home_directory" msgstr "ldap_user_home_directory" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:645 +#: sssd-ipa.5.xml:664 msgid "ldap_user_shell" msgstr "ldap_user_shell" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:648 +#: sssd-ipa.5.xml:667 msgid "ldap_user_ssh_public_key" msgstr "ldap_user_ssh_public_key" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:653 +#: sssd-ipa.5.xml:672 msgid "Default: ipaUserOverride" msgstr "Типове значення: ipaUserOverride" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:659 +#: sssd-ipa.5.xml:678 msgid "ipa_group_override_object_class (string)" msgstr "ipa_group_override_object_class (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:662 +#: sssd-ipa.5.xml:681 msgid "" "Name of the objectclass for group overrides. It is used to determine if the " "found override object is related to a user or a group." @@ -10842,27 +11105,27 @@ msgstr "" "того, чи знайдений об’єкт перевизначення пов’язано з користувачем або групою." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:667 +#: sssd-ipa.5.xml:686 msgid "Group overrides can contain attributes given by" msgstr "Перевизначення груп можуть містити атрибути, задані" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:670 +#: sssd-ipa.5.xml:689 msgid "ldap_group_name" msgstr "ldap_group_name" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:673 +#: sssd-ipa.5.xml:692 msgid "ldap_group_gid_number" msgstr "ldap_group_gid_number" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:678 +#: sssd-ipa.5.xml:697 msgid "Default: ipaGroupOverride" msgstr "Типове значення: ipaGroupOverride" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:562 +#: sssd-ipa.5.xml:581 msgid "" "SSSD can handle views and overrides which are offered by FreeIPA 4.1 and " "later version. Since all paths and objectclasses are fixed on the server " @@ -10877,12 +11140,12 @@ msgstr "" "значеннями. <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ipa.5.xml:690 +#: sssd-ipa.5.xml:709 msgid "SUBDOMAINS PROVIDER" msgstr "СЛУЖБА ПІДДОМЕНІВ" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:692 +#: sssd-ipa.5.xml:711 msgid "" "The IPA subdomains provider behaves slightly differently if it is configured " "explicitly or implicitly." @@ -10891,7 +11154,7 @@ msgstr "" "спосіб його налаштовано: явний чи неявний." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:696 +#: sssd-ipa.5.xml:715 msgid "" "If the option 'subdomains_provider = ipa' is found in the domain section of " "sssd.conf, the IPA subdomains provider is configured explicitly, and all " @@ -10903,7 +11166,7 @@ msgstr "" "якщо це потрібно." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:702 +#: sssd-ipa.5.xml:721 msgid "" "If the option 'subdomains_provider' is not set in the domain section of sssd." "conf but there is the option 'id_provider = ipa', the IPA subdomains " @@ -10923,7 +11186,7 @@ msgstr "" "даних піддоменів буде знову увімкнено." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:719 +#: sssd-ipa.5.xml:738 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -10935,7 +11198,7 @@ msgstr "" "ipa." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:726 +#: sssd-ipa.5.xml:745 #, no-wrap msgid "" "[domain/example.com]\n" @@ -10976,12 +11239,19 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ad.5.xml:36 +#, fuzzy +#| msgid "" +#| "The AD provider is a back end used to connect to an Active Directory " +#| "server. This provider requires that the machine be joined to the AD " +#| "domain and a keytab is available. Back end communication occurs over a " +#| "GSSAPI-encrypted channel, SSL/TLS options should not be used with the AD " +#| "provider and will be superceded by Kerberos usage." msgid "" "The AD provider is a back end used to connect to an Active Directory server. " "This provider requires that the machine be joined to the AD domain and a " "keytab is available. Back end communication occurs over a GSSAPI-encrypted " "channel, SSL/TLS options should not be used with the AD provider and will be " -"superceded by Kerberos usage." +"superseded by Kerberos usage." msgstr "" "Засіб надання даних AD є модулем, який використовується для встановлення " "з'єднання із сервером Active Directory. Для роботи цього засобу надання " @@ -11059,8 +11329,16 @@ msgstr "" "паролів запуску від імені користувача (sudo) та використання autofs. У " "налаштовуванні керування доступом на боці клієнта немає потреби." +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ad.5.xml:79 +msgid "" +"If <quote>auth_provider=ad</quote> or <quote>access_provider=ad</quote> is " +"configured in sssd.conf then the id_provider must also be set to <quote>ad</" +"quote>." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:85 +#: sssd-ad.5.xml:91 #, no-wrap msgid "" "ldap_id_mapping = False\n" @@ -11070,16 +11348,31 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:79 +#: sssd-ad.5.xml:85 +#, fuzzy +#| msgid "" +#| "By default, the AD provider will map UID and GID values from the " +#| "objectSID parameter in Active Directory. For details on this, see the " +#| "<quote>ID MAPPING</quote> section below. If you want to disable ID " +#| "mapping and instead rely on POSIX attributes defined in Active Directory, " +#| "you should set <placeholder type=\"programlisting\" id=\"0\"/> In order " +#| "to retrieve users and groups using POSIX attributes from trusted domains, " +#| "the AD administrator must make sure that the POSIX attributes are " +#| "replicated to the Global Catalog." msgid "" "By default, the AD provider will map UID and GID values from the objectSID " "parameter in Active Directory. For details on this, see the <quote>ID " "MAPPING</quote> section below. If you want to disable ID mapping and instead " "rely on POSIX attributes defined in Active Directory, you should set " -"<placeholder type=\"programlisting\" id=\"0\"/> In order to retrieve users " -"and groups using POSIX attributes from trusted domains, the AD administrator " -"must make sure that the POSIX attributes are replicated to the Global " -"Catalog." +"<placeholder type=\"programlisting\" id=\"0\"/> If POSIX attributes should " +"be used, it is recommended for performance reasons that the attributes are " +"also replicated to the Global Catalog. If POSIX attributes are replicated, " +"SSSD will attempt to locate the domain of a requested numerical ID with the " +"help of the Global Catalog and only search that domain. In contrast, if " +"POSIX attributes are not replicated to the Global Catalog, SSSD must search " +"all the domains in the forest sequentially. Please note that the " +"<quote>cache_first</quote> option might be also helpful in speeding up " +"domainless searches." msgstr "" "Типово, модуль надання даних AD виконуватиме прив’язку до значень UID та GID " "з параметра objectSID у Active Directory. Докладніший опис наведено у " @@ -11092,7 +11385,7 @@ msgstr "" "загальному каталозі (Global Catalog)." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:92 +#: sssd-ad.5.xml:105 msgid "" "Users, groups and other entities served by SSSD are always treated as case-" "insensitive in the AD provider for compatibility with Active Directory's " @@ -11103,12 +11396,12 @@ msgstr "" "для забезпечення сумісності з реалізацією Active Directory у LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:107 +#: sssd-ad.5.xml:120 msgid "ad_domain (string)" msgstr "ad_domain (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:110 +#: sssd-ad.5.xml:123 msgid "" "Specifies the name of the Active Directory domain. This is optional. If not " "provided, the configuration domain name is used." @@ -11117,7 +11410,7 @@ msgstr "" "буде використано назву домену з налаштувань." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:115 +#: sssd-ad.5.xml:128 msgid "" "For proper operation, this option should be specified as the lower-case " "version of the long version of the Active Directory domain." @@ -11126,7 +11419,7 @@ msgstr "" "малими літерами повної версії назви домену Active Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:120 +#: sssd-ad.5.xml:133 msgid "" "The short domain name (also known as the NetBIOS or the flat name) is " "autodetected by the SSSD." @@ -11135,12 +11428,12 @@ msgstr "" "автоматично визначається засобами SSSD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:127 +#: sssd-ad.5.xml:140 msgid "ad_enabled_domains (string)" msgstr "ad_enabled_domains (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:130 +#: sssd-ad.5.xml:143 msgid "" "A comma-separated list of enabled Active Directory domains. If provided, " "SSSD will ignore any domains not listed in this option. If left unset, all " @@ -11152,7 +11445,7 @@ msgstr "" "домени з лісу AD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:140 +#: sssd-ad.5.xml:153 #, no-wrap msgid "" "ad_enabled_domains = sales.example.com, eng.example.com\n" @@ -11162,7 +11455,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:136 +#: sssd-ad.5.xml:149 msgid "" "For proper operation, this option must be specified in all lower-case and as " "the fully qualified domain name of the Active Directory domain. For example: " @@ -11173,7 +11466,7 @@ msgstr "" "<placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:144 +#: sssd-ad.5.xml:157 msgid "" "The short domain name (also known as the NetBIOS or the flat name) will be " "autodetected by SSSD." @@ -11182,12 +11475,12 @@ msgstr "" "автоматично визначається засобами SSSD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:154 +#: sssd-ad.5.xml:167 msgid "ad_server, ad_backup_server (string)" msgstr "ad_server, ad_backup_server (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:157 +#: sssd-ad.5.xml:170 msgid "" "The comma-separated list of hostnames of the AD servers to which SSSD should " "connect in order of preference. For more information on failover and server " @@ -11199,7 +11492,7 @@ msgstr "" "quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:164 +#: sssd-ad.5.xml:177 msgid "" "This is optional if autodiscovery is enabled. For more information on " "service discovery, refer to the <quote>SERVICE DISCOVERY</quote> section." @@ -11209,7 +11502,7 @@ msgstr "" "«ПОШУК СЛУЖБ»." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:169 +#: sssd-ad.5.xml:182 msgid "" "Note: Trusted domains will always auto-discover servers even if the primary " "server is explicitly defined in the ad_server option." @@ -11218,12 +11511,12 @@ msgstr "" "якщо основний сервер явним чином визначено у параметрі ad_server." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:177 +#: sssd-ad.5.xml:190 msgid "ad_hostname (string)" msgstr "ad_hostname (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:180 +#: sssd-ad.5.xml:193 msgid "" "Optional. May be set on machines where the hostname(5) does not reflect the " "fully qualified name used in the Active Directory domain to identify this " @@ -11234,7 +11527,7 @@ msgstr "" "розпізнавання цього вузла." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:186 +#: sssd-ad.5.xml:199 msgid "" "This field is used to determine the host principal in use in the keytab. It " "must match the hostname for which the keytab was issued." @@ -11244,12 +11537,12 @@ msgstr "" "вузла, для якого випущено таблицю ключів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:194 +#: sssd-ad.5.xml:207 msgid "ad_enable_dns_sites (boolean)" msgstr "ad_enable_dns_sites (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:201 +#: sssd-ad.5.xml:214 msgid "" "If true and service discovery (see Service Discovery paragraph at the bottom " "of the man page) is enabled, the SSSD will first attempt to discover the " @@ -11267,12 +11560,12 @@ msgstr "" "сайтів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:217 +#: sssd-ad.5.xml:230 msgid "ad_access_filter (string)" msgstr "ad_access_filter (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:220 +#: sssd-ad.5.xml:233 msgid "" "This option specifies LDAP access control filter that the user must match in " "order to be allowed access. Please note that the <quote>access_provider</" @@ -11285,7 +11578,7 @@ msgstr "" "значення «ad», щоб цей параметр почав діяти." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:228 +#: sssd-ad.5.xml:241 msgid "" "The option also supports specifying different filters per domain or forest. " "This extended filter would consist of: <quote>KEYWORD:NAME:FILTER</quote>. " @@ -11298,7 +11591,7 @@ msgstr "" "«FOREST» або ключове слово слід пропустити." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:236 +#: sssd-ad.5.xml:249 msgid "" "If the keyword equals to <quote>DOM</quote> or is missing, then <quote>NAME</" "quote> specifies the domain or subdomain the filter applies to. If the " @@ -11311,7 +11604,7 @@ msgstr "" "вказаного значенням «НАЗВА»." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:244 +#: sssd-ad.5.xml:257 msgid "" "Multiple filters can be separated with the <quote>?</quote> character, " "similarly to how search bases work." @@ -11320,7 +11613,7 @@ msgstr "" "визначення фільтрів у базах для пошуку." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:249 +#: sssd-ad.5.xml:262 msgid "" "Nested group membership must be searched for using a special OID " "<quote>:1.2.840.113556.1.4.1941:</quote> in addition to the full DOM:domain." @@ -11342,7 +11635,7 @@ msgstr "" "відповідності у LDAP</ulink>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:262 +#: sssd-ad.5.xml:275 msgid "" "The most specific match is always used. For example, if the option specified " "filter for a domain the user is a member of and a global filter, the per-" @@ -11356,7 +11649,7 @@ msgstr "" "специфікацією, використовуватиметься лише перший з них." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ad.5.xml:273 +#: sssd-ad.5.xml:286 #, no-wrap msgid "" "# apply filter on domain called dom1 only:\n" @@ -11386,12 +11679,12 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:292 +#: sssd-ad.5.xml:305 msgid "ad_site (string)" msgstr "ad_site (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:295 +#: sssd-ad.5.xml:308 msgid "" "Specify AD site to which client should try to connect. If this option is " "not provided, the AD site will be auto-discovered." @@ -11400,12 +11693,12 @@ msgstr "" "вказано, виконуватиметься спроба автоматичного визначення сайта AD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:306 +#: sssd-ad.5.xml:319 msgid "ad_enable_gc (boolean)" msgstr "ad_enable_gc (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:309 +#: sssd-ad.5.xml:322 msgid "" "By default, the SSSD connects to the Global Catalog first to retrieve users " "from trusted domains and uses the LDAP port to retrieve group memberships or " @@ -11419,7 +11712,7 @@ msgstr "" "SSSD встановлюватиме зв’язок лише з портом LDAP поточного сервера AD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:317 +#: sssd-ad.5.xml:330 msgid "" "Please note that disabling Global Catalog support does not disable " "retrieving users from trusted domains. The SSSD would connect to the LDAP " @@ -11434,12 +11727,12 @@ msgstr "" "групах для різних доменів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:331 +#: sssd-ad.5.xml:344 msgid "ad_gpo_access_control (string)" msgstr "ad_gpo_access_control (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:334 +#: sssd-ad.5.xml:347 msgid "" "This option specifies the operation mode for GPO-based access control " "functionality: whether it operates in disabled mode, enforcing mode, or " @@ -11454,7 +11747,7 @@ msgstr "" "«access_provider» значення «ad»." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:343 +#: sssd-ad.5.xml:356 msgid "" "GPO-based access control functionality uses GPO policy settings to determine " "whether or not a particular user is allowed to logon to a particular host." @@ -11464,7 +11757,15 @@ msgstr "" "користувач увійти до системи певного вузла мережі." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:349 +#: sssd-ad.5.xml:362 +msgid "" +"NOTE: The current version of SSSD does not support host (computer) entries " +"in the GPO 'Security Filtering' list. Only user and group entries are " +"supported. Host entries in the list have no effect." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:369 msgid "" "NOTE: If the operation mode is set to enforcing, it is possible that users " "that were previously allowed logon access will now be denied logon access " @@ -11487,12 +11788,12 @@ msgstr "" "режиму (enforcing)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:362 +#: sssd-ad.5.xml:382 msgid "There are three supported values for this option:" msgstr "У цього параметра є три підтримуваних значення:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:366 +#: sssd-ad.5.xml:386 msgid "" "disabled: GPO-based access control rules are neither evaluated nor enforced." msgstr "" @@ -11500,14 +11801,14 @@ msgstr "" "використовуються примусово." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:372 +#: sssd-ad.5.xml:392 msgid "enforcing: GPO-based access control rules are evaluated and enforced." msgstr "" "enforcing: правила керування доступом, засновані на GPO, обробляються і " "використовуються примусово." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:378 +#: sssd-ad.5.xml:398 msgid "" "permissive: GPO-based access control rules are evaluated, but not enforced. " "Instead, a syslog message will be emitted indicating that the user would " @@ -11520,22 +11821,22 @@ msgstr "" "enforcing." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:389 +#: sssd-ad.5.xml:409 msgid "Default: permissive" msgstr "Типове значення: permissive" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:392 +#: sssd-ad.5.xml:412 msgid "Default: enforcing" msgstr "Типове значення: enforcing" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:398 +#: sssd-ad.5.xml:418 msgid "ad_gpo_cache_timeout (integer)" msgstr "ad_gpo_cache_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:401 +#: sssd-ad.5.xml:421 msgid "" "The amount of time between lookups of GPO policy files against the AD " "server. This will reduce the latency and load on the AD server if there are " @@ -11546,12 +11847,12 @@ msgstr "" "короткого періоду часу надходить багато запитів щодо керування доступом." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:414 +#: sssd-ad.5.xml:434 msgid "ad_gpo_map_interactive (string)" msgstr "ad_gpo_map_interactive (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:417 +#: sssd-ad.5.xml:437 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the InteractiveLogonRight and " @@ -11562,7 +11863,7 @@ msgstr "" "InteractiveLogonRight і DenyInteractiveLogonRight." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:423 +#: sssd-ad.5.xml:443 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on locally\" and \"Deny log on locally\"." @@ -11572,7 +11873,7 @@ msgstr "" "вхід» («Deny log on locally»)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:437 +#: sssd-ad.5.xml:457 #, no-wrap msgid "" "ad_gpo_map_interactive = +my_pam_service, -login\n" @@ -11582,7 +11883,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:428 +#: sssd-ad.5.xml:448 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -11601,79 +11902,79 @@ msgstr "" "\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:441 sssd-ad.5.xml:537 sssd-ad.5.xml:583 sssd-ad.5.xml:628 -#: sssd-ad.5.xml:694 +#: sssd-ad.5.xml:461 sssd-ad.5.xml:557 sssd-ad.5.xml:603 sssd-ad.5.xml:648 +#: sssd-ad.5.xml:714 msgid "Default: the default set of PAM service names includes:" msgstr "" "Типове значення: типовий набір назв служб PAM складається з таких значень:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:445 +#: sssd-ad.5.xml:465 msgid "login" msgstr "login" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:450 +#: sssd-ad.5.xml:470 msgid "su" msgstr "su" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:455 +#: sssd-ad.5.xml:475 msgid "su-l" msgstr "su-l" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:460 +#: sssd-ad.5.xml:480 msgid "gdm-fingerprint" msgstr "gdm-fingerprint" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:465 +#: sssd-ad.5.xml:485 msgid "gdm-password" msgstr "gdm-password" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:470 +#: sssd-ad.5.xml:490 msgid "gdm-smartcard" msgstr "gdm-smartcard" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:475 +#: sssd-ad.5.xml:495 msgid "kdm" msgstr "kdm" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:480 +#: sssd-ad.5.xml:500 msgid "lightdm" msgstr "lightdm" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:485 +#: sssd-ad.5.xml:505 msgid "lxdm" msgstr "lxdm" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:490 +#: sssd-ad.5.xml:510 msgid "sddm" msgstr "sddm" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:495 +#: sssd-ad.5.xml:515 msgid "unity" msgstr "unity" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:500 +#: sssd-ad.5.xml:520 msgid "xdm" msgstr "xdm" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:509 +#: sssd-ad.5.xml:529 msgid "ad_gpo_map_remote_interactive (string)" msgstr "ad_gpo_map_remote_interactive (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:512 +#: sssd-ad.5.xml:532 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the RemoteInteractiveLogonRight and " @@ -11684,7 +11985,7 @@ msgstr "" "DenyRemoteInteractiveLogonRight." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:518 +#: sssd-ad.5.xml:538 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on through Remote Desktop Services\" and \"Deny log on through Remote " @@ -11696,7 +11997,7 @@ msgstr "" "служб віддаленої стільниці» («Deny log on through Remote Desktop Services»)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:533 +#: sssd-ad.5.xml:553 #, no-wrap msgid "" "ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n" @@ -11706,7 +12007,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:524 +#: sssd-ad.5.xml:544 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -11725,22 +12026,22 @@ msgstr "" "\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:541 +#: sssd-ad.5.xml:561 msgid "sshd" msgstr "sshd" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:546 +#: sssd-ad.5.xml:566 msgid "cockpit" msgstr "cockpit" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:555 +#: sssd-ad.5.xml:575 msgid "ad_gpo_map_network (string)" msgstr "ad_gpo_map_network (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:558 +#: sssd-ad.5.xml:578 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the NetworkLogonRight and " @@ -11751,7 +12052,7 @@ msgstr "" "DenyNetworkLogonRight." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:564 +#: sssd-ad.5.xml:584 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Access " "this computer from the network\" and \"Deny access to this computer from the " @@ -11763,7 +12064,7 @@ msgstr "" "мережі» (Deny access to this computer from the network»)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:579 +#: sssd-ad.5.xml:599 #, no-wrap msgid "" "ad_gpo_map_network = +my_pam_service, -ftp\n" @@ -11773,7 +12074,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:570 +#: sssd-ad.5.xml:590 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -11792,22 +12093,22 @@ msgstr "" "\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:587 +#: sssd-ad.5.xml:607 msgid "ftp" msgstr "ftp" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:592 +#: sssd-ad.5.xml:612 msgid "samba" msgstr "samba" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:601 +#: sssd-ad.5.xml:621 msgid "ad_gpo_map_batch (string)" msgstr "ad_gpo_map_batch (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:604 +#: sssd-ad.5.xml:624 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " @@ -11818,7 +12119,7 @@ msgstr "" "DenyBatchLogonRight." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:610 +#: sssd-ad.5.xml:630 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a batch job\" and \"Deny log on as a batch job\"." @@ -11828,7 +12129,7 @@ msgstr "" "job») і «Заборонити вхід як пакетне завдання» («Deny log on as a batch job»)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:624 +#: sssd-ad.5.xml:644 #, no-wrap msgid "" "ad_gpo_map_batch = +my_pam_service, -crond\n" @@ -11838,7 +12139,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:615 +#: sssd-ad.5.xml:635 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -11857,17 +12158,17 @@ msgstr "" "\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:632 +#: sssd-ad.5.xml:652 msgid "crond" msgstr "crond" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:641 +#: sssd-ad.5.xml:661 msgid "ad_gpo_map_service (string)" msgstr "ad_gpo_map_service (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:644 +#: sssd-ad.5.xml:664 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the ServiceLogonRight and " @@ -11878,7 +12179,7 @@ msgstr "" "DenyServiceLogonRight." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:650 +#: sssd-ad.5.xml:670 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a service\" and \"Deny log on as a service\"." @@ -11888,7 +12189,7 @@ msgstr "" "«Заборонити вхід як службу» («Deny log on as a service»)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:663 +#: sssd-ad.5.xml:683 #, no-wrap msgid "" "ad_gpo_map_service = +my_pam_service\n" @@ -11898,7 +12199,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:655 sssd-ad.5.xml:730 +#: sssd-ad.5.xml:675 sssd-ad.5.xml:750 msgid "" "It is possible to add a PAM service name to the default set by using <quote>" "+service_name</quote>. Since the default set is empty, it is not possible " @@ -11915,12 +12216,12 @@ msgstr "" "\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:673 +#: sssd-ad.5.xml:693 msgid "ad_gpo_map_permit (string)" msgstr "ad_gpo_map_permit (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:676 +#: sssd-ad.5.xml:696 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always granted, regardless of any GPO Logon Rights." @@ -11929,7 +12230,7 @@ msgstr "" "основі GPO, незалежно від будь-яких прав входу GPO." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:690 +#: sssd-ad.5.xml:710 #, no-wrap msgid "" "ad_gpo_map_permit = +my_pam_service, -sudo\n" @@ -11939,7 +12240,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:681 +#: sssd-ad.5.xml:701 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -11958,32 +12259,32 @@ msgstr "" "type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:698 +#: sssd-ad.5.xml:718 msgid "polkit-1" msgstr "polkit-1" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:703 +#: sssd-ad.5.xml:723 msgid "sudo" msgstr "sudo" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:708 +#: sssd-ad.5.xml:728 msgid "sudo-i" msgstr "sudo-i" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:713 +#: sssd-ad.5.xml:733 msgid "systemd-user" msgstr "systemd-user" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:722 +#: sssd-ad.5.xml:742 msgid "ad_gpo_map_deny (string)" msgstr "ad_gpo_map_deny (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:725 +#: sssd-ad.5.xml:745 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always denied, regardless of any GPO Logon Rights." @@ -11992,7 +12293,7 @@ msgstr "" "на основі GPO, незалежно від будь-яких прав входу GPO." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:738 +#: sssd-ad.5.xml:758 #, no-wrap msgid "" "ad_gpo_map_deny = +my_pam_service\n" @@ -12002,12 +12303,12 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:748 +#: sssd-ad.5.xml:768 msgid "ad_gpo_default_right (string)" msgstr "ad_gpo_default_right (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:751 +#: sssd-ad.5.xml:771 msgid "" "This option defines how access control is evaluated for PAM service names " "that are not explicitly listed in one of the ad_gpo_map_* options. This " @@ -12029,57 +12330,57 @@ msgstr "" "забороняла доступ для непов’язаних назв служб PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:764 +#: sssd-ad.5.xml:784 msgid "Supported values for this option include:" msgstr "Передбачені значення для цього параметра:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:768 +#: sssd-ad.5.xml:788 msgid "interactive" msgstr "interactive" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:773 +#: sssd-ad.5.xml:793 msgid "remote_interactive" msgstr "remote_interactive" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:778 +#: sssd-ad.5.xml:798 msgid "network" msgstr "network" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:783 +#: sssd-ad.5.xml:803 msgid "batch" msgstr "batch" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:788 +#: sssd-ad.5.xml:808 msgid "service" msgstr "service" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:793 +#: sssd-ad.5.xml:813 msgid "permit" msgstr "permit" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:798 +#: sssd-ad.5.xml:818 msgid "deny" msgstr "deny" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:804 +#: sssd-ad.5.xml:824 msgid "Default: deny" msgstr "Типове значення: deny" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:810 +#: sssd-ad.5.xml:830 msgid "ad_maximum_machine_account_password_age (integer)" msgstr "ad_maximum_machine_account_password_age (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:813 +#: sssd-ad.5.xml:833 msgid "" "SSSD will check once a day if the machine account password is older than the " "given age in days and try to renew it. A value of 0 will disable the renewal " @@ -12090,17 +12391,17 @@ msgstr "" "Значення 0 вимкне спроби оновлення." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:819 +#: sssd-ad.5.xml:839 msgid "Default: 30 days" msgstr "Типове значення: 30 днів" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:825 +#: sssd-ad.5.xml:845 msgid "ad_machine_account_password_renewal_opts (string)" msgstr "ad_machine_account_password_renewal_opts (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:828 +#: sssd-ad.5.xml:848 #, fuzzy #| msgid "" #| "This option should only be used to test the machine account renewal task. " @@ -12122,12 +12423,12 @@ msgstr "" "— визначає початковий час очікування на перший запуск завдання." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:837 +#: sssd-ad.5.xml:857 msgid "Default: 86400:750 (24h and 15m)" msgstr "Типове значення: 86400:750 (24 годин і 15 хвилин)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:846 +#: sssd-ad.5.xml:866 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -12144,12 +12445,12 @@ msgstr "" "якщо цю адресу не було змінено за допомогою параметра «dyndns_iface»." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:876 +#: sssd-ad.5.xml:896 msgid "Default: 3600 (seconds)" msgstr "Типове значення: 3600 (секунд)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:892 +#: sssd-ad.5.xml:912 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" @@ -12158,7 +12459,7 @@ msgstr "" "для з’єднання LDAP AD" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:905 +#: sssd-ad.5.xml:925 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -12175,12 +12476,12 @@ msgstr "" "значення." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:928 sss_rpcidmapd.5.xml:76 +#: sssd-ad.5.xml:948 sss_rpcidmapd.5.xml:76 msgid "Default: True" msgstr "Типове значення: True" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1020 +#: sssd-ad.5.xml:1040 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -12191,7 +12492,7 @@ msgstr "" "У прикладі продемонстровано лише параметри доступу, специфічні для засобу AD." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1027 +#: sssd-ad.5.xml:1047 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -12215,7 +12516,7 @@ msgstr "" "ad_domain = example.com\n" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1047 +#: sssd-ad.5.xml:1067 #, no-wrap msgid "" "access_provider = ldap\n" @@ -12227,7 +12528,7 @@ msgstr "" "ldap_account_expire_policy = ad\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1043 +#: sssd-ad.5.xml:1063 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -12239,7 +12540,7 @@ msgstr "" "\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1053 +#: sssd-ad.5.xml:1073 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -12254,7 +12555,7 @@ msgstr "" "шифрування) вручну." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1061 +#: sssd-ad.5.xml:1081 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " @@ -12681,33 +12982,89 @@ msgstr "" "зберігаються у <filename>/var/log/sssd</filename>, передбачено також окремий " "журнал для кожної служби і домену SSSD." +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:94 +msgid "" +"This option is deprecated. It is replaced by <option>--logger=files</option>." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:97 +#: sssd.8.xml:101 +#, fuzzy +#| msgid "<option>--debug</option> <replaceable>LEVEL</replaceable>" +msgid "<option>--logger=</option><replaceable>value</replaceable>" +msgstr "<option>--debug</option> <replaceable>РІВЕНЬ</replaceable>" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:105 +msgid "" +"Location where SSSD will send log messages. This option overrides the value " +"of the deprecated option <option>--debug-to-files</option>. The deprecated " +"option will still work if the <option>--logger</option> is not used." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:112 +#, fuzzy +#| msgid "<emphasis>1</emphasis>: Add a timestamp to the debug messages" +msgid "" +"<emphasis>stderr</emphasis>: Redirect debug messages to standard error " +"output." +msgstr "" +"<emphasis>1</emphasis>: додати часову позначку до діагностичних повідомлень." + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:116 +#, fuzzy +#| msgid "" +#| "Send the debug output to files instead of stderr. By default, the log " +#| "files are stored in <filename>/var/log/sssd</filename> and there are " +#| "separate log files for every SSSD service and domain." +msgid "" +"<emphasis>files</emphasis>: Redirect debug messages to the log files. By " +"default, the log files are stored in <filename>/var/log/sssd</filename> and " +"there are separate log files for every SSSD service and domain." +msgstr "" +"Надіслати діагностичні дані до файлів, а не до stderr. Типово файли журналів " +"зберігаються у <filename>/var/log/sssd</filename>, передбачено також окремий " +"журнал для кожної служби і домену SSSD." + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:122 +#, fuzzy +#| msgid "<emphasis>1</emphasis>: Add a timestamp to the debug messages" +msgid "" +"<emphasis>journald</emphasis>: Redirect debug messages to systemd-journald" +msgstr "" +"<emphasis>1</emphasis>: додати часову позначку до діагностичних повідомлень." + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sssd.8.xml:132 msgid "<option>-D</option>,<option>--daemon</option>" msgstr "<option>-D</option>,<option>--daemon</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:101 +#: sssd.8.xml:136 msgid "Become a daemon after starting up." msgstr "Перейти у режим фонової служби після запуску." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:107 sss_seed.8.xml:136 +#: sssd.8.xml:142 sss_seed.8.xml:136 msgid "<option>-i</option>,<option>--interactive</option>" msgstr "<option>-i</option>,<option>--interactive</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:111 +#: sssd.8.xml:146 msgid "Run in the foreground, don't become a daemon." msgstr "Запустити програму у звичайному режимі, не створювати фонової служби." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:117 +#: sssd.8.xml:152 msgid "<option>-c</option>,<option>--config</option>" msgstr "<option>-c</option>,<option>--config</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:121 +#: sssd.8.xml:156 msgid "" "Specify a non-default config file. The default is <filename>/etc/sssd/sssd." "conf</filename>. For reference on the config file syntax and options, " @@ -12721,27 +13078,27 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:135 +#: sssd.8.xml:170 msgid "<option>--version</option>" msgstr "<option>--version</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:139 +#: sssd.8.xml:174 msgid "Print version number and exit." msgstr "Вивести номер версії і завершити роботу." #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.8.xml:147 +#: sssd.8.xml:182 msgid "Signals" msgstr "Сигнали" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:150 +#: sssd.8.xml:185 msgid "SIGTERM/SIGINT" msgstr "SIGTERM/SIGINT" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:153 +#: sssd.8.xml:188 msgid "" "Informs the SSSD to gracefully terminate all of its child processes and then " "shut down the monitor." @@ -12750,12 +13107,12 @@ msgstr "" "а потім завершити роботу монітора." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:159 +#: sssd.8.xml:194 msgid "SIGHUP" msgstr "SIGHUP" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:162 +#: sssd.8.xml:197 msgid "" "Tells the SSSD to stop writing to its current debug file descriptors and to " "close and reopen them. This is meant to facilitate log rolling with programs " @@ -12767,12 +13124,12 @@ msgstr "" "програм, подібних до logrotate." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:170 +#: sssd.8.xml:205 msgid "SIGUSR1" msgstr "SIGUSR1" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:173 +#: sssd.8.xml:208 msgid "" "Tells the SSSD to simulate offline operation for the duration of the " "<quote>offline_timeout</quote> parameter. This is useful for testing. The " @@ -12785,12 +13142,12 @@ msgstr "" "безпосередньо." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:182 +#: sssd.8.xml:217 msgid "SIGUSR2" msgstr "SIGUSR2" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:185 +#: sssd.8.xml:220 msgid "" "Tells the SSSD to go online immediately. This is useful for testing. The " "signal can be sent to either the sssd process or any sssd_be process " @@ -12801,7 +13158,7 @@ msgstr "" "sssd, або процесу sssd_be безпосередньо." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.8.xml:197 +#: sssd.8.xml:232 msgid "" "If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", client " "applications will not use the fast in memory cache." @@ -15790,12 +16147,21 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-secrets.5.xml:45 +#, fuzzy +#| msgid "" +#| "The <ulink url=\"https://github.com/latchset/custodia\">custodia</ulink> " +#| "project was born to deal with this problem in cloud like environments, " +#| "but we found the idea compelling even at a single system level. As a " +#| "security service, SSSD is ideal to host this capability while offering " +#| "the same API via a Unix Socket. This will make it possible to use local " +#| "calls and have them transparently routed to a local or a remote key " +#| "management store like IPA Vault for storage, escrow and recovery." msgid "" "The <ulink url=\"https://github.com/latchset/custodia\">custodia</ulink> " "project was born to deal with this problem in cloud like environments, but " "we found the idea compelling even at a single system level. As a security " "service, SSSD is ideal to host this capability while offering the same API " -"via a Unix Socket. This will make it possible to use local calls and have " +"via a UNIX Socket. This will make it possible to use local calls and have " "them transparently routed to a local or a remote key management store like " "IPA Vault for storage, escrow and recovery." msgstr "" @@ -19080,6 +19446,13 @@ msgstr "ldap_group_objectsid = ipaNTSecurityIdentifier" msgid "ldap_group_external_member = ipaExternalMember" msgstr "ldap_group_external_member = ipaExternalMember" +#~ msgid "" +#~ "Determines if a domain can be enumerated. This parameter can have one of " +#~ "the following values:" +#~ msgstr "" +#~ "Визначає, чи можна нумерувати домен. Цей параметр може мати одне з таких " +#~ "значень:" + #~ msgid "Default: no set in the general case, userCertificate;binary for IPA" #~ msgstr "" #~ "Типове значення: не встановлено у загальному випадку, userCertificate;" diff --git a/src/man/po/zh_CN.po b/src/man/po/zh_CN.po index da187e42db8..3d0e5857aa3 100644 --- a/src/man/po/zh_CN.po +++ b/src/man/po/zh_CN.po @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: sssd-docs 1.15.3\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2017-10-20 16:15+0200\n" +"POT-Creation-Date: 2018-03-09 12:30+0100\n" "PO-Revision-Date: 2014-12-15 12:16-0500\n" "Last-Translator: Copied by Zanata <copied-by-zanata@zanata.org>\n" "Language-Team: Chinese (China) (http://www.transifex.com/projects/p/sssd/" @@ -300,9 +300,9 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:133 sssd.conf.5.xml:543 sssd.conf.5.xml:837 -#: sssd.conf.5.xml:1467 sssd-ldap.5.xml:1722 sssd-ldap.5.xml:1819 -#: sssd-ldap.5.xml:1881 sssd-ldap.5.xml:2447 sssd-ldap.5.xml:2512 -#: sssd-ldap.5.xml:2530 sssd-ad.5.xml:211 sssd-ad.5.xml:325 sssd-ad.5.xml:862 +#: sssd.conf.5.xml:1474 sssd-ldap.5.xml:1840 sssd-ldap.5.xml:1937 +#: sssd-ldap.5.xml:1999 sssd-ldap.5.xml:2565 sssd-ldap.5.xml:2630 +#: sssd-ldap.5.xml:2648 sssd-ad.5.xml:224 sssd-ad.5.xml:338 sssd-ad.5.xml:882 #: sssd-krb5.5.xml:499 sssd-secrets.5.xml:351 sssd-secrets.5.xml:364 msgid "Default: true" msgstr "" @@ -321,16 +321,16 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:146 sssd.conf.5.xml:540 sssd.conf.5.xml:721 -#: sssd.conf.5.xml:1400 sssd.conf.5.xml:2865 sssd-ldap.5.xml:708 -#: sssd-ldap.5.xml:1596 sssd-ldap.5.xml:1615 sssd-ldap.5.xml:1791 -#: sssd-ldap.5.xml:2217 sssd-ipa.5.xml:145 sssd-ipa.5.xml:232 -#: sssd-ipa.5.xml:540 sssd-krb5.5.xml:266 sssd-krb5.5.xml:300 +#: sssd.conf.5.xml:1407 sssd.conf.5.xml:2925 sssd-ldap.5.xml:708 +#: sssd-ldap.5.xml:1714 sssd-ldap.5.xml:1733 sssd-ldap.5.xml:1909 +#: sssd-ldap.5.xml:2335 sssd-ipa.5.xml:151 sssd-ipa.5.xml:238 +#: sssd-ipa.5.xml:559 sssd-krb5.5.xml:266 sssd-krb5.5.xml:300 #: sssd-krb5.5.xml:471 msgid "Default: false" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2255 +#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2373 #: sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 sssd-systemtap.5.xml:210 #: sssd-systemtap.5.xml:248 sssd-systemtap.5.xml:304 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" @@ -355,8 +355,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:169 sssd.conf.5.xml:1352 sssd.conf.5.xml:2881 -#: sssd-ldap.5.xml:1467 include/ldap_id_mapping.xml:264 +#: sssd.conf.5.xml:169 sssd.conf.5.xml:1359 sssd.conf.5.xml:2941 +#: sssd-ldap.5.xml:1585 include/ldap_id_mapping.xml:264 msgid "Default: 10" msgstr "" @@ -371,7 +371,7 @@ msgid "The [sssd] section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:191 sssd.conf.5.xml:2970 +#: sssd.conf.5.xml:191 sssd.conf.5.xml:3030 msgid "Section parameters" msgstr "" @@ -397,7 +397,7 @@ msgstr "服务" msgid "" "Comma separated list of services that are started when sssd itself starts. " "<phrase condition=\"have_systemd\"> The services' list is optional on " -"platforms where systemd is supported, as they will either be socket or dbus " +"platforms where systemd is supported, as they will either be socket or D-Bus " "activated when needed. </phrase>" msgstr "" @@ -451,7 +451,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:259 sssd.conf.5.xml:2508 +#: sssd.conf.5.xml:259 sssd.conf.5.xml:2539 msgid "re_expression (string)" msgstr "" @@ -471,12 +471,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:276 sssd.conf.5.xml:2559 +#: sssd.conf.5.xml:276 sssd.conf.5.xml:2590 msgid "full_name_format (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:279 sssd.conf.5.xml:2562 +#: sssd.conf.5.xml:279 sssd.conf.5.xml:2593 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -484,39 +484,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:290 sssd.conf.5.xml:2573 +#: sssd.conf.5.xml:290 sssd.conf.5.xml:2604 msgid "%1$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:291 sssd.conf.5.xml:2574 +#: sssd.conf.5.xml:291 sssd.conf.5.xml:2605 msgid "user name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:294 sssd.conf.5.xml:2577 +#: sssd.conf.5.xml:294 sssd.conf.5.xml:2608 msgid "%2$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:297 sssd.conf.5.xml:2580 +#: sssd.conf.5.xml:297 sssd.conf.5.xml:2611 msgid "domain name as specified in the SSSD config file." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:303 sssd.conf.5.xml:2586 +#: sssd.conf.5.xml:303 sssd.conf.5.xml:2617 msgid "%3$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:306 sssd.conf.5.xml:2589 +#: sssd.conf.5.xml:306 sssd.conf.5.xml:2620 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:287 sssd.conf.5.xml:2570 +#: sssd.conf.5.xml:287 sssd.conf.5.xml:2601 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -640,12 +640,13 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:418 sssd.conf.5.xml:1156 sssd-ldap.5.xml:679 -#: sssd-ldap.5.xml:1555 sssd-ldap.5.xml:1567 sssd-ldap.5.xml:1649 -#: sssd-ad.5.xml:667 sssd-ad.5.xml:742 sssd-krb5.5.xml:410 sssd-krb5.5.xml:556 -#: sssd-secrets.5.xml:339 sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 -#: sssd-secrets.5.xml:404 sssd-secrets.5.xml:415 -#: include/ldap_id_mapping.xml:205 include/ldap_id_mapping.xml:216 +#: sssd.conf.5.xml:418 sssd.conf.5.xml:1163 sssd-ldap.5.xml:679 +#: sssd-ldap.5.xml:1319 sssd-ldap.5.xml:1673 sssd-ldap.5.xml:1685 +#: sssd-ldap.5.xml:1767 sssd-ad.5.xml:687 sssd-ad.5.xml:762 sssd.8.xml:126 +#: sssd-krb5.5.xml:410 sssd-krb5.5.xml:556 sssd-secrets.5.xml:339 +#: sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 sssd-secrets.5.xml:404 +#: sssd-secrets.5.xml:415 include/ldap_id_mapping.xml:205 +#: include/ldap_id_mapping.xml:216 msgid "Default: not set" msgstr "" @@ -832,8 +833,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:587 sssd.conf.5.xml:1364 sssd.conf.5.xml:2931 -#: sssd-ad.5.xml:148 sssd-ad.5.xml:286 sssd-ad.5.xml:300 +#: sssd.conf.5.xml:587 sssd.conf.5.xml:1371 sssd.conf.5.xml:2991 +#: sssd-ad.5.xml:161 sssd-ad.5.xml:299 sssd-ad.5.xml:313 msgid "Default: Not set" msgstr "" @@ -909,7 +910,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:655 sssd.conf.5.xml:687 sssd.conf.5.xml:968 -#: sssd.conf.5.xml:1222 sssd-ldap.5.xml:1294 +#: sssd.conf.5.xml:1229 sssd-ldap.5.xml:1412 msgid "Default: 60" msgstr "" @@ -964,12 +965,12 @@ msgid "" "resource exhaustion on the system. The minimum acceptable value for this " "option is 60 seconds. Setting this option to 0 (zero) means that no timeout " "will be set up to the responder. This option only has effect when SSSD is " -"built with systemd support and when services are either socket or dbus " +"built with systemd support and when services are either socket or D-Bus " "activated." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:709 sssd.conf.5.xml:980 sssd.conf.5.xml:1559 +#: sssd.conf.5.xml:709 sssd.conf.5.xml:981 sssd.conf.5.xml:1566 #: sssd-ldap.5.xml:722 msgid "Default: 300" msgstr "" @@ -1047,7 +1048,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:775 sssd.conf.5.xml:1421 +#: sssd.conf.5.xml:775 sssd.conf.5.xml:1428 msgid "Default: 50" msgstr "" @@ -1065,7 +1066,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:789 sssd.conf.5.xml:1445 +#: sssd.conf.5.xml:789 sssd.conf.5.xml:1452 msgid "Default: 15" msgstr "" @@ -1082,7 +1083,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:802 sssd.conf.5.xml:1210 sssd.conf.5.xml:2815 sssd.8.xml:79 +#: sssd.conf.5.xml:802 sssd.conf.5.xml:1217 sssd.conf.5.xml:2846 sssd.8.xml:79 msgid "Default: 0" msgstr "" @@ -1152,7 +1153,7 @@ msgid "" msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:856 sssd.conf.5.xml:1289 sssd.conf.5.xml:1308 +#: sssd.conf.5.xml:856 sssd.conf.5.xml:1296 sssd.conf.5.xml:1315 #: sssd-krb5.5.xml:539 include/override_homedir.xml:59 msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" @@ -1286,12 +1287,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:961 sssd.conf.5.xml:1215 +#: sssd.conf.5.xml:961 sssd.conf.5.xml:1222 msgid "get_domains_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:964 sssd.conf.5.xml:1218 +#: sssd.conf.5.xml:964 sssd.conf.5.xml:1225 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." @@ -1306,23 +1307,30 @@ msgstr "" #: sssd.conf.5.xml:976 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " -"valid." +"valid. Setting this option to zero will disable the in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:983 +#: sssd.conf.5.xml:984 +msgid "" +"WARNING: Disabling the in-memory cache will have significant negative impact " +"on SSSD's performance and should only be used for testing." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:990 msgid "" "NOTE: If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", " "client applications will not use the fast in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:991 sssd-ifp.5.xml:74 +#: sssd.conf.5.xml:998 sssd-ifp.5.xml:74 msgid "user_attributes (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:994 +#: sssd.conf.5.xml:1001 msgid "" "Some of the additional NSS responder requests can return more attributes " "than just the POSIX ones defined by the NSS interface. The list of " @@ -1333,96 +1341,96 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1007 +#: sssd.conf.5.xml:1014 msgid "" "To make configuration more easy the NSS responder will check the InfoPipe " "option if it is not set for the NSS responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1012 +#: sssd.conf.5.xml:1019 msgid "Default: not set, fallback to InfoPipe option" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1017 +#: sssd.conf.5.xml:1024 msgid "pwfield (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1020 +#: sssd.conf.5.xml:1027 msgid "" "The value that NSS operations that return users or groups will return for " "the <quote>password</quote> field." msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:1025 include/override_homedir.xml:56 +#: sssd.conf.5.xml:1032 include/override_homedir.xml:56 msgid "This option can also be set per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1028 +#: sssd.conf.5.xml:1035 msgid "" "Default: <quote>*</quote> (remote domains) or <quote>x</quote> (the files " "domain)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1036 +#: sssd.conf.5.xml:1043 msgid "PAM configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1038 +#: sssd.conf.5.xml:1045 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1043 +#: sssd.conf.5.xml:1050 msgid "offline_credentials_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1046 +#: sssd.conf.5.xml:1053 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1051 sssd.conf.5.xml:1064 +#: sssd.conf.5.xml:1058 sssd.conf.5.xml:1071 msgid "Default: 0 (No limit)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1057 +#: sssd.conf.5.xml:1064 msgid "offline_failed_login_attempts (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1060 +#: sssd.conf.5.xml:1067 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1070 +#: sssd.conf.5.xml:1077 msgid "offline_failed_login_delay (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1073 +#: sssd.conf.5.xml:1080 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1078 +#: sssd.conf.5.xml:1085 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -1430,59 +1438,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1084 sssd.conf.5.xml:1182 +#: sssd.conf.5.xml:1091 sssd.conf.5.xml:1189 msgid "Default: 5" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1090 +#: sssd.conf.5.xml:1097 msgid "pam_verbosity (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1093 +#: sssd.conf.5.xml:1100 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1098 +#: sssd.conf.5.xml:1105 msgid "Currently sssd supports the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1101 +#: sssd.conf.5.xml:1108 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1104 +#: sssd.conf.5.xml:1111 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1108 +#: sssd.conf.5.xml:1115 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1111 +#: sssd.conf.5.xml:1118 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1115 sssd.8.xml:63 +#: sssd.conf.5.xml:1122 sssd.8.xml:63 msgid "Default: 1" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1121 +#: sssd.conf.5.xml:1128 msgid "pam_response_filter (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1124 +#: sssd.conf.5.xml:1131 msgid "" "A comma separated list of strings which allows to remove (filter) data sent " "by the PAM responder to pam_sss PAM module. There are different kind of " @@ -1491,61 +1499,61 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1132 +#: sssd.conf.5.xml:1139 msgid "" "While messages already can be controlled with the help of the pam_verbosity " "option this option allows to filter out other kind of responses as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1139 +#: sssd.conf.5.xml:1146 msgid "ENV" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1140 +#: sssd.conf.5.xml:1147 msgid "Do not send any environment variables to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1143 +#: sssd.conf.5.xml:1150 msgid "ENV:var_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1144 +#: sssd.conf.5.xml:1151 msgid "Do not send environment variable var_name to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1148 +#: sssd.conf.5.xml:1155 msgid "ENV:var_name:service" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1149 +#: sssd.conf.5.xml:1156 msgid "Do not send environment variable var_name to service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1137 +#: sssd.conf.5.xml:1144 msgid "" "Currently the following filters are supported: <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1159 +#: sssd.conf.5.xml:1166 msgid "Example: ENV:KRB5CCNAME:sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1165 +#: sssd.conf.5.xml:1172 msgid "pam_id_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1168 +#: sssd.conf.5.xml:1175 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1553,7 +1561,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1174 +#: sssd.conf.5.xml:1181 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -1562,17 +1570,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1188 +#: sssd.conf.5.xml:1195 msgid "pam_pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1191 sssd.conf.5.xml:2010 +#: sssd.conf.5.xml:1198 sssd.conf.5.xml:2028 msgid "Display a warning N days before the password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1194 +#: sssd.conf.5.xml:1201 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1580,26 +1588,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1200 sssd.conf.5.xml:2013 +#: sssd.conf.5.xml:1207 sssd.conf.5.xml:2031 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1205 +#: sssd.conf.5.xml:1212 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:1234 msgid "pam_trusted_users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1230 +#: sssd.conf.5.xml:1237 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to run PAM conversations against trusted domains. Users not " @@ -1609,74 +1617,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1240 +#: sssd.conf.5.xml:1247 msgid "Default: All users are considered trusted by default" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1244 +#: sssd.conf.5.xml:1251 msgid "" "Please note that UID 0 is always allowed to access the PAM responder even in " "case it is not in the pam_trusted_users list." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1251 +#: sssd.conf.5.xml:1258 msgid "pam_public_domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1254 +#: sssd.conf.5.xml:1261 msgid "" "Specifies the comma-separated list of domain names that are accessible even " "to untrusted users." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1258 +#: sssd.conf.5.xml:1265 msgid "Two special values for pam_public_domains option are defined:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1262 +#: sssd.conf.5.xml:1269 msgid "" "all (Untrusted users are allowed to access all domains in PAM responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1266 +#: sssd.conf.5.xml:1273 msgid "" "none (Untrusted users are not allowed to access any domains PAM in " "responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1270 sssd.conf.5.xml:1295 sssd.conf.5.xml:1314 -#: sssd.conf.5.xml:1807 sssd.conf.5.xml:2751 sssd-ldap.5.xml:1850 +#: sssd.conf.5.xml:1277 sssd.conf.5.xml:1302 sssd.conf.5.xml:1321 +#: sssd.conf.5.xml:1825 sssd.conf.5.xml:2782 sssd-ldap.5.xml:1968 msgid "Default: none" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1275 +#: sssd.conf.5.xml:1282 msgid "pam_account_expired_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1278 +#: sssd.conf.5.xml:1285 msgid "" "Allows a custom expiration message to be set, replacing the default " "'Permission denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1283 +#: sssd.conf.5.xml:1290 msgid "" "Note: Please be aware that message is only printed for the SSH service " "unless pam_verbosity is set to 3 (show all messages and debug information)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1291 +#: sssd.conf.5.xml:1298 #, no-wrap msgid "" "pam_account_expired_message = Account expired, please contact help desk.\n" @@ -1684,19 +1692,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1300 +#: sssd.conf.5.xml:1307 msgid "pam_account_locked_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1303 +#: sssd.conf.5.xml:1310 msgid "" "Allows a custom lockout message to be set, replacing the default 'Permission " "denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1310 +#: sssd.conf.5.xml:1317 #, no-wrap msgid "" "pam_account_locked_message = Account locked, please contact help desk.\n" @@ -1704,12 +1712,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1319 +#: sssd.conf.5.xml:1326 msgid "pam_cert_auth (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1322 +#: sssd.conf.5.xml:1329 msgid "" "Enable certificate based Smartcard authentication. Since this requires " "additional communication with the Smartcard which will delay the " @@ -1717,58 +1725,58 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1328 sssd-ldap.5.xml:1078 sssd-ldap.5.xml:1105 -#: sssd-ldap.5.xml:1396 sssd-ldap.5.xml:1417 sssd-ldap.5.xml:1923 -#: include/ldap_id_mapping.xml:244 +#: sssd.conf.5.xml:1335 sssd.conf.5.xml:2875 sssd-ldap.5.xml:1087 +#: sssd-ldap.5.xml:1114 sssd-ldap.5.xml:1514 sssd-ldap.5.xml:1535 +#: sssd-ldap.5.xml:2041 include/ldap_id_mapping.xml:244 msgid "Default: False" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1333 +#: sssd.conf.5.xml:1340 msgid "pam_cert_db_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1336 +#: sssd.conf.5.xml:1343 msgid "" "The path to the certificate database which contain the PKCS#11 modules to " "access the Smartcard." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1340 +#: sssd.conf.5.xml:1347 msgid "Default: /etc/pki/nssdb (NSS version)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1345 +#: sssd.conf.5.xml:1352 msgid "p11_child_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1348 +#: sssd.conf.5.xml:1355 msgid "How many seconds will pam_sss wait for p11_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1357 +#: sssd.conf.5.xml:1364 msgid "pam_app_services (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1360 +#: sssd.conf.5.xml:1367 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1373 +#: sssd.conf.5.xml:1380 msgid "SUDO configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1375 +#: sssd.conf.5.xml:1382 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -1779,24 +1787,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1392 +#: sssd.conf.5.xml:1399 msgid "sudo_timed (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1395 +#: sssd.conf.5.xml:1402 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1407 +#: sssd.conf.5.xml:1414 msgid "sudo_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1410 +#: sssd.conf.5.xml:1417 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -1806,22 +1814,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1429 +#: sssd.conf.5.xml:1436 msgid "AUTOFS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1431 +#: sssd.conf.5.xml:1438 msgid "These options can be used to configure the autofs service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1435 +#: sssd.conf.5.xml:1442 msgid "autofs_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1438 +#: sssd.conf.5.xml:1445 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -1829,68 +1837,68 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1454 +#: sssd.conf.5.xml:1461 msgid "SSH configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1456 +#: sssd.conf.5.xml:1463 msgid "These options can be used to configure the SSH service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1460 +#: sssd.conf.5.xml:1467 msgid "ssh_hash_known_hosts (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1463 +#: sssd.conf.5.xml:1470 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1472 +#: sssd.conf.5.xml:1479 msgid "ssh_known_hosts_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1475 +#: sssd.conf.5.xml:1482 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1479 +#: sssd.conf.5.xml:1486 msgid "Default: 180" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1484 +#: sssd.conf.5.xml:1491 msgid "ca_db (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1487 +#: sssd.conf.5.xml:1494 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1492 +#: sssd.conf.5.xml:1499 msgid "Default: /etc/pki/nssdb" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1500 +#: sssd.conf.5.xml:1507 msgid "PAC responder configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1502 +#: sssd.conf.5.xml:1509 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -1901,7 +1909,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1511 +#: sssd.conf.5.xml:1518 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -1912,24 +1920,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1519 +#: sssd.conf.5.xml:1526 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1525 +#: sssd.conf.5.xml:1532 msgid "These options can be used to configure the PAC responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1529 sssd-ifp.5.xml:50 +#: sssd.conf.5.xml:1536 sssd-ifp.5.xml:50 msgid "allowed_uids (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1532 +#: sssd.conf.5.xml:1539 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -1937,12 +1945,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1538 +#: sssd.conf.5.xml:1545 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1542 +#: sssd.conf.5.xml:1549 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -1951,26 +1959,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1551 +#: sssd.conf.5.xml:1558 msgid "pac_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1554 +#: sssd.conf.5.xml:1561 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1567 +#: sssd.conf.5.xml:1574 #, fuzzy #| msgid "General service configuration options" msgid "Session recording configuration options" msgstr "基本服务配置选项" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1569 +#: sssd.conf.5.xml:1576 msgid "" "Session recording works in conjunction with <citerefentry> " "<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> </" @@ -1980,70 +1988,70 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1582 +#: sssd.conf.5.xml:1589 #, fuzzy #| msgid "These options can be used to configure any service." msgid "These options can be used to configure session recording." msgstr "这些选项可被用于配置任何服务。" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1586 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:1593 sssd-session-recording.5.xml:64 msgid "scope (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1593 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:1600 sssd-session-recording.5.xml:71 msgid "\"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1596 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:1603 sssd-session-recording.5.xml:74 msgid "No users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1601 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:1608 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1604 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:1611 sssd-session-recording.5.xml:82 msgid "" "Users/groups specified by <replaceable>users</replaceable> and " "<replaceable>groups</replaceable> options are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1613 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:1620 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1616 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:1623 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1589 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:1596 sssd-session-recording.5.xml:67 msgid "" "One of the following strings specifying the scope of session recording: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1623 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:1630 sssd-session-recording.5.xml:101 #, fuzzy #| msgid "Default: 3" msgid "Default: \"none\"" msgstr "默认: 3" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1628 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:1635 sssd-session-recording.5.xml:106 msgid "users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1631 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:1638 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording enabled. " "Matches user names as returned by NSS. I.e. after the possible space " @@ -2051,17 +2059,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1637 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:1644 sssd-session-recording.5.xml:115 msgid "Default: Empty. Matches no users." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1642 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:1649 sssd-session-recording.5.xml:120 msgid "groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1645 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:1652 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " @@ -2069,7 +2077,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1651 sssd-session-recording.5.xml:129 +#: sssd.conf.5.xml:1658 sssd-session-recording.5.xml:129 msgid "" "NOTE: using this option (having it set to anything) has a considerable " "performance cost, because each uncached request for a user requires " @@ -2077,22 +2085,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1658 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:1665 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1668 +#: sssd.conf.5.xml:1675 msgid "DOMAIN SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1675 +#: sssd.conf.5.xml:1682 msgid "domain_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1678 +#: sssd.conf.5.xml:1685 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " @@ -2101,14 +2109,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1686 +#: sssd.conf.5.xml:1693 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1690 +#: sssd.conf.5.xml:1697 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " @@ -2117,38 +2125,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1698 +#: sssd.conf.5.xml:1705 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1702 +#: sssd.conf.5.xml:1709 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1706 +#: sssd.conf.5.xml:1713 msgid "Default: posix" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1712 +#: sssd.conf.5.xml:1719 msgid "min_id,max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1715 +#: sssd.conf.5.xml:1722 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1720 +#: sssd.conf.5.xml:1727 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -2157,46 +2165,55 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1727 +#: sssd.conf.5.xml:1734 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1731 +#: sssd.conf.5.xml:1738 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1737 +#: sssd.conf.5.xml:1744 msgid "enumerate (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1740 +#: sssd.conf.5.xml:1747 msgid "" -"Determines if a domain can be enumerated. This parameter can have one of the " -"following values:" +"Determines if a domain can be enumerated, that is, whether the domain can " +"list all the users and group it contains. Note that it is not required to " +"enable enumeration in order for secondary groups to be displayed. This " +"parameter can have one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1744 +#: sssd.conf.5.xml:1755 msgid "TRUE = Users and groups are enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1747 +#: sssd.conf.5.xml:1758 msgid "FALSE = No enumerations for this domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1750 sssd.conf.5.xml:1965 sssd.conf.5.xml:2132 +#: sssd.conf.5.xml:1761 sssd.conf.5.xml:1983 sssd.conf.5.xml:2150 msgid "Default: FALSE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1753 +#: sssd.conf.5.xml:1764 +msgid "" +"Enumerating a domain requires SSSD to download and store ALL user and group " +"entries from the remote server." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1769 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -2204,18 +2221,20 @@ msgid "" "information will go directly to LDAP, though it may be slow, due to the " "heavy enumeration processing. Saving a large number of entries to cache " "after the enumeration completes might also be CPU intensive as the " -"memberships have to be recomputed." +"memberships have to be recomputed. This can lead to the <quote>sssd_be</" +"quote> process becoming unresponsive or even restarted by the internal " +"watchdog." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1766 +#: sssd.conf.5.xml:1784 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1771 +#: sssd.conf.5.xml:1789 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -2224,39 +2243,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1779 +#: sssd.conf.5.xml:1797 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1787 +#: sssd.conf.5.xml:1805 msgid "subdomain_enumerate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1794 +#: sssd.conf.5.xml:1812 msgid "all" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1795 +#: sssd.conf.5.xml:1813 msgid "All discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1798 +#: sssd.conf.5.xml:1816 msgid "none" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1799 +#: sssd.conf.5.xml:1817 msgid "No discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1790 +#: sssd.conf.5.xml:1808 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -2265,19 +2284,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1813 +#: sssd.conf.5.xml:1831 msgid "entry_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1816 +#: sssd.conf.5.xml:1834 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1820 +#: sssd.conf.5.xml:1838 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -2288,151 +2307,151 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1833 +#: sssd.conf.5.xml:1851 msgid "Default: 5400" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1839 +#: sssd.conf.5.xml:1857 msgid "entry_cache_user_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1842 +#: sssd.conf.5.xml:1860 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1846 sssd.conf.5.xml:1859 sssd.conf.5.xml:1872 -#: sssd.conf.5.xml:1885 sssd.conf.5.xml:1898 sssd.conf.5.xml:1912 -#: sssd.conf.5.xml:1926 +#: sssd.conf.5.xml:1864 sssd.conf.5.xml:1877 sssd.conf.5.xml:1890 +#: sssd.conf.5.xml:1903 sssd.conf.5.xml:1916 sssd.conf.5.xml:1930 +#: sssd.conf.5.xml:1944 msgid "Default: entry_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1852 +#: sssd.conf.5.xml:1870 msgid "entry_cache_group_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1855 +#: sssd.conf.5.xml:1873 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1865 +#: sssd.conf.5.xml:1883 msgid "entry_cache_netgroup_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1868 +#: sssd.conf.5.xml:1886 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1878 +#: sssd.conf.5.xml:1896 msgid "entry_cache_service_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1881 +#: sssd.conf.5.xml:1899 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1891 +#: sssd.conf.5.xml:1909 msgid "entry_cache_sudo_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1894 +#: sssd.conf.5.xml:1912 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1904 +#: sssd.conf.5.xml:1922 msgid "entry_cache_autofs_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1907 +#: sssd.conf.5.xml:1925 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1918 +#: sssd.conf.5.xml:1936 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1921 +#: sssd.conf.5.xml:1939 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1932 +#: sssd.conf.5.xml:1950 msgid "refresh_expired_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1935 +#: sssd.conf.5.xml:1953 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1940 +#: sssd.conf.5.xml:1958 msgid "" "The background refresh will process users, groups and netgroups in the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1944 +#: sssd.conf.5.xml:1962 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1948 sssd-ldap.5.xml:746 sssd-ipa.5.xml:248 +#: sssd.conf.5.xml:1966 sssd-ldap.5.xml:746 sssd-ipa.5.xml:254 msgid "Default: 0 (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1954 +#: sssd.conf.5.xml:1972 msgid "cache_credentials (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1957 +#: sssd.conf.5.xml:1975 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1961 +#: sssd.conf.5.xml:1979 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1971 +#: sssd.conf.5.xml:1989 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1974 +#: sssd.conf.5.xml:1992 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " @@ -2440,24 +2459,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1981 +#: sssd.conf.5.xml:1999 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1986 +#: sssd.conf.5.xml:2004 msgid "Default: 8" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1992 +#: sssd.conf.5.xml:2010 msgid "account_cache_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1995 +#: sssd.conf.5.xml:2013 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -2466,17 +2485,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2002 +#: sssd.conf.5.xml:2020 msgid "Default: 0 (unlimited)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2007 +#: sssd.conf.5.xml:2025 msgid "pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2018 +#: sssd.conf.5.xml:2036 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -2485,33 +2504,33 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2025 +#: sssd.conf.5.xml:2043 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2031 +#: sssd.conf.5.xml:2049 msgid "id_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2034 +#: sssd.conf.5.xml:2052 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2038 +#: sssd.conf.5.xml:2056 msgid "<quote>proxy</quote>: Support a legacy NSS provider" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2041 sssd.conf.5.xml:2178 +#: sssd.conf.5.xml:2059 sssd.conf.5.xml:2196 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2045 +#: sssd.conf.5.xml:2063 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -2519,8 +2538,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2053 sssd.conf.5.xml:2158 sssd.conf.5.xml:2213 -#: sssd.conf.5.xml:2276 +#: sssd.conf.5.xml:2071 sssd.conf.5.xml:2176 sssd.conf.5.xml:2231 +#: sssd.conf.5.xml:2294 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -2529,8 +2548,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2062 sssd.conf.5.xml:2167 sssd.conf.5.xml:2222 -#: sssd.conf.5.xml:2285 +#: sssd.conf.5.xml:2080 sssd.conf.5.xml:2185 sssd.conf.5.xml:2240 +#: sssd.conf.5.xml:2303 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2538,19 +2557,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2073 +#: sssd.conf.5.xml:2091 msgid "use_fully_qualified_names (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2076 +#: sssd.conf.5.xml:2094 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2081 +#: sssd.conf.5.xml:2099 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -2559,7 +2578,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2089 +#: sssd.conf.5.xml:2107 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -2567,22 +2586,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2096 +#: sssd.conf.5.xml:2114 msgid "Default: FALSE (TRUE if default_domain_suffix is used)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2102 +#: sssd.conf.5.xml:2120 msgid "ignore_group_members (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2105 +#: sssd.conf.5.xml:2123 msgid "Do not return group members for group lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2108 +#: sssd.conf.5.xml:2126 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -2594,7 +2613,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2126 +#: sssd.conf.5.xml:2144 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " @@ -2602,19 +2621,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2137 +#: sssd.conf.5.xml:2155 msgid "auth_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2140 +#: sssd.conf.5.xml:2158 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2144 sssd.conf.5.xml:2206 +#: sssd.conf.5.xml:2162 sssd.conf.5.xml:2224 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2622,7 +2641,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2151 +#: sssd.conf.5.xml:2169 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2630,30 +2649,30 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2175 +#: sssd.conf.5.xml:2193 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2182 +#: sssd.conf.5.xml:2200 msgid "<quote>none</quote> disables authentication explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2185 +#: sssd.conf.5.xml:2203 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2191 +#: sssd.conf.5.xml:2209 msgid "access_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2194 +#: sssd.conf.5.xml:2212 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -2661,19 +2680,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2200 +#: sssd.conf.5.xml:2218 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2203 +#: sssd.conf.5.xml:2221 msgid "<quote>deny</quote> always deny access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2230 +#: sssd.conf.5.xml:2248 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -2682,7 +2701,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2237 +#: sssd.conf.5.xml:2255 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum></" @@ -2690,29 +2709,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2244 +#: sssd.conf.5.xml:2262 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2247 +#: sssd.conf.5.xml:2265 msgid "Default: <quote>permit</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2252 +#: sssd.conf.5.xml:2270 msgid "chpass_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2255 +#: sssd.conf.5.xml:2273 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2260 +#: sssd.conf.5.xml:2278 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -2720,7 +2739,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2268 +#: sssd.conf.5.xml:2286 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2728,35 +2747,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2293 +#: sssd.conf.5.xml:2311 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2297 +#: sssd.conf.5.xml:2315 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2300 +#: sssd.conf.5.xml:2318 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2307 +#: sssd.conf.5.xml:2325 msgid "sudo_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2310 +#: sssd.conf.5.xml:2328 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2314 +#: sssd.conf.5.xml:2332 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2764,32 +2783,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2322 +#: sssd.conf.5.xml:2340 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2326 +#: sssd.conf.5.xml:2344 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2330 +#: sssd.conf.5.xml:2348 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2333 sssd.conf.5.xml:2411 sssd.conf.5.xml:2476 -#: sssd.conf.5.xml:2501 +#: sssd.conf.5.xml:2351 sssd.conf.5.xml:2437 sssd.conf.5.xml:2507 +#: sssd.conf.5.xml:2532 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2337 +#: sssd.conf.5.xml:2355 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -2799,13 +2818,22 @@ msgid "" "<manvolnum>5</manvolnum> </citerefentry>." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2370 +msgid "" +"<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " +"background unless the sudo provider is explicitly disabled. Set " +"<emphasis>sudo_provider = None</emphasis> to disable all sudo-related " +"activity in SSSD if you do not want to use sudo with SSSD at all." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2354 +#: sssd.conf.5.xml:2380 msgid "selinux_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2357 +#: sssd.conf.5.xml:2383 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -2813,7 +2841,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2363 +#: sssd.conf.5.xml:2389 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -2821,31 +2849,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2371 +#: sssd.conf.5.xml:2397 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2374 +#: sssd.conf.5.xml:2400 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2380 +#: sssd.conf.5.xml:2406 msgid "subdomains_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2383 +#: sssd.conf.5.xml:2409 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2389 +#: sssd.conf.5.xml:2415 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -2853,7 +2881,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2398 +#: sssd.conf.5.xml:2424 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -2862,17 +2890,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2407 +#: sssd.conf.5.xml:2433 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2417 +#: sssd.conf.5.xml:2443 msgid "session_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2420 +#: sssd.conf.5.xml:2446 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " @@ -2880,36 +2908,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2427 +#: sssd.conf.5.xml:2453 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2431 +#: sssd.conf.5.xml:2457 msgid "" "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2435 +#: sssd.conf.5.xml:2461 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can perform " "session related tasks." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2465 +msgid "" +"<emphasis>NOTE:</emphasis> In order to have this feature working as expected " +"SSSD must be running as \"root\" and not as the unprivileged user." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2442 +#: sssd.conf.5.xml:2473 msgid "autofs_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2445 +#: sssd.conf.5.xml:2476 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2449 +#: sssd.conf.5.xml:2480 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2917,7 +2952,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2456 +#: sssd.conf.5.xml:2487 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2925,7 +2960,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2464 +#: sssd.conf.5.xml:2495 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2933,24 +2968,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2473 +#: sssd.conf.5.xml:2504 msgid "<quote>none</quote> disables autofs explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2483 +#: sssd.conf.5.xml:2514 msgid "hostid_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2486 +#: sssd.conf.5.xml:2517 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2490 +#: sssd.conf.5.xml:2521 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -2958,12 +2993,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2498 +#: sssd.conf.5.xml:2529 msgid "<quote>none</quote> disables hostid explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2511 +#: sssd.conf.5.xml:2542 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -2973,7 +3008,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2520 +#: sssd.conf.5.xml:2551 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -2982,29 +3017,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2525 +#: sssd.conf.5.xml:2556 msgid "username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2528 +#: sssd.conf.5.xml:2559 msgid "username@domain.name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2531 +#: sssd.conf.5.xml:2562 msgid "domain\\username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2534 +#: sssd.conf.5.xml:2565 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2539 +#: sssd.conf.5.xml:2570 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -3012,7 +3047,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2545 +#: sssd.conf.5.xml:2576 msgid "" "PLEASE NOTE: the support for non-unique named subpatterns is not available " "on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre " @@ -3020,66 +3055,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2552 +#: sssd.conf.5.xml:2583 msgid "" "PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?" "P<name>) to label subpatterns." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2599 +#: sssd.conf.5.xml:2630 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2605 +#: sssd.conf.5.xml:2636 msgid "lookup_family_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2608 +#: sssd.conf.5.xml:2639 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2612 +#: sssd.conf.5.xml:2643 msgid "Supported values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2615 +#: sssd.conf.5.xml:2646 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2618 +#: sssd.conf.5.xml:2649 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2621 +#: sssd.conf.5.xml:2652 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2624 +#: sssd.conf.5.xml:2655 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2627 +#: sssd.conf.5.xml:2658 msgid "Default: ipv4_first" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2633 +#: sssd.conf.5.xml:2664 msgid "dns_resolver_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2636 +#: sssd.conf.5.xml:2667 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the " "internal fail over service before assuming that the service is unreachable. " @@ -3088,77 +3123,77 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2643 +#: sssd.conf.5.xml:2674 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2648 sssd-ldap.5.xml:1278 sssd-ldap.5.xml:1320 -#: sssd-ldap.5.xml:1338 sssd-krb5.5.xml:248 +#: sssd.conf.5.xml:2679 sssd-ldap.5.xml:1396 sssd-ldap.5.xml:1438 +#: sssd-ldap.5.xml:1456 sssd-krb5.5.xml:248 msgid "Default: 6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2654 +#: sssd.conf.5.xml:2685 msgid "dns_discovery_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2657 +#: sssd.conf.5.xml:2688 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2661 +#: sssd.conf.5.xml:2692 msgid "Default: Use the domain part of machine's hostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2667 +#: sssd.conf.5.xml:2698 msgid "override_gid (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2670 +#: sssd.conf.5.xml:2701 msgid "Override the primary GID value with the one specified." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2676 +#: sssd.conf.5.xml:2707 msgid "case_sensitive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2684 +#: sssd.conf.5.xml:2715 msgid "True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2687 +#: sssd.conf.5.xml:2718 msgid "Case sensitive. This value is invalid for AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2693 +#: sssd.conf.5.xml:2724 msgid "False" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2695 +#: sssd.conf.5.xml:2726 msgid "Case insensitive." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2699 +#: sssd.conf.5.xml:2730 msgid "Preserving" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2702 +#: sssd.conf.5.xml:2733 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " @@ -3166,7 +3201,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2679 +#: sssd.conf.5.xml:2710 msgid "" "Treat user and group names as case sensitive. At the moment, this option is " "not supported in the local provider. Possible option values are: " @@ -3174,17 +3209,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2714 +#: sssd.conf.5.xml:2745 msgid "Default: True (False for AD provider)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2720 +#: sssd.conf.5.xml:2751 msgid "subdomain_inherit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2723 +#: sssd.conf.5.xml:2754 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " @@ -3192,34 +3227,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2729 +#: sssd.conf.5.xml:2760 msgid "ignore_group_members" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2732 +#: sssd.conf.5.xml:2763 msgid "ldap_purge_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2735 sssd-ldap.5.xml:1111 +#: sssd.conf.5.xml:2766 sssd-ldap.5.xml:1120 msgid "ldap_use_tokengroups" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2738 +#: sssd.conf.5.xml:2769 msgid "ldap_user_principal" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2741 +#: sssd.conf.5.xml:2772 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:2747 +#: sssd.conf.5.xml:2778 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" @@ -3227,32 +3262,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2745 sssd-secrets.5.xml:448 +#: sssd.conf.5.xml:2776 sssd-secrets.5.xml:448 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2754 +#: sssd.conf.5.xml:2785 msgid "Note: This option only works with the IPA and AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2761 +#: sssd.conf.5.xml:2792 msgid "subdomain_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2772 +#: sssd.conf.5.xml:2803 msgid "%F" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2773 +#: sssd.conf.5.xml:2804 msgid "flat (NetBIOS) name of a subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2764 +#: sssd.conf.5.xml:2795 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -3262,34 +3297,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2778 +#: sssd.conf.5.xml:2809 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2782 +#: sssd.conf.5.xml:2813 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2787 +#: sssd.conf.5.xml:2818 msgid "realmd_tags (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2790 +#: sssd.conf.5.xml:2821 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2796 +#: sssd.conf.5.xml:2827 msgid "cached_auth_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2799 +#: sssd.conf.5.xml:2830 msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " @@ -3297,20 +3332,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2805 +#: sssd.conf.5.xml:2836 msgid "Special value 0 implies that this feature is disabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2809 +#: sssd.conf.5.xml:2840 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " "<quote>initgroups.</quote>" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2851 +msgid "auto_private_groups (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2854 +msgid "" +"If this option is enabled, SSSD will automatically create user private " +"groups based on user's UID number. The GID number is ignored in this case." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2859 +msgid "" +"For POSIX subdomains, setting the option in the main domain is inherited in " +"the subdomain." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2863 +msgid "" +"For ID-mapping subdomains, auto_private_groups is already enabled for the " +"subdomains and setting it to false will not have any effect for the " +"subdomain." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2868 +msgid "" +"NOTE: Because the GID number and the user private group are inferred from " +"the UID number, it is not supported to have multiple entries with the same " +"UID or GID number with this option. In other words, enabling this option " +"enforces uniqueness across the ID space." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1670 +#: sssd.conf.5.xml:1677 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -3318,29 +3389,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2827 +#: sssd.conf.5.xml:2887 msgid "proxy_pam_target (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2830 +#: sssd.conf.5.xml:2890 msgid "The proxy target PAM proxies to." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2833 +#: sssd.conf.5.xml:2893 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2841 +#: sssd.conf.5.xml:2901 msgid "proxy_lib_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2844 +#: sssd.conf.5.xml:2904 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -3348,12 +3419,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2854 +#: sssd.conf.5.xml:2914 msgid "proxy_fast_alias (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2857 +#: sssd.conf.5.xml:2917 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -3362,12 +3433,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2871 +#: sssd.conf.5.xml:2931 msgid "proxy_max_children (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2874 +#: sssd.conf.5.xml:2934 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " @@ -3375,19 +3446,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:2823 +#: sssd.conf.5.xml:2883 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2890 +#: sssd.conf.5.xml:2950 msgid "Application domains" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2892 +#: sssd.conf.5.xml:2952 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> <refentrytitle>sssd-ifp</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) is appealing to " @@ -3404,7 +3475,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2912 +#: sssd.conf.5.xml:2972 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " @@ -3412,17 +3483,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:2918 +#: sssd.conf.5.xml:2978 msgid "Application domain parameters" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2920 +#: sssd.conf.5.xml:2980 msgid "inherit_from (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2923 +#: sssd.conf.5.xml:2983 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " @@ -3431,7 +3502,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2937 +#: sssd.conf.5.xml:2997 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " @@ -3441,7 +3512,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:2945 +#: sssd.conf.5.xml:3005 #, no-wrap msgid "" "[sssd]\n" @@ -3461,12 +3532,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2963 +#: sssd.conf.5.xml:3023 msgid "The local domain section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2965 +#: sssd.conf.5.xml:3025 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -3474,73 +3545,73 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2972 +#: sssd.conf.5.xml:3032 msgid "default_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2975 +#: sssd.conf.5.xml:3035 msgid "The default shell for users created with SSSD userspace tools." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2979 +#: sssd.conf.5.xml:3039 msgid "Default: <filename>/bin/bash</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2984 +#: sssd.conf.5.xml:3044 msgid "base_directory (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2987 +#: sssd.conf.5.xml:3047 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2992 +#: sssd.conf.5.xml:3052 msgid "Default: <filename>/home</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2997 +#: sssd.conf.5.xml:3057 msgid "create_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3000 +#: sssd.conf.5.xml:3060 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3004 sssd.conf.5.xml:3016 +#: sssd.conf.5.xml:3064 sssd.conf.5.xml:3076 msgid "Default: TRUE" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3009 +#: sssd.conf.5.xml:3069 msgid "remove_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3012 +#: sssd.conf.5.xml:3072 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3021 +#: sssd.conf.5.xml:3081 msgid "homedir_umask (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3024 +#: sssd.conf.5.xml:3084 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -3548,17 +3619,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3032 +#: sssd.conf.5.xml:3092 msgid "Default: 077" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3037 +#: sssd.conf.5.xml:3097 msgid "skel_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3040 +#: sssd.conf.5.xml:3100 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -3567,17 +3638,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3050 +#: sssd.conf.5.xml:3110 msgid "Default: <filename>/etc/skel</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3055 +#: sssd.conf.5.xml:3115 msgid "mail_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3058 +#: sssd.conf.5.xml:3118 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -3585,17 +3656,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3065 +#: sssd.conf.5.xml:3125 msgid "Default: <filename>/var/mail</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3070 +#: sssd.conf.5.xml:3130 msgid "userdel_cmd (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3073 +#: sssd.conf.5.xml:3133 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -3603,17 +3674,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3079 +#: sssd.conf.5.xml:3139 msgid "Default: None, no command is run" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3089 +#: sssd.conf.5.xml:3149 msgid "TRUSTED DOMAIN SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3091 +#: sssd.conf.5.xml:3151 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called <quote>[domain/" @@ -3624,64 +3695,64 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3098 +#: sssd.conf.5.xml:3158 msgid "ldap_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3099 +#: sssd.conf.5.xml:3159 msgid "ldap_user_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3100 +#: sssd.conf.5.xml:3160 msgid "ldap_group_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3101 +#: sssd.conf.5.xml:3161 msgid "ldap_netgroup_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3102 +#: sssd.conf.5.xml:3162 msgid "ldap_service_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3103 +#: sssd.conf.5.xml:3163 msgid "ad_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3104 +#: sssd.conf.5.xml:3164 msgid "ad_backup_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3105 +#: sssd.conf.5.xml:3165 msgid "ad_site," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3106 +#: sssd.conf.5.xml:3166 msgid "use_fully_qualified_names" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3108 +#: sssd.conf.5.xml:3168 msgid "" "For more details about these options see their individual description in the " "manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3114 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:3174 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3120 +#: sssd.conf.5.xml:3180 #, no-wrap msgid "" "[sssd]\n" @@ -3711,7 +3782,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3116 +#: sssd.conf.5.xml:3176 msgid "" "1. The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -3720,7 +3791,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3153 +#: sssd.conf.5.xml:3213 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" @@ -3728,7 +3799,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3147 +#: sssd.conf.5.xml:3207 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -3776,7 +3847,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:75 sssd-ad.5.xml:99 +#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:81 sssd-ad.5.xml:112 #: sssd-krb5.5.xml:63 sssd-ifp.5.xml:44 sssd-files.5.xml:57 #: sssd-secrets.5.xml:120 sssd-session-recording.5.xml:58 sssd-kcm.8.xml:139 msgid "CONFIGURATION OPTIONS" @@ -3877,7 +3948,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:662 sssd-ad.5.xml:270 +#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:662 sssd-ad.5.xml:283 #: sss_override.8.xml:137 sss_override.8.xml:234 msgid "Examples:" msgstr "" @@ -4078,7 +4149,7 @@ msgid "The LDAP attribute that corresponds to the user's primary group id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:297 sssd-ldap.5.xml:920 +#: sssd-ldap.5.xml:297 sssd-ldap.5.xml:929 msgid "Default: gidNumber" msgstr "" @@ -4156,7 +4227,7 @@ msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:364 sssd-ldap.5.xml:946 +#: sssd-ldap.5.xml:364 sssd-ldap.5.xml:955 msgid "" "Default: not set in the general case, objectGUID for AD and ipaUniqueID for " "IPA" @@ -4175,7 +4246,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:379 sssd-ldap.5.xml:961 +#: sssd-ldap.5.xml:379 sssd-ldap.5.xml:970 msgid "Default: objectSid for ActiveDirectory, not set for other servers." msgstr "" @@ -4185,14 +4256,14 @@ msgid "ldap_user_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:389 sssd-ldap.5.xml:971 sssd-ldap.5.xml:1194 +#: sssd-ldap.5.xml:389 sssd-ldap.5.xml:980 sssd-ldap.5.xml:1203 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:393 sssd-ldap.5.xml:975 sssd-ldap.5.xml:1201 +#: sssd-ldap.5.xml:393 sssd-ldap.5.xml:984 sssd-ldap.5.xml:1210 msgid "Default: modifyTimestamp" msgstr "" @@ -4524,7 +4595,7 @@ msgid "The LDAP attribute that contains the user's SSH public keys." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:692 +#: sssd-ldap.5.xml:692 sssd-ldap.5.xml:1306 msgid "Default: sshPublicKey" msgstr "" @@ -4587,8 +4658,8 @@ msgid "The LDAP attribute that corresponds to the user's full name." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:759 sssd-ldap.5.xml:1152 sssd-ldap.5.xml:1226 -#: sssd-ldap.5.xml:2276 sssd-ipa.5.xml:588 +#: sssd-ldap.5.xml:759 sssd-ldap.5.xml:1161 sssd-ldap.5.xml:1235 +#: sssd-ldap.5.xml:1344 sssd-ldap.5.xml:2394 sssd-ipa.5.xml:607 msgid "Default: cn" msgstr "" @@ -4603,7 +4674,7 @@ msgid "The LDAP attribute that lists the user's group memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:772 +#: sssd-ldap.5.xml:772 sssd-ldap.5.xml:1274 msgid "Default: memberOf" msgstr "" @@ -4735,105 +4806,115 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:881 +msgid "" +"Note: If an email address of a user conflicts with an email address or fully " +"qualified name of another user, then SSSD will not be able to serve those " +"users properly. If for some reason several users need to share the same " +"email address then set this option to a nonexistent attribute name in order " +"to disable user lookup/login by email." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:890 msgid "Default: mail" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:887 +#: sssd-ldap.5.xml:896 msgid "ldap_group_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:890 +#: sssd-ldap.5.xml:899 msgid "The object class of a group entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:893 +#: sssd-ldap.5.xml:902 msgid "Default: posixGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:899 +#: sssd-ldap.5.xml:908 msgid "ldap_group_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:902 +#: sssd-ldap.5.xml:911 msgid "The LDAP attribute that corresponds to the group name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:906 +#: sssd-ldap.5.xml:915 msgid "Default: cn (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:913 +#: sssd-ldap.5.xml:922 msgid "ldap_group_gid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:916 +#: sssd-ldap.5.xml:925 msgid "The LDAP attribute that corresponds to the group's id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:926 +#: sssd-ldap.5.xml:935 msgid "ldap_group_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:929 +#: sssd-ldap.5.xml:938 msgid "The LDAP attribute that contains the names of the group's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:933 +#: sssd-ldap.5.xml:942 msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:939 +#: sssd-ldap.5.xml:948 msgid "ldap_group_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:942 +#: sssd-ldap.5.xml:951 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:953 +#: sssd-ldap.5.xml:962 msgid "ldap_group_objectsid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:956 +#: sssd-ldap.5.xml:965 msgid "" "The LDAP attribute that contains the objectSID of an LDAP group object. This " "is usually only necessary for ActiveDirectory servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:968 +#: sssd-ldap.5.xml:977 msgid "ldap_group_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:981 +#: sssd-ldap.5.xml:990 msgid "ldap_group_type (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:984 +#: sssd-ldap.5.xml:993 msgid "" "The LDAP attribute that contains an integer value indicating the type of the " "group and maybe other flags." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:989 +#: sssd-ldap.5.xml:998 msgid "" "This attribute is currently only used by the AD provider to determine if a " "group is a domain local groups and has to be filtered out for trusted " @@ -4841,34 +4922,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:995 +#: sssd-ldap.5.xml:1004 msgid "Default: groupType in the AD provider, otherwise not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1002 +#: sssd-ldap.5.xml:1011 msgid "ldap_group_external_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1005 +#: sssd-ldap.5.xml:1014 msgid "" "The LDAP attribute that references group members that are defined in an " "external domain. At the moment, only IPA's external members are supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1011 +#: sssd-ldap.5.xml:1020 msgid "Default: ipaExternalMember in the IPA provider, otherwise unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1018 +#: sssd-ldap.5.xml:1027 msgid "ldap_group_nesting_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1021 +#: sssd-ldap.5.xml:1030 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -4876,7 +4957,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1028 +#: sssd-ldap.5.xml:1037 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -4886,7 +4967,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1037 +#: sssd-ldap.5.xml:1046 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " @@ -4896,17 +4977,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1046 +#: sssd-ldap.5.xml:1055 msgid "Default: 2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1052 +#: sssd-ldap.5.xml:1061 msgid "ldap_groups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1055 +#: sssd-ldap.5.xml:1064 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which may speed up group lookup operations on deployments with " @@ -4914,14 +4995,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1061 +#: sssd-ldap.5.xml:1070 msgid "" "In most common cases, it is best to leave this option disabled. It generally " "only provides a performance increase on very complex nestings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1066 sssd-ldap.5.xml:1093 +#: sssd-ldap.5.xml:1075 sssd-ldap.5.xml:1102 msgid "" "If this option is enabled, SSSD will use it if it detects that the server " "supports it during initial connection. So \"True\" here essentially means " @@ -4929,7 +5010,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1072 sssd-ldap.5.xml:1099 +#: sssd-ldap.5.xml:1081 sssd-ldap.5.xml:1108 msgid "" "Note: This feature is currently known to work only with Active Directory " "2008 R1 and later. See <ulink url=\"http://msdn.microsoft.com/en-us/library/" @@ -4938,12 +5019,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1084 +#: sssd-ldap.5.xml:1093 msgid "ldap_initgroups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1087 +#: sssd-ldap.5.xml:1096 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which might speed up initgroups operations (most notably when " @@ -4951,168 +5032,270 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1114 +#: sssd-ldap.5.xml:1123 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1119 +#: sssd-ldap.5.xml:1128 msgid "Default: True for AD and IPA otherwise False." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1125 +#: sssd-ldap.5.xml:1134 msgid "ldap_netgroup_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1128 +#: sssd-ldap.5.xml:1137 msgid "The object class of a netgroup entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1131 +#: sssd-ldap.5.xml:1140 msgid "In IPA provider, ipa_netgroup_object_class should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1135 +#: sssd-ldap.5.xml:1144 msgid "Default: nisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1141 +#: sssd-ldap.5.xml:1150 msgid "ldap_netgroup_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1144 +#: sssd-ldap.5.xml:1153 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1148 +#: sssd-ldap.5.xml:1157 msgid "In IPA provider, ipa_netgroup_name should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1158 +#: sssd-ldap.5.xml:1167 msgid "ldap_netgroup_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1161 +#: sssd-ldap.5.xml:1170 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1165 +#: sssd-ldap.5.xml:1174 msgid "In IPA provider, ipa_netgroup_member should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1169 +#: sssd-ldap.5.xml:1178 msgid "Default: memberNisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1175 +#: sssd-ldap.5.xml:1184 msgid "ldap_netgroup_triple (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1178 +#: sssd-ldap.5.xml:1187 msgid "" "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1182 sssd-ldap.5.xml:1198 +#: sssd-ldap.5.xml:1191 sssd-ldap.5.xml:1207 msgid "This option is not available in IPA provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1185 +#: sssd-ldap.5.xml:1194 msgid "Default: nisNetgroupTriple" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1191 +#: sssd-ldap.5.xml:1200 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1207 -msgid "ldap_service_object_class (string)" +#: sssd-ldap.5.xml:1216 +msgid "ldap_host_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1210 -msgid "The object class of a service entry in LDAP." +#: sssd-ldap.5.xml:1219 +msgid "The object class of a host entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1213 +#: sssd-ldap.5.xml:1222 sssd-ldap.5.xml:1331 msgid "Default: ipService" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1219 +#: sssd-ldap.5.xml:1228 +msgid "ldap_host_name (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1231 sssd-ldap.5.xml:1257 +msgid "The LDAP attribute that corresponds to the host's name." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1241 +msgid "ldap_host_fqdn (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1244 +msgid "" +"The LDAP attribute that corresponds to the host's fully-qualified domain " +"name." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1248 +#, fuzzy +#| msgid "Default: 3" +msgid "Default: fqdn" +msgstr "默认: 3" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1254 +msgid "ldap_host_serverhostname (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1261 +msgid "Default: serverHostname" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1267 +msgid "ldap_host_member_of (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1270 +msgid "The LDAP attribute that lists the host's group memberships." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1280 +msgid "ldap_host_search_base (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1283 +msgid "Optional. Use the given string as search base for host objects." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1287 sssd-ipa.5.xml:359 sssd-ipa.5.xml:378 +#: sssd-ipa.5.xml:397 sssd-ipa.5.xml:416 +msgid "" +"See <quote>ldap_search_base</quote> for information about configuring " +"multiple search bases." +msgstr "" + +#. type: Content of: <listitem><para> +#: sssd-ldap.5.xml:1292 sssd-ipa.5.xml:364 include/ldap_search_bases.xml:27 +msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1299 +msgid "ldap_host_ssh_public_key (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1302 +msgid "The LDAP attribute that contains the host's SSH public keys." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1312 +msgid "ldap_host_uuid (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1315 +msgid "The LDAP attribute that contains the UUID/GUID of an LDAP host object." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1325 +msgid "ldap_service_object_class (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1328 +msgid "The object class of a service entry in LDAP." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1337 msgid "ldap_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1222 +#: sssd-ldap.5.xml:1340 msgid "" "The LDAP attribute that contains the name of service attributes and their " "aliases." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1232 +#: sssd-ldap.5.xml:1350 msgid "ldap_service_port (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1235 +#: sssd-ldap.5.xml:1353 msgid "The LDAP attribute that contains the port managed by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1239 +#: sssd-ldap.5.xml:1357 msgid "Default: ipServicePort" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1245 +#: sssd-ldap.5.xml:1363 msgid "ldap_service_proto (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1248 +#: sssd-ldap.5.xml:1366 msgid "" "The LDAP attribute that contains the protocols understood by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1252 +#: sssd-ldap.5.xml:1370 msgid "Default: ipServiceProtocol" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1258 +#: sssd-ldap.5.xml:1376 msgid "ldap_service_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1263 +#: sssd-ldap.5.xml:1381 msgid "ldap_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1266 +#: sssd-ldap.5.xml:1384 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -5120,7 +5303,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1272 +#: sssd-ldap.5.xml:1390 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -5128,12 +5311,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1284 +#: sssd-ldap.5.xml:1402 msgid "ldap_enumeration_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1287 +#: sssd-ldap.5.xml:1405 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -5141,12 +5324,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1300 +#: sssd-ldap.5.xml:1418 msgid "ldap_network_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1303 +#: sssd-ldap.5.xml:1421 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -5157,12 +5340,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1326 +#: sssd-ldap.5.xml:1444 msgid "ldap_opt_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1329 +#: sssd-ldap.5.xml:1447 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -5171,12 +5354,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1344 +#: sssd-ldap.5.xml:1462 msgid "ldap_connection_expire_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1347 +#: sssd-ldap.5.xml:1465 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -5185,34 +5368,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1355 sssd-ldap.5.xml:2433 +#: sssd-ldap.5.xml:1473 sssd-ldap.5.xml:2551 msgid "Default: 900 (15 minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1361 +#: sssd-ldap.5.xml:1479 msgid "ldap_page_size (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1364 +#: sssd-ldap.5.xml:1482 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1369 +#: sssd-ldap.5.xml:1487 msgid "Default: 1000" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1375 +#: sssd-ldap.5.xml:1493 msgid "ldap_disable_paging (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1378 +#: sssd-ldap.5.xml:1496 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -5220,14 +5403,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1384 +#: sssd-ldap.5.xml:1502 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1390 +#: sssd-ldap.5.xml:1508 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -5235,17 +5418,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1402 +#: sssd-ldap.5.xml:1520 msgid "ldap_disable_range_retrieval (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1405 +#: sssd-ldap.5.xml:1523 msgid "Disable Active Directory range retrieval." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1408 +#: sssd-ldap.5.xml:1526 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -5255,12 +5438,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1423 +#: sssd-ldap.5.xml:1541 msgid "ldap_sasl_minssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1426 +#: sssd-ldap.5.xml:1544 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -5268,17 +5451,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1432 +#: sssd-ldap.5.xml:1550 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1439 +#: sssd-ldap.5.xml:1557 msgid "ldap_deref_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1442 +#: sssd-ldap.5.xml:1560 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -5286,13 +5469,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1448 +#: sssd-ldap.5.xml:1566 msgid "" "You can turn off dereference lookups completely by setting the value to 0." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1452 +#: sssd-ldap.5.xml:1570 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -5301,7 +5484,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1460 +#: sssd-ldap.5.xml:1578 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -5309,26 +5492,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1473 +#: sssd-ldap.5.xml:1591 msgid "ldap_tls_reqcert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1476 +#: sssd-ldap.5.xml:1594 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1482 +#: sssd-ldap.5.xml:1600 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1486 +#: sssd-ldap.5.xml:1604 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5336,7 +5519,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1493 +#: sssd-ldap.5.xml:1611 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5344,7 +5527,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1499 +#: sssd-ldap.5.xml:1617 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -5352,41 +5535,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1505 +#: sssd-ldap.5.xml:1623 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1509 +#: sssd-ldap.5.xml:1627 msgid "Default: hard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1515 +#: sssd-ldap.5.xml:1633 msgid "ldap_tls_cacert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1518 +#: sssd-ldap.5.xml:1636 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1523 sssd-ldap.5.xml:1541 sssd-ldap.5.xml:1582 +#: sssd-ldap.5.xml:1641 sssd-ldap.5.xml:1659 sssd-ldap.5.xml:1700 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1530 +#: sssd-ldap.5.xml:1648 msgid "ldap_tls_cacertdir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1533 +#: sssd-ldap.5.xml:1651 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -5395,32 +5578,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1548 +#: sssd-ldap.5.xml:1666 msgid "ldap_tls_cert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1551 +#: sssd-ldap.5.xml:1669 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1561 +#: sssd-ldap.5.xml:1679 msgid "ldap_tls_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1564 +#: sssd-ldap.5.xml:1682 msgid "Specifies the file that contains the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1573 +#: sssd-ldap.5.xml:1691 msgid "ldap_tls_cipher_suite (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1576 +#: sssd-ldap.5.xml:1694 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -5428,24 +5611,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1589 +#: sssd-ldap.5.xml:1707 msgid "ldap_id_use_start_tls (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1592 +#: sssd-ldap.5.xml:1710 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1602 +#: sssd-ldap.5.xml:1720 msgid "ldap_id_mapping (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1605 +#: sssd-ldap.5.xml:1723 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -5453,17 +5636,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1611 +#: sssd-ldap.5.xml:1729 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1621 +#: sssd-ldap.5.xml:1739 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1624 +#: sssd-ldap.5.xml:1742 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -5474,29 +5657,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1636 +#: sssd-ldap.5.xml:1754 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1642 +#: sssd-ldap.5.xml:1760 msgid "ldap_sasl_mech (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1645 +#: sssd-ldap.5.xml:1763 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI is tested and " "supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1655 +#: sssd-ldap.5.xml:1773 msgid "ldap_sasl_authid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1658 +#: sssd-ldap.5.xml:1776 msgid "" "Specify the SASL authorization id to use. When GSSAPI is used, this " "represents the Kerberos principal used for authentication to the directory. " @@ -5505,17 +5688,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1666 +#: sssd-ldap.5.xml:1784 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1672 +#: sssd-ldap.5.xml:1790 msgid "ldap_sasl_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1675 +#: sssd-ldap.5.xml:1793 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -5523,49 +5706,49 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1681 +#: sssd-ldap.5.xml:1799 msgid "Default: the value of krb5_realm." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1687 +#: sssd-ldap.5.xml:1805 msgid "ldap_sasl_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1690 +#: sssd-ldap.5.xml:1808 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1695 +#: sssd-ldap.5.xml:1813 msgid "Default: false;" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1701 +#: sssd-ldap.5.xml:1819 msgid "ldap_krb5_keytab (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1704 +#: sssd-ldap.5.xml:1822 msgid "Specify the keytab to use when using SASL/GSSAPI." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1707 +#: sssd-ldap.5.xml:1825 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1713 +#: sssd-ldap.5.xml:1831 msgid "ldap_krb5_init_creds (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1716 +#: sssd-ldap.5.xml:1834 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -5573,27 +5756,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1728 +#: sssd-ldap.5.xml:1846 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1731 +#: sssd-ldap.5.xml:1849 msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1735 sssd-ad.5.xml:914 +#: sssd-ldap.5.xml:1853 sssd-ad.5.xml:934 msgid "Default: 86400 (24 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1741 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1859 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1744 +#: sssd-ldap.5.xml:1862 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -5605,7 +5788,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1756 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1874 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -5613,7 +5796,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1761 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1879 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -5621,39 +5804,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1770 sssd-ipa.5.xml:432 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1888 sssd-ipa.5.xml:428 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1773 +#: sssd-ldap.5.xml:1891 msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1776 +#: sssd-ldap.5.xml:1894 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1782 sssd-krb5.5.xml:462 +#: sssd-ldap.5.xml:1900 sssd-krb5.5.xml:462 msgid "krb5_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1785 +#: sssd-ldap.5.xml:1903 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1797 sssd-krb5.5.xml:477 +#: sssd-ldap.5.xml:1915 sssd-krb5.5.xml:477 msgid "krb5_use_kdcinfo (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1800 sssd-krb5.5.xml:480 +#: sssd-ldap.5.xml:1918 sssd-krb5.5.xml:480 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -5663,7 +5846,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1811 sssd-krb5.5.xml:491 +#: sssd-ldap.5.xml:1929 sssd-krb5.5.xml:491 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -5671,26 +5854,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1825 +#: sssd-ldap.5.xml:1943 msgid "ldap_pwd_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1828 +#: sssd-ldap.5.xml:1946 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1833 +#: sssd-ldap.5.xml:1951 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1838 +#: sssd-ldap.5.xml:1956 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -5698,7 +5881,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1844 +#: sssd-ldap.5.xml:1962 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -5706,31 +5889,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1853 +#: sssd-ldap.5.xml:1971 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1861 +#: sssd-ldap.5.xml:1979 msgid "ldap_referrals (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1864 +#: sssd-ldap.5.xml:1982 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1868 +#: sssd-ldap.5.xml:1986 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1873 +#: sssd-ldap.5.xml:1991 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -5739,56 +5922,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1887 +#: sssd-ldap.5.xml:2005 msgid "ldap_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1890 +#: sssd-ldap.5.xml:2008 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1894 +#: sssd-ldap.5.xml:2012 msgid "Default: ldap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1900 +#: sssd-ldap.5.xml:2018 msgid "ldap_chpass_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1903 +#: sssd-ldap.5.xml:2021 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1908 +#: sssd-ldap.5.xml:2026 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1914 +#: sssd-ldap.5.xml:2032 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1917 +#: sssd-ldap.5.xml:2035 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1929 +#: sssd-ldap.5.xml:2047 msgid "ldap_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1932 +#: sssd-ldap.5.xml:2050 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -5804,12 +5987,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1952 +#: sssd-ldap.5.xml:2070 msgid "Example:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1955 +#: sssd-ldap.5.xml:2073 #, no-wrap msgid "" "access_provider = ldap\n" @@ -5818,14 +6001,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1959 +#: sssd-ldap.5.xml:2077 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1964 +#: sssd-ldap.5.xml:2082 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -5834,24 +6017,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1972 sssd-ldap.5.xml:2029 +#: sssd-ldap.5.xml:2090 sssd-ldap.5.xml:2147 msgid "Default: Empty" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1978 +#: sssd-ldap.5.xml:2096 msgid "ldap_account_expire_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1981 +#: sssd-ldap.5.xml:2099 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1985 +#: sssd-ldap.5.xml:2103 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -5859,19 +6042,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1992 +#: sssd-ldap.5.xml:2110 msgid "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1995 +#: sssd-ldap.5.xml:2113 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2000 +#: sssd-ldap.5.xml:2118 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -5880,7 +6063,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2007 +#: sssd-ldap.5.xml:2125 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -5888,7 +6071,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2013 +#: sssd-ldap.5.xml:2131 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -5897,7 +6080,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2022 +#: sssd-ldap.5.xml:2140 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -5905,22 +6088,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2035 +#: sssd-ldap.5.xml:2153 msgid "ldap_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2038 +#: sssd-ldap.5.xml:2156 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2042 +#: sssd-ldap.5.xml:2160 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2045 +#: sssd-ldap.5.xml:2163 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -5930,14 +6113,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2055 +#: sssd-ldap.5.xml:2173 msgid "" "<emphasis> Please note that this option is superseded by the <quote>ppolicy</" "quote> option and might be removed in a future release. </emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2062 +#: sssd-ldap.5.xml:2180 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -5950,12 +6133,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2079 +#: sssd-ldap.5.xml:2197 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2083 +#: sssd-ldap.5.xml:2201 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " @@ -5965,7 +6148,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2093 +#: sssd-ldap.5.xml:2211 msgid "" "The difference between these options is the action taken if user password is " "expired: pwd_expire_policy_reject - user is denied to log in, " @@ -5975,63 +6158,63 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2101 +#: sssd-ldap.5.xml:2219 msgid "" "Note If user password is expired no explicit message is prompted by SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2105 +#: sssd-ldap.5.xml:2223 msgid "" "Please note that 'access_provider = ldap' must be set for this feature to " "work. Also 'ldap_pwd_policy' must be set to an appropriate password policy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2110 +#: sssd-ldap.5.xml:2228 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2115 +#: sssd-ldap.5.xml:2233 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2119 +#: sssd-ldap.5.xml:2237 msgid "" "<emphasis>rhost</emphasis>: use the rhost attribute to determine whether " "remote host can access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2123 +#: sssd-ldap.5.xml:2241 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control option" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2128 +#: sssd-ldap.5.xml:2246 msgid "Default: filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2131 +#: sssd-ldap.5.xml:2249 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2138 +#: sssd-ldap.5.xml:2256 msgid "ldap_pwdlockout_dn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2141 +#: sssd-ldap.5.xml:2259 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " @@ -6040,74 +6223,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2149 +#: sssd-ldap.5.xml:2267 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2152 +#: sssd-ldap.5.xml:2270 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2158 +#: sssd-ldap.5.xml:2276 msgid "ldap_deref (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2161 +#: sssd-ldap.5.xml:2279 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2166 +#: sssd-ldap.5.xml:2284 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2170 +#: sssd-ldap.5.xml:2288 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2175 +#: sssd-ldap.5.xml:2293 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2180 +#: sssd-ldap.5.xml:2298 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2185 +#: sssd-ldap.5.xml:2303 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2193 +#: sssd-ldap.5.xml:2311 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2196 +#: sssd-ldap.5.xml:2314 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2200 +#: sssd-ldap.5.xml:2318 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -6118,7 +6301,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2211 +#: sssd-ldap.5.xml:2329 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -6126,24 +6309,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2223 sssd-ifp.5.xml:136 +#: sssd-ldap.5.xml:2341 sssd-ifp.5.xml:136 msgid "wildcard_limit (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2226 +#: sssd-ldap.5.xml:2344 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2230 +#: sssd-ldap.5.xml:2348 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2234 +#: sssd-ldap.5.xml:2352 msgid "Default: 1000 (often the size of one page)" msgstr "" @@ -6158,12 +6341,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2244 +#: sssd-ldap.5.xml:2362 msgid "SUDO OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2246 +#: sssd-ldap.5.xml:2364 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -6171,208 +6354,208 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2257 +#: sssd-ldap.5.xml:2375 msgid "ldap_sudorule_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2260 +#: sssd-ldap.5.xml:2378 msgid "The object class of a sudo rule entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2263 +#: sssd-ldap.5.xml:2381 msgid "Default: sudoRole" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2269 +#: sssd-ldap.5.xml:2387 msgid "ldap_sudorule_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2272 +#: sssd-ldap.5.xml:2390 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2282 +#: sssd-ldap.5.xml:2400 msgid "ldap_sudorule_command (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2285 +#: sssd-ldap.5.xml:2403 msgid "The LDAP attribute that corresponds to the command name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2289 +#: sssd-ldap.5.xml:2407 msgid "Default: sudoCommand" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2295 +#: sssd-ldap.5.xml:2413 msgid "ldap_sudorule_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2298 +#: sssd-ldap.5.xml:2416 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2303 +#: sssd-ldap.5.xml:2421 msgid "Default: sudoHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2309 +#: sssd-ldap.5.xml:2427 msgid "ldap_sudorule_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2312 +#: sssd-ldap.5.xml:2430 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2316 +#: sssd-ldap.5.xml:2434 msgid "Default: sudoUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2322 +#: sssd-ldap.5.xml:2440 msgid "ldap_sudorule_option (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2325 +#: sssd-ldap.5.xml:2443 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2329 +#: sssd-ldap.5.xml:2447 msgid "Default: sudoOption" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2335 +#: sssd-ldap.5.xml:2453 msgid "ldap_sudorule_runasuser (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2338 +#: sssd-ldap.5.xml:2456 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2342 +#: sssd-ldap.5.xml:2460 msgid "Default: sudoRunAsUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2348 +#: sssd-ldap.5.xml:2466 msgid "ldap_sudorule_runasgroup (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2351 +#: sssd-ldap.5.xml:2469 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2355 +#: sssd-ldap.5.xml:2473 msgid "Default: sudoRunAsGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2361 +#: sssd-ldap.5.xml:2479 msgid "ldap_sudorule_notbefore (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2364 +#: sssd-ldap.5.xml:2482 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2368 +#: sssd-ldap.5.xml:2486 msgid "Default: sudoNotBefore" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2374 +#: sssd-ldap.5.xml:2492 msgid "ldap_sudorule_notafter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2377 +#: sssd-ldap.5.xml:2495 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2382 +#: sssd-ldap.5.xml:2500 msgid "Default: sudoNotAfter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2388 +#: sssd-ldap.5.xml:2506 msgid "ldap_sudorule_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2391 +#: sssd-ldap.5.xml:2509 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2395 +#: sssd-ldap.5.xml:2513 msgid "Default: sudoOrder" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2401 +#: sssd-ldap.5.xml:2519 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2404 +#: sssd-ldap.5.xml:2522 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2409 +#: sssd-ldap.5.xml:2527 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2414 +#: sssd-ldap.5.xml:2532 msgid "Default: 21600 (6 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2420 +#: sssd-ldap.5.xml:2538 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2423 +#: sssd-ldap.5.xml:2541 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest USN " @@ -6380,101 +6563,101 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2429 +#: sssd-ldap.5.xml:2547 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2439 +#: sssd-ldap.5.xml:2557 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2442 +#: sssd-ldap.5.xml:2560 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2453 +#: sssd-ldap.5.xml:2571 msgid "ldap_sudo_hostnames (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2456 +#: sssd-ldap.5.xml:2574 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2461 +#: sssd-ldap.5.xml:2579 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2466 sssd-ldap.5.xml:2489 sssd-ldap.5.xml:2507 -#: sssd-ldap.5.xml:2525 +#: sssd-ldap.5.xml:2584 sssd-ldap.5.xml:2607 sssd-ldap.5.xml:2625 +#: sssd-ldap.5.xml:2643 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2471 sssd-ldap.5.xml:2494 +#: sssd-ldap.5.xml:2589 sssd-ldap.5.xml:2612 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2477 +#: sssd-ldap.5.xml:2595 msgid "ldap_sudo_ip (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2480 +#: sssd-ldap.5.xml:2598 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2485 +#: sssd-ldap.5.xml:2603 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2500 +#: sssd-ldap.5.xml:2618 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2503 +#: sssd-ldap.5.xml:2621 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2518 +#: sssd-ldap.5.xml:2636 msgid "ldap_sudo_include_regexp (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2521 +#: sssd-ldap.5.xml:2639 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2537 +#: sssd-ldap.5.xml:2655 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -6483,111 +6666,111 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2547 +#: sssd-ldap.5.xml:2665 msgid "AUTOFS OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2549 +#: sssd-ldap.5.xml:2667 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2555 +#: sssd-ldap.5.xml:2673 msgid "ldap_autofs_map_master_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2558 +#: sssd-ldap.5.xml:2676 msgid "The name of the automount master map in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2561 +#: sssd-ldap.5.xml:2679 msgid "Default: auto.master" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2568 +#: sssd-ldap.5.xml:2686 msgid "ldap_autofs_map_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2571 +#: sssd-ldap.5.xml:2689 msgid "The object class of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2574 +#: sssd-ldap.5.xml:2692 msgid "Default: nisMap (rfc2307, autofs_provider=ad), otherwise automountMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2582 +#: sssd-ldap.5.xml:2700 msgid "ldap_autofs_map_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2585 +#: sssd-ldap.5.xml:2703 msgid "The name of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2588 +#: sssd-ldap.5.xml:2706 msgid "" "Default: nisMapName (rfc2307, autofs_provider=ad), otherwise automountMapName" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2596 +#: sssd-ldap.5.xml:2714 msgid "ldap_autofs_entry_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2599 +#: sssd-ldap.5.xml:2717 msgid "" "The object class of an automount entry in LDAP. The entry usually " "corresponds to a mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2604 +#: sssd-ldap.5.xml:2722 msgid "Default: nisObject (rfc2307, autofs_provider=ad), otherwise automount" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2612 +#: sssd-ldap.5.xml:2730 msgid "ldap_autofs_entry_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2615 sssd-ldap.5.xml:2630 +#: sssd-ldap.5.xml:2733 sssd-ldap.5.xml:2748 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2619 +#: sssd-ldap.5.xml:2737 msgid "Default: cn (rfc2307, autofs_provider=ad), otherwise automountKey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2627 +#: sssd-ldap.5.xml:2745 msgid "ldap_autofs_entry_value (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2634 +#: sssd-ldap.5.xml:2752 msgid "" "Default: nisMapEntry (rfc2307, autofs_provider=ad), otherwise " "automountInformation" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2553 +#: sssd-ldap.5.xml:2671 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " @@ -6596,32 +6779,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2645 +#: sssd-ldap.5.xml:2763 msgid "ADVANCED OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2652 +#: sssd-ldap.5.xml:2770 msgid "ldap_netgroup_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2657 +#: sssd-ldap.5.xml:2775 msgid "ldap_user_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2662 +#: sssd-ldap.5.xml:2780 msgid "ldap_group_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> -#: sssd-ldap.5.xml:2667 +#: sssd-ldap.5.xml:2785 msgid "<note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> -#: sssd-ldap.5.xml:2669 +#: sssd-ldap.5.xml:2787 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " @@ -6630,22 +6813,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist> -#: sssd-ldap.5.xml:2676 +#: sssd-ldap.5.xml:2794 msgid "</note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2678 +#: sssd-ldap.5.xml:2796 msgid "ldap_sudo_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2683 +#: sssd-ldap.5.xml:2801 msgid "ldap_autofs_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2647 +#: sssd-ldap.5.xml:2765 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -6654,14 +6837,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2698 sssd-simple.5.xml:131 sssd-ipa.5.xml:717 -#: sssd-ad.5.xml:1018 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 +#: sssd-ldap.5.xml:2816 sssd-simple.5.xml:131 sssd-ipa.5.xml:736 +#: sssd-ad.5.xml:1038 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 #: sssd-files.5.xml:71 sssd-session-recording.5.xml:144 msgid "EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2700 +#: sssd-ldap.5.xml:2818 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -6669,7 +6852,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2706 +#: sssd-ldap.5.xml:2824 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -6682,27 +6865,27 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2705 sssd-ldap.5.xml:2723 sssd-simple.5.xml:139 -#: sssd-ipa.5.xml:725 sssd-ad.5.xml:1026 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 +#: sssd-ldap.5.xml:2823 sssd-ldap.5.xml:2841 sssd-simple.5.xml:139 +#: sssd-ipa.5.xml:744 sssd-ad.5.xml:1046 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 #: sssd-files.5.xml:78 sssd-session-recording.5.xml:150 #: include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2717 +#: sssd-ldap.5.xml:2835 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2719 +#: sssd-ldap.5.xml:2837 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2724 +#: sssd-ldap.5.xml:2842 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -6718,13 +6901,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2739 sssd_krb5_locator_plugin.8.xml:61 sssd-simple.5.xml:148 -#: sssd-ad.5.xml:1041 sssd.8.xml:195 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2857 sssd_krb5_locator_plugin.8.xml:61 sssd-simple.5.xml:148 +#: sssd-ad.5.xml:1061 sssd.8.xml:230 sss_seed.8.xml:163 msgid "NOTES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2741 +#: sssd-ldap.5.xml:2859 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -7130,7 +7313,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:70 sssd-ipa.5.xml:76 sssd-ad.5.xml:100 +#: sssd-simple.5.xml:70 sssd-ipa.5.xml:82 sssd-ad.5.xml:113 msgid "" "Refer to the section <quote>DOMAIN SECTIONS</quote> of the <citerefentry> " "<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" @@ -7980,7 +8163,7 @@ msgstr "" #: sss-certmap.5.xml:577 msgid "" "This template will add the OID which is stored in the registeredID component " -"of the SAN as as dotted-decimal string." +"of the SAN as a dotted-decimal string." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> @@ -8071,30 +8254,38 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:67 msgid "" +"If <quote>auth_provider=ipa</quote> or <quote>access_provider=ipa</quote> is " +"configured in sssd.conf then the id_provider must also be set to <quote>ipa</" +"quote>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:73 +msgid "" "The IPA provider will use the PAC responder if the Kerberos tickets of users " "from trusted realms contain a PAC. To make configuration easier the PAC " "responder is started automatically if the IPA ID provider is configured." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:83 +#: sssd-ipa.5.xml:89 msgid "ipa_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:86 +#: sssd-ipa.5.xml:92 msgid "" "Specifies the name of the IPA domain. This is optional. If not provided, " "the configuration domain name is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:94 +#: sssd-ipa.5.xml:100 msgid "ipa_server, ipa_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:97 +#: sssd-ipa.5.xml:103 msgid "" "The comma-separated list of IP addresses or hostnames of the IPA servers to " "which SSSD should connect in the order of preference. For more information " @@ -8104,12 +8295,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:110 +#: sssd-ipa.5.xml:116 msgid "ipa_hostname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:113 +#: sssd-ipa.5.xml:119 msgid "" "Optional. May be set on machines where the hostname(5) does not reflect the " "fully qualified name used in the IPA domain to identify this host. The " @@ -8117,12 +8308,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:122 sssd-ad.5.xml:843 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:863 msgid "dyndns_update (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:125 +#: sssd-ipa.5.xml:131 msgid "" "Optional. This option tells SSSD to automatically update the DNS server " "built into FreeIPA with the IP address of this client. The update is secured " @@ -8132,14 +8323,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:134 sssd-ad.5.xml:857 +#: sssd-ipa.5.xml:140 sssd-ad.5.xml:877 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:139 +#: sssd-ipa.5.xml:145 msgid "" "NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_update</" "emphasis> option, users should migrate to using <emphasis>dyndns_update</" @@ -8147,12 +8338,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:151 sssd-ad.5.xml:868 +#: sssd-ipa.5.xml:157 sssd-ad.5.xml:888 msgid "dyndns_ttl (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:154 sssd-ad.5.xml:871 +#: sssd-ipa.5.xml:160 sssd-ad.5.xml:891 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -8160,7 +8351,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:159 +#: sssd-ipa.5.xml:165 msgid "" "NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_ttl</" "emphasis> option, users should migrate to using <emphasis>dyndns_ttl</" @@ -8168,17 +8359,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:165 +#: sssd-ipa.5.xml:171 msgid "Default: 1200 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:171 sssd-ad.5.xml:882 +#: sssd-ipa.5.xml:177 sssd-ad.5.xml:902 msgid "dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:174 sssd-ad.5.xml:885 +#: sssd-ipa.5.xml:180 sssd-ad.5.xml:905 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " @@ -8187,7 +8378,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:181 +#: sssd-ipa.5.xml:187 msgid "" "NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_iface</" "emphasis> option, users should migrate to using <emphasis>dyndns_iface</" @@ -8195,24 +8386,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:187 +#: sssd-ipa.5.xml:193 msgid "" "Default: Use the IP addresses of the interface which is used for IPA LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:191 sssd-ad.5.xml:896 +#: sssd-ipa.5.xml:197 sssd-ad.5.xml:916 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:197 sssd-ad.5.xml:947 +#: sssd-ipa.5.xml:203 sssd-ad.5.xml:967 msgid "dyndns_auth (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:200 sssd-ad.5.xml:950 +#: sssd-ipa.5.xml:206 sssd-ad.5.xml:970 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " @@ -8220,22 +8411,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:206 sssd-ad.5.xml:956 +#: sssd-ipa.5.xml:212 sssd-ad.5.xml:976 msgid "Default: GSS-TSIG" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:212 +#: sssd-ipa.5.xml:218 msgid "ipa_enable_dns_sites (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:215 sssd-ad.5.xml:197 +#: sssd-ipa.5.xml:221 sssd-ad.5.xml:210 msgid "Enables DNS sites - location based service discovery." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:219 +#: sssd-ipa.5.xml:225 msgid "" "If true and service discovery (see Service Discovery paragraph at the bottom " "of the man page) is enabled, then the SSSD will first attempt location " @@ -8247,12 +8438,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:238 sssd-ad.5.xml:902 +#: sssd-ipa.5.xml:244 sssd-ad.5.xml:922 msgid "dyndns_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:241 +#: sssd-ipa.5.xml:247 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -8260,228 +8451,215 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:254 sssd-ad.5.xml:920 +#: sssd-ipa.5.xml:260 sssd-ad.5.xml:940 msgid "dyndns_update_ptr (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:257 sssd-ad.5.xml:923 +#: sssd-ipa.5.xml:263 sssd-ad.5.xml:943 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:262 +#: sssd-ipa.5.xml:268 msgid "" "This option should be False in most IPA deployments as the IPA server " "generates the PTR records automatically when forward records are changed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:268 +#: sssd-ipa.5.xml:274 msgid "Default: False (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:274 sssd-ad.5.xml:934 +#: sssd-ipa.5.xml:280 sssd-ad.5.xml:954 msgid "dyndns_force_tcp (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:277 sssd-ad.5.xml:937 +#: sssd-ipa.5.xml:283 sssd-ad.5.xml:957 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:281 sssd-ad.5.xml:941 +#: sssd-ipa.5.xml:287 sssd-ad.5.xml:961 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:287 sssd-ad.5.xml:962 +#: sssd-ipa.5.xml:293 sssd-ad.5.xml:982 msgid "dyndns_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:290 sssd-ad.5.xml:965 +#: sssd-ipa.5.xml:296 sssd-ad.5.xml:985 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:295 sssd-ad.5.xml:970 +#: sssd-ipa.5.xml:301 sssd-ad.5.xml:990 msgid "" "Setting this option makes sense for environments where the DNS server is " "different from the identity server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:300 sssd-ad.5.xml:975 +#: sssd-ipa.5.xml:306 sssd-ad.5.xml:995 msgid "" "Please note that this option will be only used in fallback attempt when " "previous attempt using autodetected settings failed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:305 sssd-ad.5.xml:980 +#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1000 msgid "Default: None (let nsupdate choose the server)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:311 +#: sssd-ipa.5.xml:317 msgid "ipa_deskprofile_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:314 +#: sssd-ipa.5.xml:320 msgid "" "Optional. Use the given string as search base for Desktop Profile related " "objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:318 sssd-ipa.5.xml:331 +#: sssd-ipa.5.xml:324 sssd-ipa.5.xml:337 msgid "Default: Use base DN" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:324 +#: sssd-ipa.5.xml:330 msgid "ipa_hbac_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:327 +#: sssd-ipa.5.xml:333 msgid "Optional. Use the given string as search base for HBAC related objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:337 +#: sssd-ipa.5.xml:343 msgid "ipa_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:340 -msgid "Optional. Use the given string as search base for host objects." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:344 sssd-ipa.5.xml:363 sssd-ipa.5.xml:382 sssd-ipa.5.xml:401 -#: sssd-ipa.5.xml:420 -msgid "" -"See <quote>ldap_search_base</quote> for information about configuring " -"multiple search bases." -msgstr "" - -#. type: Content of: <listitem><para> -#: sssd-ipa.5.xml:349 sssd-ipa.5.xml:368 include/ldap_search_bases.xml:27 -msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" +#: sssd-ipa.5.xml:346 +msgid "Deprecated. Use ldap_host_search_base instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:356 +#: sssd-ipa.5.xml:352 msgid "ipa_selinux_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:359 +#: sssd-ipa.5.xml:355 msgid "Optional. Use the given string as search base for SELinux user maps." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:375 +#: sssd-ipa.5.xml:371 msgid "ipa_subdomains_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:378 +#: sssd-ipa.5.xml:374 msgid "Optional. Use the given string as search base for trusted domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:387 +#: sssd-ipa.5.xml:383 msgid "Default: the value of <emphasis>cn=trusts,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:394 +#: sssd-ipa.5.xml:390 msgid "ipa_master_domain_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:397 +#: sssd-ipa.5.xml:393 msgid "Optional. Use the given string as search base for master domain object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:406 +#: sssd-ipa.5.xml:402 msgid "Default: the value of <emphasis>cn=ad,cn=etc,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:413 +#: sssd-ipa.5.xml:409 msgid "ipa_views_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:416 +#: sssd-ipa.5.xml:412 msgid "Optional. Use the given string as search base for views containers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:425 +#: sssd-ipa.5.xml:421 msgid "Default: the value of <emphasis>cn=views,cn=accounts,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:435 +#: sssd-ipa.5.xml:431 msgid "" "The name of the Kerberos realm. This is optional and defaults to the value " "of <quote>ipa_domain</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:439 +#: sssd-ipa.5.xml:435 msgid "" "The name of the Kerberos realm has a special meaning in IPA - it is " "converted into the base DN to use for performing LDAP operations." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:447 sssd-ad.5.xml:989 +#: sssd-ipa.5.xml:443 sssd-ad.5.xml:1009 msgid "krb5_confd_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:450 sssd-ad.5.xml:992 +#: sssd-ipa.5.xml:446 sssd-ad.5.xml:1012 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:454 sssd-ad.5.xml:996 +#: sssd-ipa.5.xml:450 sssd-ad.5.xml:1016 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:458 sssd-ad.5.xml:1000 +#: sssd-ipa.5.xml:454 sssd-ad.5.xml:1020 msgid "" "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:465 +#: sssd-ipa.5.xml:461 msgid "ipa_deskprofile_refresh (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:468 +#: sssd-ipa.5.xml:464 msgid "" "The amount of time between lookups of the Desktop Profile rules against the " "IPA server. This will reduce the latency and load on the IPA server if there " @@ -8489,34 +8667,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:475 sssd-ipa.5.xml:505 sssd-ipa.5.xml:521 sssd-ad.5.xml:408 +#: sssd-ipa.5.xml:471 sssd-ipa.5.xml:501 sssd-ipa.5.xml:517 sssd-ad.5.xml:428 msgid "Default: 5 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:481 +#: sssd-ipa.5.xml:477 msgid "ipa_deskprofile_request_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:484 +#: sssd-ipa.5.xml:480 msgid "" "The amount of time between lookups of the Desktop Profile rules against the " "IPA server in case the last request did not return any rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:489 +#: sssd-ipa.5.xml:485 msgid "Default: 60 (minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:495 +#: sssd-ipa.5.xml:491 msgid "ipa_hbac_refresh (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:498 +#: sssd-ipa.5.xml:494 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server. " "This will reduce the latency and load on the IPA server if there are many " @@ -8524,12 +8702,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:511 +#: sssd-ipa.5.xml:507 msgid "ipa_hbac_selinux (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:514 +#: sssd-ipa.5.xml:510 msgid "" "The amount of time between lookups of the SELinux maps against the IPA " "server. This will reduce the latency and load on the IPA server if there are " @@ -8537,192 +8715,214 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:527 +#: sssd-ipa.5.xml:523 msgid "ipa_server_mode (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:530 +#: sssd-ipa.5.xml:526 msgid "" "This option will be set by the IPA installer (ipa-server-install) " "automatically and denotes if SSSD is running on an IPA server or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:535 +#: sssd-ipa.5.xml:531 msgid "" "On an IPA server SSSD will lookup users and groups from trusted domains " "directly while on a client it will ask an IPA server." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:536 +msgid "" +"NOTE: There are currently some assumptions that must be met when SSSD is " +"running on an IPA server." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ipa.5.xml:541 +msgid "" +"The <quote>ipa_server</quote> option must be configured to point to the IPA " +"server itself. This is already the default set by the IPA installer, so no " +"manual change is required." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ipa.5.xml:550 +msgid "" +"The <quote>full_name_format</quote> option must not be tweaked to only print " +"short names for users from trusted domains." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:546 +#: sssd-ipa.5.xml:565 msgid "ipa_automount_location (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:549 +#: sssd-ipa.5.xml:568 msgid "The automounter location this IPA client will be using" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:552 +#: sssd-ipa.5.xml:571 msgid "Default: The location named \"default\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:560 +#: sssd-ipa.5.xml:579 msgid "VIEWS AND OVERRIDES" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:569 +#: sssd-ipa.5.xml:588 msgid "ipa_view_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:572 +#: sssd-ipa.5.xml:591 msgid "Objectclass of the view container." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:575 +#: sssd-ipa.5.xml:594 msgid "Default: nsContainer" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:581 +#: sssd-ipa.5.xml:600 msgid "ipa_view_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:584 +#: sssd-ipa.5.xml:603 msgid "Name of the attribute holding the name of the view." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:594 +#: sssd-ipa.5.xml:613 msgid "ipa_override_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:597 +#: sssd-ipa.5.xml:616 msgid "Objectclass of the override objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:600 +#: sssd-ipa.5.xml:619 msgid "Default: ipaOverrideAnchor" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:606 +#: sssd-ipa.5.xml:625 msgid "ipa_anchor_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:609 +#: sssd-ipa.5.xml:628 msgid "" "Name of the attribute containing the reference to the original object in a " "remote domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:613 +#: sssd-ipa.5.xml:632 msgid "Default: ipaAnchorUUID" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:619 +#: sssd-ipa.5.xml:638 msgid "ipa_user_override_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:622 +#: sssd-ipa.5.xml:641 msgid "" "Name of the objectclass for user overrides. It is used to determine if the " "found override object is related to a user or a group." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:627 +#: sssd-ipa.5.xml:646 msgid "User overrides can contain attributes given by" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:630 +#: sssd-ipa.5.xml:649 msgid "ldap_user_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:633 +#: sssd-ipa.5.xml:652 msgid "ldap_user_uid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:636 +#: sssd-ipa.5.xml:655 msgid "ldap_user_gid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:639 +#: sssd-ipa.5.xml:658 msgid "ldap_user_gecos" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:642 +#: sssd-ipa.5.xml:661 msgid "ldap_user_home_directory" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:645 +#: sssd-ipa.5.xml:664 msgid "ldap_user_shell" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:648 +#: sssd-ipa.5.xml:667 msgid "ldap_user_ssh_public_key" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:653 +#: sssd-ipa.5.xml:672 msgid "Default: ipaUserOverride" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:659 +#: sssd-ipa.5.xml:678 msgid "ipa_group_override_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:662 +#: sssd-ipa.5.xml:681 msgid "" "Name of the objectclass for group overrides. It is used to determine if the " "found override object is related to a user or a group." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:667 +#: sssd-ipa.5.xml:686 msgid "Group overrides can contain attributes given by" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:670 +#: sssd-ipa.5.xml:689 msgid "ldap_group_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:673 +#: sssd-ipa.5.xml:692 msgid "ldap_group_gid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:678 +#: sssd-ipa.5.xml:697 msgid "Default: ipaGroupOverride" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:562 +#: sssd-ipa.5.xml:581 msgid "" "SSSD can handle views and overrides which are offered by FreeIPA 4.1 and " "later version. Since all paths and objectclasses are fixed on the server " @@ -8732,19 +8932,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ipa.5.xml:690 +#: sssd-ipa.5.xml:709 msgid "SUBDOMAINS PROVIDER" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:692 +#: sssd-ipa.5.xml:711 msgid "" "The IPA subdomains provider behaves slightly differently if it is configured " "explicitly or implicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:696 +#: sssd-ipa.5.xml:715 msgid "" "If the option 'subdomains_provider = ipa' is found in the domain section of " "sssd.conf, the IPA subdomains provider is configured explicitly, and all " @@ -8752,7 +8952,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:702 +#: sssd-ipa.5.xml:721 msgid "" "If the option 'subdomains_provider' is not set in the domain section of sssd." "conf but there is the option 'id_provider = ipa', the IPA subdomains " @@ -8764,7 +8964,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:719 +#: sssd-ipa.5.xml:738 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -8772,7 +8972,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:726 +#: sssd-ipa.5.xml:745 #, no-wrap msgid "" "[domain/example.com]\n" @@ -8808,7 +9008,7 @@ msgid "" "This provider requires that the machine be joined to the AD domain and a " "keytab is available. Back end communication occurs over a GSSAPI-encrypted " "channel, SSL/TLS options should not be used with the AD provider and will be " -"superceded by Kerberos usage." +"superseded by Kerberos usage." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> @@ -8856,8 +9056,16 @@ msgid "" "side." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ad.5.xml:79 +msgid "" +"If <quote>auth_provider=ad</quote> or <quote>access_provider=ad</quote> is " +"configured in sssd.conf then the id_provider must also be set to <quote>ad</" +"quote>." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:85 +#: sssd-ad.5.xml:91 #, no-wrap msgid "" "ldap_id_mapping = False\n" @@ -8865,20 +9073,25 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:79 +#: sssd-ad.5.xml:85 msgid "" "By default, the AD provider will map UID and GID values from the objectSID " "parameter in Active Directory. For details on this, see the <quote>ID " "MAPPING</quote> section below. If you want to disable ID mapping and instead " "rely on POSIX attributes defined in Active Directory, you should set " -"<placeholder type=\"programlisting\" id=\"0\"/> In order to retrieve users " -"and groups using POSIX attributes from trusted domains, the AD administrator " -"must make sure that the POSIX attributes are replicated to the Global " -"Catalog." +"<placeholder type=\"programlisting\" id=\"0\"/> If POSIX attributes should " +"be used, it is recommended for performance reasons that the attributes are " +"also replicated to the Global Catalog. If POSIX attributes are replicated, " +"SSSD will attempt to locate the domain of a requested numerical ID with the " +"help of the Global Catalog and only search that domain. In contrast, if " +"POSIX attributes are not replicated to the Global Catalog, SSSD must search " +"all the domains in the forest sequentially. Please note that the " +"<quote>cache_first</quote> option might be also helpful in speeding up " +"domainless searches." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:92 +#: sssd-ad.5.xml:105 msgid "" "Users, groups and other entities served by SSSD are always treated as case-" "insensitive in the AD provider for compatibility with Active Directory's " @@ -8886,38 +9099,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:107 +#: sssd-ad.5.xml:120 msgid "ad_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:110 +#: sssd-ad.5.xml:123 msgid "" "Specifies the name of the Active Directory domain. This is optional. If not " "provided, the configuration domain name is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:115 +#: sssd-ad.5.xml:128 msgid "" "For proper operation, this option should be specified as the lower-case " "version of the long version of the Active Directory domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:120 +#: sssd-ad.5.xml:133 msgid "" "The short domain name (also known as the NetBIOS or the flat name) is " "autodetected by the SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:127 +#: sssd-ad.5.xml:140 msgid "ad_enabled_domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:130 +#: sssd-ad.5.xml:143 msgid "" "A comma-separated list of enabled Active Directory domains. If provided, " "SSSD will ignore any domains not listed in this option. If left unset, all " @@ -8925,7 +9138,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:140 +#: sssd-ad.5.xml:153 #, no-wrap msgid "" "ad_enabled_domains = sales.example.com, eng.example.com\n" @@ -8933,7 +9146,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:136 +#: sssd-ad.5.xml:149 msgid "" "For proper operation, this option must be specified in all lower-case and as " "the fully qualified domain name of the Active Directory domain. For example: " @@ -8941,19 +9154,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:144 +#: sssd-ad.5.xml:157 msgid "" "The short domain name (also known as the NetBIOS or the flat name) will be " "autodetected by SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:154 +#: sssd-ad.5.xml:167 msgid "ad_server, ad_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:157 +#: sssd-ad.5.xml:170 msgid "" "The comma-separated list of hostnames of the AD servers to which SSSD should " "connect in order of preference. For more information on failover and server " @@ -8961,26 +9174,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:164 +#: sssd-ad.5.xml:177 msgid "" "This is optional if autodiscovery is enabled. For more information on " "service discovery, refer to the <quote>SERVICE DISCOVERY</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:169 +#: sssd-ad.5.xml:182 msgid "" "Note: Trusted domains will always auto-discover servers even if the primary " "server is explicitly defined in the ad_server option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:177 +#: sssd-ad.5.xml:190 msgid "ad_hostname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:180 +#: sssd-ad.5.xml:193 msgid "" "Optional. May be set on machines where the hostname(5) does not reflect the " "fully qualified name used in the Active Directory domain to identify this " @@ -8988,19 +9201,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:186 +#: sssd-ad.5.xml:199 msgid "" "This field is used to determine the host principal in use in the keytab. It " "must match the hostname for which the keytab was issued." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:194 +#: sssd-ad.5.xml:207 msgid "ad_enable_dns_sites (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:201 +#: sssd-ad.5.xml:214 msgid "" "If true and service discovery (see Service Discovery paragraph at the bottom " "of the man page) is enabled, the SSSD will first attempt to discover the " @@ -9011,12 +9224,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:217 +#: sssd-ad.5.xml:230 msgid "ad_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:220 +#: sssd-ad.5.xml:233 msgid "" "This option specifies LDAP access control filter that the user must match in " "order to be allowed access. Please note that the <quote>access_provider</" @@ -9025,7 +9238,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:228 +#: sssd-ad.5.xml:241 msgid "" "The option also supports specifying different filters per domain or forest. " "This extended filter would consist of: <quote>KEYWORD:NAME:FILTER</quote>. " @@ -9034,7 +9247,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:236 +#: sssd-ad.5.xml:249 msgid "" "If the keyword equals to <quote>DOM</quote> or is missing, then <quote>NAME</" "quote> specifies the domain or subdomain the filter applies to. If the " @@ -9043,14 +9256,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:244 +#: sssd-ad.5.xml:257 msgid "" "Multiple filters can be separated with the <quote>?</quote> character, " "similarly to how search bases work." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:249 +#: sssd-ad.5.xml:262 msgid "" "Nested group membership must be searched for using a special OID " "<quote>:1.2.840.113556.1.4.1941:</quote> in addition to the full DOM:domain." @@ -9063,7 +9276,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:262 +#: sssd-ad.5.xml:275 msgid "" "The most specific match is always used. For example, if the option specified " "filter for a domain the user is a member of and a global filter, the per-" @@ -9072,7 +9285,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ad.5.xml:273 +#: sssd-ad.5.xml:286 #, no-wrap msgid "" "# apply filter on domain called dom1 only:\n" @@ -9090,24 +9303,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:292 +#: sssd-ad.5.xml:305 msgid "ad_site (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:295 +#: sssd-ad.5.xml:308 msgid "" "Specify AD site to which client should try to connect. If this option is " "not provided, the AD site will be auto-discovered." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:306 +#: sssd-ad.5.xml:319 msgid "ad_enable_gc (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:309 +#: sssd-ad.5.xml:322 msgid "" "By default, the SSSD connects to the Global Catalog first to retrieve users " "from trusted domains and uses the LDAP port to retrieve group memberships or " @@ -9116,7 +9329,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:317 +#: sssd-ad.5.xml:330 msgid "" "Please note that disabling Global Catalog support does not disable " "retrieving users from trusted domains. The SSSD would connect to the LDAP " @@ -9125,12 +9338,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:331 +#: sssd-ad.5.xml:344 msgid "ad_gpo_access_control (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:334 +#: sssd-ad.5.xml:347 msgid "" "This option specifies the operation mode for GPO-based access control " "functionality: whether it operates in disabled mode, enforcing mode, or " @@ -9140,14 +9353,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:343 +#: sssd-ad.5.xml:356 msgid "" "GPO-based access control functionality uses GPO policy settings to determine " "whether or not a particular user is allowed to logon to a particular host." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:349 +#: sssd-ad.5.xml:362 +msgid "" +"NOTE: The current version of SSSD does not support host (computer) entries " +"in the GPO 'Security Filtering' list. Only user and group entries are " +"supported. Host entries in the list have no effect." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:369 msgid "" "NOTE: If the operation mode is set to enforcing, it is possible that users " "that were previously allowed logon access will now be denied logon access " @@ -9160,23 +9381,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:362 +#: sssd-ad.5.xml:382 msgid "There are three supported values for this option:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:366 +#: sssd-ad.5.xml:386 msgid "" "disabled: GPO-based access control rules are neither evaluated nor enforced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:372 +#: sssd-ad.5.xml:392 msgid "enforcing: GPO-based access control rules are evaluated and enforced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:378 +#: sssd-ad.5.xml:398 msgid "" "permissive: GPO-based access control rules are evaluated, but not enforced. " "Instead, a syslog message will be emitted indicating that the user would " @@ -9184,22 +9405,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:389 +#: sssd-ad.5.xml:409 msgid "Default: permissive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:392 +#: sssd-ad.5.xml:412 msgid "Default: enforcing" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:398 +#: sssd-ad.5.xml:418 msgid "ad_gpo_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:401 +#: sssd-ad.5.xml:421 msgid "" "The amount of time between lookups of GPO policy files against the AD " "server. This will reduce the latency and load on the AD server if there are " @@ -9207,12 +9428,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:414 +#: sssd-ad.5.xml:434 msgid "ad_gpo_map_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:417 +#: sssd-ad.5.xml:437 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the InteractiveLogonRight and " @@ -9220,14 +9441,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:423 +#: sssd-ad.5.xml:443 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on locally\" and \"Deny log on locally\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:437 +#: sssd-ad.5.xml:457 #, no-wrap msgid "" "ad_gpo_map_interactive = +my_pam_service, -login\n" @@ -9235,7 +9456,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:428 +#: sssd-ad.5.xml:448 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9247,78 +9468,78 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:441 sssd-ad.5.xml:537 sssd-ad.5.xml:583 sssd-ad.5.xml:628 -#: sssd-ad.5.xml:694 +#: sssd-ad.5.xml:461 sssd-ad.5.xml:557 sssd-ad.5.xml:603 sssd-ad.5.xml:648 +#: sssd-ad.5.xml:714 msgid "Default: the default set of PAM service names includes:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:445 +#: sssd-ad.5.xml:465 msgid "login" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:450 +#: sssd-ad.5.xml:470 msgid "su" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:455 +#: sssd-ad.5.xml:475 msgid "su-l" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:460 +#: sssd-ad.5.xml:480 msgid "gdm-fingerprint" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:465 +#: sssd-ad.5.xml:485 msgid "gdm-password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:470 +#: sssd-ad.5.xml:490 msgid "gdm-smartcard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:475 +#: sssd-ad.5.xml:495 msgid "kdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:480 +#: sssd-ad.5.xml:500 msgid "lightdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:485 +#: sssd-ad.5.xml:505 msgid "lxdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:490 +#: sssd-ad.5.xml:510 msgid "sddm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:495 +#: sssd-ad.5.xml:515 msgid "unity" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:500 +#: sssd-ad.5.xml:520 msgid "xdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:509 +#: sssd-ad.5.xml:529 msgid "ad_gpo_map_remote_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:512 +#: sssd-ad.5.xml:532 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the RemoteInteractiveLogonRight and " @@ -9326,7 +9547,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:518 +#: sssd-ad.5.xml:538 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on through Remote Desktop Services\" and \"Deny log on through Remote " @@ -9334,7 +9555,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:533 +#: sssd-ad.5.xml:553 #, no-wrap msgid "" "ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n" @@ -9342,7 +9563,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:524 +#: sssd-ad.5.xml:544 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9354,22 +9575,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:541 +#: sssd-ad.5.xml:561 msgid "sshd" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:546 +#: sssd-ad.5.xml:566 msgid "cockpit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:555 +#: sssd-ad.5.xml:575 msgid "ad_gpo_map_network (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:558 +#: sssd-ad.5.xml:578 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the NetworkLogonRight and " @@ -9377,7 +9598,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:564 +#: sssd-ad.5.xml:584 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Access " "this computer from the network\" and \"Deny access to this computer from the " @@ -9385,7 +9606,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:579 +#: sssd-ad.5.xml:599 #, no-wrap msgid "" "ad_gpo_map_network = +my_pam_service, -ftp\n" @@ -9393,7 +9614,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:570 +#: sssd-ad.5.xml:590 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9405,22 +9626,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:587 +#: sssd-ad.5.xml:607 msgid "ftp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:592 +#: sssd-ad.5.xml:612 msgid "samba" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:601 +#: sssd-ad.5.xml:621 msgid "ad_gpo_map_batch (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:604 +#: sssd-ad.5.xml:624 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " @@ -9428,14 +9649,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:610 +#: sssd-ad.5.xml:630 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a batch job\" and \"Deny log on as a batch job\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:624 +#: sssd-ad.5.xml:644 #, no-wrap msgid "" "ad_gpo_map_batch = +my_pam_service, -crond\n" @@ -9443,7 +9664,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:615 +#: sssd-ad.5.xml:635 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9455,17 +9676,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:632 +#: sssd-ad.5.xml:652 msgid "crond" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:641 +#: sssd-ad.5.xml:661 msgid "ad_gpo_map_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:644 +#: sssd-ad.5.xml:664 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the ServiceLogonRight and " @@ -9473,14 +9694,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:650 +#: sssd-ad.5.xml:670 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a service\" and \"Deny log on as a service\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:663 +#: sssd-ad.5.xml:683 #, no-wrap msgid "" "ad_gpo_map_service = +my_pam_service\n" @@ -9488,7 +9709,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:655 sssd-ad.5.xml:730 +#: sssd-ad.5.xml:675 sssd-ad.5.xml:750 msgid "" "It is possible to add a PAM service name to the default set by using <quote>" "+service_name</quote>. Since the default set is empty, it is not possible " @@ -9499,19 +9720,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:673 +#: sssd-ad.5.xml:693 msgid "ad_gpo_map_permit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:676 +#: sssd-ad.5.xml:696 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always granted, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:690 +#: sssd-ad.5.xml:710 #, no-wrap msgid "" "ad_gpo_map_permit = +my_pam_service, -sudo\n" @@ -9519,7 +9740,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:681 +#: sssd-ad.5.xml:701 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9531,39 +9752,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:698 +#: sssd-ad.5.xml:718 msgid "polkit-1" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:703 +#: sssd-ad.5.xml:723 msgid "sudo" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:708 +#: sssd-ad.5.xml:728 msgid "sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:713 +#: sssd-ad.5.xml:733 msgid "systemd-user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:722 +#: sssd-ad.5.xml:742 msgid "ad_gpo_map_deny (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:725 +#: sssd-ad.5.xml:745 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always denied, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:738 +#: sssd-ad.5.xml:758 #, no-wrap msgid "" "ad_gpo_map_deny = +my_pam_service\n" @@ -9571,12 +9792,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:748 +#: sssd-ad.5.xml:768 msgid "ad_gpo_default_right (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:751 +#: sssd-ad.5.xml:771 msgid "" "This option defines how access control is evaluated for PAM service names " "that are not explicitly listed in one of the ad_gpo_map_* options. This " @@ -9589,57 +9810,57 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:764 +#: sssd-ad.5.xml:784 msgid "Supported values for this option include:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:768 +#: sssd-ad.5.xml:788 msgid "interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:773 +#: sssd-ad.5.xml:793 msgid "remote_interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:778 +#: sssd-ad.5.xml:798 msgid "network" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:783 +#: sssd-ad.5.xml:803 msgid "batch" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:788 +#: sssd-ad.5.xml:808 msgid "service" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:793 +#: sssd-ad.5.xml:813 msgid "permit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:798 +#: sssd-ad.5.xml:818 msgid "deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:804 +#: sssd-ad.5.xml:824 msgid "Default: deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:810 +#: sssd-ad.5.xml:830 msgid "ad_maximum_machine_account_password_age (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:813 +#: sssd-ad.5.xml:833 msgid "" "SSSD will check once a day if the machine account password is older than the " "given age in days and try to renew it. A value of 0 will disable the renewal " @@ -9647,17 +9868,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:819 +#: sssd-ad.5.xml:839 msgid "Default: 30 days" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:825 +#: sssd-ad.5.xml:845 msgid "ad_machine_account_password_renewal_opts (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:828 +#: sssd-ad.5.xml:848 msgid "" "This option should only be used to test the machine account renewal task. " "The option expects 2 integers separated by a colon (':'). The first integer " @@ -9667,12 +9888,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:837 +#: sssd-ad.5.xml:857 msgid "Default: 86400:750 (24h and 15m)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:846 +#: sssd-ad.5.xml:866 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -9683,19 +9904,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:876 +#: sssd-ad.5.xml:896 msgid "Default: 3600 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:892 +#: sssd-ad.5.xml:912 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:905 +#: sssd-ad.5.xml:925 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -9705,12 +9926,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:928 sss_rpcidmapd.5.xml:76 +#: sssd-ad.5.xml:948 sss_rpcidmapd.5.xml:76 msgid "Default: True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1020 +#: sssd-ad.5.xml:1040 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -9718,7 +9939,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1027 +#: sssd-ad.5.xml:1047 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -9733,7 +9954,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1047 +#: sssd-ad.5.xml:1067 #, no-wrap msgid "" "access_provider = ldap\n" @@ -9742,7 +9963,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1043 +#: sssd-ad.5.xml:1063 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -9750,7 +9971,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1053 +#: sssd-ad.5.xml:1073 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -9760,7 +9981,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1061 +#: sssd-ad.5.xml:1081 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " @@ -10070,33 +10291,79 @@ msgid "" "files for every SSSD service and domain." msgstr "" +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:94 +msgid "" +"This option is deprecated. It is replaced by <option>--logger=files</option>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sssd.8.xml:101 +#, fuzzy +#| msgid "" +#| "<option>-r</option>,<option>--remove-group</option> <replaceable>GROUPS</" +#| "replaceable>" +msgid "<option>--logger=</option><replaceable>value</replaceable>" +msgstr "" +"<option>-r</option>,<option>--remove-group</option> <replaceable>GROUPS</" +"replaceable>" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:105 +msgid "" +"Location where SSSD will send log messages. This option overrides the value " +"of the deprecated option <option>--debug-to-files</option>. The deprecated " +"option will still work if the <option>--logger</option> is not used." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:112 +msgid "" +"<emphasis>stderr</emphasis>: Redirect debug messages to standard error " +"output." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:116 +msgid "" +"<emphasis>files</emphasis>: Redirect debug messages to the log files. By " +"default, the log files are stored in <filename>/var/log/sssd</filename> and " +"there are separate log files for every SSSD service and domain." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:122 +msgid "" +"<emphasis>journald</emphasis>: Redirect debug messages to systemd-journald" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:97 +#: sssd.8.xml:132 msgid "<option>-D</option>,<option>--daemon</option>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:101 +#: sssd.8.xml:136 msgid "Become a daemon after starting up." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:107 sss_seed.8.xml:136 +#: sssd.8.xml:142 sss_seed.8.xml:136 msgid "<option>-i</option>,<option>--interactive</option>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:111 +#: sssd.8.xml:146 msgid "Run in the foreground, don't become a daemon." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:117 +#: sssd.8.xml:152 msgid "<option>-c</option>,<option>--config</option>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:121 +#: sssd.8.xml:156 msgid "" "Specify a non-default config file. The default is <filename>/etc/sssd/sssd." "conf</filename>. For reference on the config file syntax and options, " @@ -10105,39 +10372,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:135 +#: sssd.8.xml:170 msgid "<option>--version</option>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:139 +#: sssd.8.xml:174 msgid "Print version number and exit." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.8.xml:147 +#: sssd.8.xml:182 msgid "Signals" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:150 +#: sssd.8.xml:185 msgid "SIGTERM/SIGINT" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:153 +#: sssd.8.xml:188 msgid "" "Informs the SSSD to gracefully terminate all of its child processes and then " "shut down the monitor." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:159 +#: sssd.8.xml:194 msgid "SIGHUP" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:162 +#: sssd.8.xml:197 msgid "" "Tells the SSSD to stop writing to its current debug file descriptors and to " "close and reopen them. This is meant to facilitate log rolling with programs " @@ -10145,12 +10412,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:170 +#: sssd.8.xml:205 msgid "SIGUSR1" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:173 +#: sssd.8.xml:208 msgid "" "Tells the SSSD to simulate offline operation for the duration of the " "<quote>offline_timeout</quote> parameter. This is useful for testing. The " @@ -10159,12 +10426,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:182 +#: sssd.8.xml:217 msgid "SIGUSR2" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:185 +#: sssd.8.xml:220 msgid "" "Tells the SSSD to go online immediately. This is useful for testing. The " "signal can be sent to either the sssd process or any sssd_be process " @@ -10172,7 +10439,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.8.xml:197 +#: sssd.8.xml:232 msgid "" "If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", client " "applications will not use the fast in memory cache." @@ -12530,7 +12797,7 @@ msgid "" "project was born to deal with this problem in cloud like environments, but " "we found the idea compelling even at a single system level. As a security " "service, SSSD is ideal to host this capability while offering the same API " -"via a Unix Socket. This will make it possible to use local calls and have " +"via a UNIX Socket. This will make it possible to use local calls and have " "them transparently routed to a local or a remote key management store like " "IPA Vault for storage, escrow and recovery." msgstr ""